Trend Cloud Security Blog – Cloud Computing Experts

Security belongs in the cloud, not on the chip

The noise about cloud computing is getting louder as the year goes on (Yankee Group:  Infrastructure as a Service now a bona fide cloud strategy, Nimbula: ‘Cloud computing’ start-up wins $15M from Accel, Sequoia, Ready or not, cloud is coming) . Usually fads of the IT industry fade quite quickly after the press and analysts are unable to find more newsworthy angles. Further, while enterprise customers are saying public cloud use is two to three years away, they are busy increasing virtualization penetration and planning private clouds. 

As a security company Trend Micro has invested heavily in public cloud infrastructure as part of the Smart Protection Network. We saw no other way to deal with the threat environment that now produces millions of malicious files each week and leverages “fixed” devices like PCs and servers in addition to mobile devices like laptops, smartphones, and tablets. We now live in a world where a billion plus spam run comes and goes within six hours. And a world where a website compromised for an hour can add 10,000 bots to a botnet. Only an instant-on, any-device-access cloud that is capable of handling large volumes of new threats within seconds can provide protection to customer infrastructure. Notice I said “protection” rather than “detection” (detection is a whole different blog post!). 

I do not often talk about Trend Micro’s competitors in a public forum, but the news has been dominated by Intel’s recently announced $7B+ acquisition of McAfee. Again it’s not for me to comment on valuations or strategic fit (Forrester and others can do that), but the basic premise of the acquisition was that security could be embedded on a chip (an Intel chip, not an AMD chip, of course!). This is even more complex than what network vendors like Cisco and Juniper do by implementing security inside their ASIC-orientated network devices. Yes, it can be done but only around security systems which are mature. Firewalls are good examples. Unfortunately the bad guys are still very much in business given the amount of money they generate, and they pride themselves on adapting to what the security industry throws at them.  I’m not an expert, but microprocessor development life cycles seem to be 3+ years. That’s an absolute lifetime in the security industry. 

The other major factor that drives the security industry is IT infrastructure. As I stated at the beginning of this post, virtualization is a top priority for IT managers today because it provides cost savings and a more flexible application deployment environment.  The goal is to commoditize servers and the chips within them – not make them a critical element. Infrastructure changes affect security solutions by changing the way they are deployed:  agent vs. agent-less, appliance vs. virtual appliance, etc.  The intersection of Security and Compliance with IT Operations is far more important to customers than having a chip that supports antivirus (if indeed this were ever possible).  Not to mention, how do you protect mobile devices that are not built upon a secure chip model (Intel is not ubiquitous in the smartphone or tablet markets)? 

So my prediction is that cloud adoption will accelerate and customers will continue to push basic infrastructure such as servers and switches to become commoditized as part of the cost savings equation. Security vendors will need to balance the rapidly changing threat environment with the need to fit cost effectively within the evolving infrastructure. This will be difficult enough using the software or SaaS (Software as a Service) model, never mind doing it with a 25nm microprocessor.