A number of vendors in addition to Vyatta now offer security wares for virtual networks. Catbird Networks, for example, offers vSecurity, a product for securing virtualized and private cloud data centers. The company late last year obtained an investment from Medina Capital. At the time, Medina said in a statement that "software-defined security will largely replace physical appliances" in data centers within the next five years.
Other vendors operating in this market include Cisco Systems, Hewlett-Packard, HyTrust, Juniper Networks and VMware. Cisco in February launched its Nexus 1000V InterCloud product, which the company says securely extends virtual networks from company data centers to cloud service providers.
Vendors offer point solutions such as virtual firewalls, but they also provide integrated offerings under the umbrella of software-defined security or, more broadly, software-defined networking (SDN). Emerging SDN technologies, however, have yet to meet wide market acceptance.
Weber calls SDN "a really good idea" but adds that the technology is not yet ready for commercial cloud environments. He says it will be at least five years before SDN achieves the sophistication and critical mass to attract buyers beyond the initial set of early adopters.
Hill says organizations with large investments in Cisco infrastructure, for example, haven't been quick to virtualize the firewall and network security. "Very few of our customers have been moving in this direction," he adds, noting that customers nevertheless express interest in the technology.
Business Impact of Virtualized Security: Simpler Cloud Adoption
That said, adoption of virtualized network security can bolster a company's business model.
For example, dinCloud targets SMBs and aims to simplify their cloud adoption, which includes security considerations. Weber says companies that have downsized may not have the personnel to devote to security. In any event, protecting networks isn't their core business.
SMB customers, all the same, may have fairly hefty security requirements. Weber says one dinCloud customer wanted 500 point-to-point tunnels through its firewall. "We are managing that for them," he says. "Our goal is to make it as easy as possible."
Dan Tuchler, senior director product management and marketing at Vyatta, says that virtualized network security can also enable more sophisticated cloud options for customers. A company with virtual machines in the cloud often inhabits a single, large subnet. This situation makes it difficult for customers to build applications as they have in the past, he notes.
A company, for instance, may be accustomed to creating a Web-facing application consisting of Web server, business logic and database tiers, with each tier segmented on its own subnet. Routers connect the subnets and firewalls protect the tiers. Replicating that setting in the virtual environment could require the customer to establish separate subnets in the cloud. Traffic would flow from one cloud subnet to the data center through a router and then back to the other cloud subnet.
Sign up for CIO Asia eNewsletters.