Cloud computing: Security threats and next-generation firewalls

Cloud computing encompasses an increasingly broad array of uses from applications to data services, virtualization, software and platform as a service. However, instead of viewing the cloud as the utopia IT architecture for all enterprises, the cloud is in fact one of multiple options towards a more efficient, responsive and available IT infrastructure. Rather than an immediate migration, there’s still a lot to do in terms of data center consolidation, segmentation, securing your virtualized infrastructure, and safely enabling data center applications.

Within Asia Pacific, and as reported by CNC Data and the Synergy Research Group, corporate spending on cloud and data centre infrastructure reached almost US$10 billion in 2012, a 21 per cent increase from 2011. The adoption and expansion of cloud, mobile, and wireless technologies have also created new and different threats to the network, therefore increasing the scope of the IT security products market.

Based on the Asia Pacific Application Usage and Threat Report from Palo Alto Networks, findings show that application vulnerability exploits target high-value business applications.2 Hence, the real security risk lies with a clutch of 9 popular applications that accounted for 98 per cent of all software exploits, where 7 of these applications are internal/ infrastructure applications (databases, Active Directory, RPC, etc.).

The application and threat patterns dispel the position that social networking, filesharing and video applications are the most common threat vectors, while reaffirming that internal applications are highly prized targets. Rather than use more obvious, commercially available applications, it has been shown that attackers are masking their activities through custom or encrypted applications where nearly 100% of the malware logs (botnets, spyware, keyloggers, etc.) were found in only 4 applications – with the bulk of the logs (45%) masking themselves as custom or unknown UDP.

As threats and attackers innovate as quickly as virtualization has, it is critically important to ensure that modern security controls are developed and placed into our virtualized data centers. Regardless of whichever challenge you’re tackling now and whether or not you’re heading to the clouds, we’re here to help. In fact, we have leveraged many of the benefits and characteristics of cloud computing technologies within our next-generation firewall solution.

Cloud Computing Might

For example, that same cloud computing benefit can now be extended to optimize and accelerate security analysis, which is exactly what Palo Alto Networks is doing with WildFire.

With WildFire, we are harnessing the computational power of cloud to analyze unknown files for malicious behaviors as part of a comprehensive strategy to tackle modern malware. The power of the cloud enables hundreds of thousands of files to be analyzed in minutes, with a platform for malware that lets it do exactly what an attacker intended it to do. This means the malware can be observed in a protected cloud “sandbox” without impacting an enterprise’s network. This would be much harder to do inline, with an on-premise appliance.