Chapter 5. Security Services
This chapter describes important security services required in cloud and data center networks to combat the continuously evolving security threats and to comply with regulatory issues.
Security threats can be external (coming from the network) or internal (from compromised applications). Today’s solutions either assume that application/hypervisor/OS can’t be compromised, or network-based security models consider the network trusted and locate the enforcement points only at the periphery.
Both approaches need scrutiny; for example, in the wake of Spectre and Meltdown [1], we can’t trust a compromised host, OS or hypervisor. Similarly, it is crucial to limit the ability to move laterally (in East-West direction) to ...
Get Building a Future-Proof Cloud Infrastructure: A Unified Architecture for Network, Security, and Storage Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
