If you’re a frequent flier on our blog, you’ve heard a lot of talk about compliance and security. That’s understandable, given how critical they are. Today we’re going to shift gears and talk about something else that’s important: security and performance.
Traditional school of thought propagates the belief that security and performance is a zero-sum game – that introducing security impacts performance of an application, networking device, or an overall IT infrastructure. Such a belief creates concern over a tradeoff that puts IT organizations in a precarious position to prioritize one against the other. Ideally, this tradeoff should not exist. Realistically, there must be a way to enhance performance and security without one detracting from the other.
There is a way. And ironically, the equation requires the liberal inclusion of the very variable that traditionally plays the role of antagonist – security. At Armor, we take a creative approach to architecting our secure cloud. We build in security from the ground up. We do not bolt it on. We do not subject customers to a do-it-yourself, figure-it-out-yourself security model. And we apply a multilayered approach to protecting the cloud that includes weeding out bad actor traffic before it enters the infrastructure, thereby reducing traffic volume, performance burdens, and resource requirements on infrastructure devices and applications alike.
If you’ve only experienced services from generalist cloud providers, you might be cynical, and we understand. Vendors, providers, and customers have been programmed to consider security as a performance tax, making it a lower priority. After all, security consumes valuable resources like processing power and bandwidth. It’s like a football player who, if you strip off pads, can run a 40-yard dash in record time. Put the gear on him, and that added weight will slow him down. He may cross the goal line, but it will take more energy at a slower clip.
We know what customers want – they want their applications to run fast. Which is why as a secure cloud provider, Armor has developed a unique infrastructure that delivers uncompromising speed and security. So let’s look at the synergy between the two; how they can benefit from each other and how one sets up the other.
Here’s how we do it.
- Security built from ground up. Armor’s infrastructure is born secure. We don’t bolt on security controls after the fact, as many providers do. A system that is constructed with security in mind means that risk management controls work naturally and efficiently with the components and seeks to eliminate “air gaps” in security. Bolting on security controls lacks this natural cohesion and often leads to clumsy performance. Many providers who provide a “Frankenstein” bolt-on option to security put the customer in a do-it-yourself position that can lead to poor implementation and infrastructure inefficiencies. Such a “DIY” approach puts pressure on the customer’s IT organization, especially if it lacks sufficient security expertise and training.
- Multi-layered security. Armor applies numerous layers of defense throughout the infrastructure, from the physical to the application layer. This includes three layers of defenses before traffic even hits its secure cloud infrastructure: IP reputation filtering, DDoS prevention, and web application firewalling. The goal is to remove as much bad actor traffic before it enters the infrastructure, benefiting both security and performance. By keeping some of the fight outside, Armor reduces the infrastructure resources needed to support applications and data compared to other providers who have to process good and bad traffic within their walls. Other architectural tricks, such as utilizing virtual firewalls embedded in hypervisors, reduce traffic flows across the infrastructure while insulating virtual machines and applications with better protection. These virtual firewalls are deployed using the principals of a “positive security model” whereby what is allowed is explicitly defined, and everything else is rejected.
- Orchestration. The IT vendor industry is trying to crack the code on orchestration in the cloud. Armor did years ago – for security as much as the infrastructure itself. This gives customers an extremely dynamic and sophisticated secure cloud to support their business. Our unique and finely-tuned orchestration allows all of the infrastructure pieces to work smoothly as a system in a more automated, real-time manner. This synergy assists with performance, because orchestration’s impact on each security layer creates a more automated, real-time, and efficiently managed system. It also allows Armor to constantly evaluate new technologies and swap in better offerings to enrich the infrastructure’s performance and security.
Ultimately, our creative approach to building a secure cloud maximizes the use of infrastructure resources. By weeding out bad actor traffic, demand is reduced so there’s less processing power required, which equates to better security and faster performance for both the infrastructure and applications. If you compare us to other cloud providers, we end up requiring less infrastructure resources to support the same application, producing greater cost avoidance for the customer as a result. Consider Armor’s built-in security and the comparison becomes apples to oranges in terms of value, protection, and efficiency.
It is important not to listen to providers or product vendors who say that performance and security in the cloud is a zero-sum choice. Demand both. With the artful combination of a multilayered security strategy and secure cloud infrastructure, you can have both.