The ‘webification’ of the data centre changes everything

The world has changed. The web has changed. The data we touch and interact with everyday has changed -- and the data delivery mechanisms that we have come to rely upon have changed.

Much of this new data reality is driven by the fact that the data centres that deliver our increasingly cloud-based applications have undergone a process of so-called ‘webification’ where connectivity is a central function of their very existence.

Where a decade ago we saw data centres proud enough of their 100Mbps (and sometimes more) web connection speeds, today it is quite normal to see 40G to 100G and beyond pumping the flow of application and data throughput.

Inherent security challenges

This fundamental change in data transport and residence brings with it inherent security challenges, many of them new. The network security professional today needs to be able to plan and provision for advanced persistent threats and DDoS attacks that may target an operational environment that has to handle as many as tens of millions of concurrent connections.

While traditional firewalls are designed to provide security across a wide range of protocols, the number of protocols that need to be protected in the data centre has actually decreased. But the challenge now is more subtle i.e. traditional firewalls are not designed specifically to handle the massive “volume, variety, and size” of the threats aimed at this narrow range of protocols.

Though all reputable firewalls can adequately secure the enterprise perimeter, they don’t necessarily scale up to meet large data centre performance requirements.

The network firewall is dead

This is why a new data centre firewall architecture model is emerging, based on full-proxy, high connection-capacity Application Delivery Controllers at the edge of the network, ensuring standards-based compliance while significantly lowering CapEx by eliminating firewall devices and upgrades and maximising other data centre resources.

As this new architecture model grows and firewalls begin to be ‘architected out’ of what we come to regard as state-of-the-art data centre design, we start to see the next-generation Application Delivery Controllers truly come of age. This new breed of implementations sees ADCs in residence, inside the demilitarised zone of the edge of the network providing the broadest range of application services seen yet.

Find out more here: http://www.f5.com/solutions/security/data-center-firewall.html