Securing the Next-Generation Data Center with Software-Defined Security

Security must evolve to move at the speed of digital business.

To speed the delivery of IT-enabled services to the business, enterprises are transforming data centers into pools of dynamically allocatable compute, storage and networking resources, referred to as the software-defined data center (SDDC).

The primary goal of the SDDC is agility and speed by enabling IT-enabled services to be quickly, and transparently, provisioned, moved and scaled across network segments, across data centers, and potentially, into the cloud independent of the physical infrastructure underneath.

Speaking at the Gartner Data Center, Infrastructure and Operations Management Conference in Las Vegas, Neil MacDonald, vice president and distinguished analyst at Gartner, said that security, like the rest of data center infrastructure, needs to become software defined. For software defined security, the primary goal must be to ensure that the appropriate security controls automatically remain in place, regardless of where an application moves, whether on-premises or to public clouds.

“Information security infrastructure is too rigid and static to support the rapidly changing needs of digital business, or to provide effective protection in a rapidly changing threat environment,” says MacDonald. “Enterprises must evolve information security to support increasingly dynamic and adaptive data centers.”

Securing Software-Defined Data Centers
The vision of a SDDC is one where all IT infrastructure is virtualized and delivered as a service – and where the management model for these services is abstracted from being managed one box at a time to a policy-based, system-wide view.

For many organizations, the first phases of a transformation to a SDDC will involve software-defined network (SDN). SDN and information security services must integrate and communicate with the network controller. To enable this, enterprises should ensure that the next generation of information security services explicitly integrate with, communicate with, and understand SDN.

The CIO Executive Communication Guide

Speak the language of the C-suite to communicate the business value of IT

Get free e-book

Evolving Into Software-Defined Security
Beyond integration with SDN, information security itself will evolve to become software-defined, where the management model for security services is abstracted from being managed one box at a time to a policy-based, network-wide view. This enables security policies to be broadly, and logically, defined and these policies to be enforced without individual security appliances having to be reprogrammed.

“Looking beyond the hype around ‘software-defined,’ enterprises must evolve information security to support increasingly dynamic and adaptive data centers,” says MacDonald. “Even if the enterprise’s virtualized data center doesn’t adopt SDN, changes in security will be needed as applications become more mobile and move to public cloud.”

Longer term, adaptive security infrastructure will become driven by models defined in software – “software-defined security”(SDSec) – providing increased protection from emerging threats, and faster support of changing business and regulatory requirements.

What is SDSec All About?

“It is inevitable that your organization will want to purchase externally provisioned services and applications, as well as cloud-based infrastructure,” says McDonald. “Prices will continue to drop as functionality increases. Information security must be prepared to enable this shift. If you do not require security vendors to support this vision now, it will be harder to do so over time.”



Gartner clients can find more information on software-defined security in the report “The Impact of Software-Defined Data Centers on Information Security,” by Neil MacDonald, et al.

Read complimentary research: Managing Risk and Security at the Speed of Digital Business

Watch the webinar: 10 Critical Elements for a Successful Risk Management Program

Get Smarter

Gartner Security & Risk Management Summits

The latest insights on IT trends, evolving security tech and the ever-changing threat landscape.

Explore Gartner Conferences

2019-2021 Emerging Technology Roadmap for Large Enterprises

We gathered expertise from IT professionals across 198 organizations to benchmark adoption stages and risk and value factors for 108 infrastructure and operations technologies for this year. The emerging technologies profiled are spread across six technology buckets: compute and storage, compute and storage (cloud), digital workplace, IT automation, network and security.

Read Free Gartner Research


Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching