Spirent Pushing New Testing for Cloud Security
New cloud services are a major opportunity for service providers, but they also have created new testing challenges, according to test vendor Spirent Communications plc .
Spirent recently landed a contract with Chunghwa Telecom Laboratories , the research and development arm of Chunghwa Telecom Co. Ltd. (NYSE: CHT), to validate its cloud computing environment, and is actively promoting its test capabilities for the cloud. (See Spirent Helps Chunghwa Test Cloud.)
The test equipment is used to create conditions in the lab that exist in the real world, such as Internet-based attacks, and to validate what Spirent calls the PASS of cloud environments: performance, availability, security, and scalability.
Service providers hoping to sell cloud-based services to enterprises must be able to prove the security of those services in the virtual environment, says Ankur Chadda, senior product marketing manager for application and security at Spirent.
"In a multi-tenant situation, the service provider has to make sure there is not a proliferation of traffic between two virtually hosted services, which are just on a single physical infrastructure," Chadda says.
Service providers will have to offer Service Level Agreements (SLAs) that guarantee the protection of data, and to do that, they will have to be able to test the virtual environment end to end, from where the content or data enters the cloud to where it is delivered.
"You also have new things in the cloud environment that you didn't have in the past -- for instance, if you are moving a service from one infrastructure location to another, what is the impact of that and how do security policies get mapped?" Chadda says.
What Spirent is providing to Chungwa Telecom is the ability to test the performance of its cloud environment in a lab setting to determine how it will perform and how security is impacted, in the case of a major denial-of-service attack or other security threat, for example. Spirent also can test Secure Socket Layer (SSL) and IP Sec–based traffic and virtual firewalls.
"In the testing environment, we don't necessarily look just at the attack; it is also important to look at how your performance was impacted for the secure traffic," Chadda says. "Even if you stop the attack, if the network performance takes a huge hit, your security solution might not be good enough."
— Carol Wilson, Chief Editor, Events, Light Reading