The Cloud and Appliances

Some companies, as a matter of fact, are already using managed Cloud-based security services without even realizing it. Case in point: securing email.  Many products actually use a Cloud-based service to secure email, filter spam, scan for viruses and quarantine malware.  That is especially true if you are using a hosted email solution; and sometimes true when not.

For example, some of the appliance-based solutions actually work with remote scanning engines to protect email—in effect the security function is happening in the Cloud. Why am I mentioning this? Simply put, it shows that some security services deserve to be in the cloud.  They work very well when they, like email, must traverse the cloud with little latency.

Here’s the $64,000 question, however: What if the traffic is not just email?  What about other internet traffic, such as secured and non-secured browsing, applications or any other number of internet usage scenarios? Can they be protected via a hosted-security model?

Several vendors think so.  Some are purely Cloud-based entities.  Others leverage a hybrid approach of putting an appliance onsite to reduce latency and accelerate WAN traffic, while doing the hardcore security processing in the Cloud across server farms located in remote datacenters.

For SMBs, it comes down to a case of pay now or pay later. If a small business uses Cloud-based applications and servers—or, more appropriately, Infrastructure as a Service—then relying on a Cloud-based security provider, such as CloudPassage makes a great deal of sense. The advantages include low upfront costs, easier management and the ability to shift the technical burden (and perhaps blame) to an external party.

However, there is a price to pay beyond a dollar value.  That price comes in the form of latency, bandwidth limitations and processing overhead. The trick here is to understand how much of your traffic actually traverses the Cloud, as opposed to how much traffic moves within your LAN.

All things considered, Security as a Service is a viable option for today’s small businesses. However, IT pros must vet these services and calculate the cost of latency, bandwidth and other elements before signing on the dotted line. For those that are uncomfortable with all of their traffic flying around on the Web (via secure tunnels to a SaaS provider), there are still plenty of locally installed on premise solutions, which can secure networks. But these require significantly more upkeep and high initial investments.