COLUMN

App service cloud could boost security, manageability

By Eric Ogren 11 May 2009 | SearchSecurity.com Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

One way for IT to dip their toe in the cloud computing waters is by providing internal users with a corporate hosted application service that IT controls. This gives IT the ability to monitor usage patterns and could reduce operating expenses. The key capability of an application service is to deliver compliant applications and desktops to end users with performance close to what would be experienced if the applications were locally installed.

The well-known benefits of a virtual datacenter are centered around application density – the greater the yield in applications per server, the fewer servers are required with resultant savings in power, cooling, real estate and IT management. The ability to consolidate datacenters and reduce the number of servers is the major market driver for VMware ESX and VMotion functionality. However, endpoint virtualization actually shifts some processing onto datacenter servers so the cost savings are different than with server virtualization. The emerging benefits of endpoint virtualization are focused on controlling endpoints from the datacenter with major benefits in enhanced security, endpoint management savings and freedom of device choice for end users. The ability for end users to always run clean copies of Windows applications, regardless of device or location, are the major market drivers for Citrix Delivery Center and Microsoft Terminal Services.

Citrix Systems: Citrix virtual desktop, app delivery controller includes security benefits: Citrix Systems' Receiver simplifies secure VDI deployments; NetScaler VPX offers portable Web application firewall combined with application acceleration and network features. Video: Who should secure virtual IT environments? Security blogger Chris Hoff and Citrix CTO Simon Crosby discuss whether security companies or virtualization vendors should be responsible for the security of virtual environments. Virtualization security moves to the fore in 2009: Virtualization platform vendors such as VMware and Citrix gear up to enhance security, as mainstream security companies slowly adapt.

The unveiling of Citrix Receiver and Citrix Dazzle builds a tangible example of how enterprises can create a corporate application service. IT hosts an application selection service based on the iTunes look and feel from which end users select the IT-provided application packages and desktops they need to do their jobs. Receiver software transparently chooses the optimal mechanism for the user to run the application, determining if the application should be streamed for local processing or can be virtualized to run in the datacenter with a localized user interface. Mostly importantly for security teams, whether the user is on a company laptop, home computer or personal iPhone, the user can run an approved copy of a Windows application. IT achieves authenticated access control to applications, security-conscious configurations of desktops, applications and browsers, control of sensitive data, and centralized auditing to monitor acceptable use policies without having to micromanage endpoints. Virtualization can change traditional security approaches -- a disruptive concept for IT and security teams.

Most organizations look to application services for remote users and repetitive task workers such as data entry positions, bank tellers and employees working from home where the endpoint is shared or otherwise not easily managed. The application services approach broadens the appeal to office workers as well as the remote work force.

SearchSecurity radio:

VMware vSphere is excellent and recommended for datacenter applications, but is disappointing for virtualized desktops and endpoint applications. Medium-tier organizations find Microsoft Terminal Services to be a good, an easy to manage option for basic application remote display functionality. SMB organizations allocate a server in the equipment room for a single point of application installation, patching, and upgrade; end users click on an icon to remotely execute the application. Technically savvy staff may use Parallels Virtual Desktop Infrastructure to build their own tools for endpoint security. Citrix installed base now has a head start in delivering application services to their user community. Endpoints are viewed as the weakest link in the security profile. Virtualizing endpoints via application services can get IT out of the business of managing and securing endpoints.

Tags: Virtualization Security Issues and Threats,  Secure SaaS: Cloud services and systems,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Virtualization Security Issues and Threats Cloud computing data security starts with internal strategy, experts say PCI virtualization SIG closer to proposing changes to standard Security challenges with cloud computing services Secure virtual desktop software enables remote client security Security threats to virtual environments less theoretical, more practical At VMworld 2009, companies focus on virtual desktops for security Security fundamentals remain focus of virtualization deployments How to implement virtual firewalls in a complex network infrastructure How to find virtual machines for greater virtualization compliance Quiz: Virtualization and compliance Secure SaaS: Cloud services and systems Cloud computing data security starts with internal strategy, experts say Network security expert urges hardening of cloud protocols Security challenges with cloud computing services Is Identity Management as a Service (IDaaS) a good idea? Burton Group warns of cloud computing risks Researchers say search, seizure protection may not apply to SaaS data McAfee to acquire email SaaS vendor MX Logic How secure is 'Platform as a Service (PaaS)?' When to use the service features of the Metasploit hacking tool Cloud-based security services should start private

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary