NFV. VNF. These two terms generate quite the buzz. They have become table stakes in the active trek to the cloud that is well underway in most enterprises and service providers. With the advent of network function virtualization, legacy security technologies that depend on expensive proprietary hardware, legacy network classification and security policy options, and complex and inflexible management are being replaced (or ignored) as the very foundations of the network are being redefined.
As we’ve said many times, virtualization has created a rift in security. There are those who believe that deploying a virtualized version of a legacy security appliance product is ‘good enough’ for now. And then there are those who don’t. We are solidly in that latter camp. We believe that security is both an enabler and an inhibiter of virtualization, in general, and of NFV, in particular. Unless the virtualization technology, networking technology, and security technology are all equally next-generation, we believe that the ensuing system is insecure and, hence, inoperable.
This is why our work with Mirantis is so meaningful. It is clear to us and our customers that OpenStack has found its way into their cloud architectures because of its open approach to innovation and novel ways of driving features, quality and adoption throughout enterprises and service providers. For example, secure OpenStack clouds provide high levels of visibility and control at a user, application, and content level with full carrier-grade network address translation (CGNAT) capability for service providers. It allows enterprises to implement a “Zero Trust” (never trust, always verify) security model that prevents and contains new attacks across the entire attack lifecycle.
Our relationship with Mirantis adds to our recognition of the importance of driving next-generation security into next-generation architectures. We already do that with VMware NSX, Amazon Web Services (AWS), Kernel-based Virtual Machine (KVM), Citrix NetScaler SDX, and now with Mirantis OpenStack. Soon, we’ll add Microsoft to this select group of partners.
[Palo Alto Networks Blog]