Data center security services are a critical part of protecting an enterprise, so assembling the right mix of security tools and solutions is critical. Clearly, data center security is extraordinarily difficult: it encompasses a wide array of issues, challenges and threats. Infrastructure management typically requires a focus on factors as diverse as remote infrastructure management, data center operations, IT infrastructure and project engineering, virtual desktop support and cybersecurity.
Adding still more complexity is the need to support strong security across multiple applications, vendors and cloud computing platforms. In many cases, data center security services span countries and continents — and reaches into business partnerships and supply chains. Today, data – driven the the growth of Big Data – resides in conventional databases but also in virtualized spaces, including everything from containers to microservices. It’s vital to have the right solutions to manage these data center security challenges holistically.
Of course, every computing environment is different and it’s important to find and implement the right data center security services for each scenario. For instance, cloud security is far different that on-premise data center security.
This requires an understanding of your network topography, where data is stored and how it flows through systems, and how clouds and other systems impact application and data security. This requires a thorough review and analysis of your existing systems and an understanding of where gaps occur. Only then is it possible to address data center security requirements in a comprehensive and effective way.
How to Select the Best Data Center Security Provider
Here is a brief data center security checklist to consider when selecting tools, solutions and services:
- Physical security matters. Although the focus is typically on protecting systems, applications and data, it’s important to recognize that an unauthorized person in the data center can wreak havoc by stealing, altering or destroying data. A physical environment—particularly systems containing highly sensitive or regulated data—must be protected with adequate access controls—such as swipe cards, RFID badges or biometric systems. Locked server cages may also be required. In addition, video and other monitoring systems should be in place.
- Network security controls are critical. A data center is a repository for storing data. However, it also serves as a hub for incoming and outgoing data. As a result, traditional network and data security tools are an important piece in the overall data center security puzzle. This means considering—and most likely including—firewalls, anti-virus scanners, endpoint security controls, application security scanners and various other tools, components and services.
- Don’t overlook data center tiers. The distinct data center tiers are based on underlying business requirements and the level of redundancy required to ensure a desired level of performance. Organizations should consider the level of redundancy and security required for different tiers as they map out a data center security services plan. This also includes backups and data redundancy. This can mitigate the impact of a ransomware attack, for example.
- Clouds and virtualization are now at the center of data center security. Almost every organization uses virtualization and cloud computing companies in some way. The use of specific services, such as Amazon Web Services, Microsoft Azure, IBM Cloud and Google Cloud, may require different and specific tools to address data protection. Clouds may also impact other enterprise systems and data repositories.
In this Datamation top companies list, we spotlight 10 leading data center vendors offering security services and tools:
- Juniper Networks
- Trend Micro
- Vendor Comparison Chart
Value proposition for potential buyers: Networking giant Cisco Systems delivers a powerful software-defined networking security solution within its Application Centric Infrastructure (ACI) platform. Naturually, since it’s software defined, it requires significant in-house expertise, so it’s not for everyyone. But for those companies that have the staff, it’s a top choice. The Cisco solution is designed for multicloud networks that require a high level of scalability and flexibility along with strong policy enforcement. Gartner rated Cisco an industry leader for the product in its 2018 Magic Quadrant for Data Center Networking.
- Cisco Application Policy Infrastructure Controller (APIC) delivers a single view of all Cisco ACI fabric information with one click. The tool aids in automating, programming and managing systems in a consistent and secure way.
- Cisco Cloud ACI is designed to manage policies in AWS and Azure. It delivers secure automated connectivity, a single point of orchestration and consistent settings and policies across clouds.
- Cisco Application Centric Infrastructure Virtual Pod offers a software-only extension to an on-premises data center. This makes it possible to extend Cisco ACI into the public cloud with bare-metal provisioning and remote or satellite data center locations. It focuses on a “security everywhere” approach.
Read user reviews of Cisco
Value proposition for potential buyers: FireEye’s focus is entirely on cybersecurity services and solutions, which gives the company’s products a morely clearly targeted security focus than vendors that serve several domains. Their leading products include: The FireEye Helix Platform with threat intelligence, automation, and integration to a wide variety of FireEye and third-party solutions; endpoint security; network security and forensics; e-mail security; managed defense capabilities, threat intelligence and other advanced functionality. In short, this is a comprehensive solution that will likely serve all your data center security needs.
- The Helix Security Platform is a cloud-hosted security operations platform that manages an entire environment. It includes a variety of tools designed to detect advanced threats and accelerate response and remediation times. It integrates with more than 300 FireEye and third-party tools.
- The vendor’s Managed Defense product uses analytics and AI to detect threats in real time, and gain visibility into threats inside and outside an organization. It delivers prescriptive remediation recommendations.
- FireEye Network Security and Forensics is designed to address data center security requirements and network vulnerabilities. It incorporates signatureless detection and protection for advanced threats, including zero-day attacks, and combines heuristics, code analysis, statistical analysis and other techniques with a sandboxing solution.
Read user reviews of FireEye
Value proposition for potential buyers: Networking security firm Fortinet has emerged as a leader in cybersecurity appliances and software. Their data center security product line includes unified threat management (UTM) solutions and next generation firewalls that are available as hardware as well as in a virtualized form factor. The FortiGate platform offers powerful protection, deep visibility into network and data functions, and advanced threat intelligence. Gartner ranked the firewall platform as a “leader” among 2018 unified threat management (UTM) security solutions.
- The vendor offers antivirus, a web filter, DNS Filter, application control, data leak prevention (DLP), controls over proxy options and SSL/SSH Inspection. It can also manage and block different types of executable files, botnets, videos and other unauthorized content.
- The FortiGate line of equipment and software is available in models suitable for carriers, data centers, enterprises and distributed offices.
- FortiAnalyzer is designed to identify attack patterns, acceptable use policies, and demonstrate policy compliance across an enterprise. It also includes tools for HTTP packet inspection, forensic analysis, vulnerability assessment and other enterprise needs.
Read user reviews of Fortinet
Value proposition for potential buyers: HashiCorp focuses on managing and automating processes in the cloud. Therefore, its tools are very much geared for today’s hybrid cloud environment. HashiCorp Vault is designed to “manage secrets and protect sensitive data.” This includes controlling and managing access to tokens, passwords, certificates, encryption keys for protecting sensitive data. The solution is designed for multiple clouds and private data centers that lack a clear network perimeter.
- HashiCorp Vault’s dynamic infrastructure is specifically designed to address low-trust networks in public clouds, unknown network perimeters across clouds, and security enforced by identity.
- The vendor offers both data encryption with centralized key management and simple APIs, and a secrets management tool that allows an organization to centrally store, access and distribute virtual tokens, passwords, certificates and encryption keys. This approach is designed to support dynamic environments where applications and machines frequently change.
- The solution delivers a robust set of secure plugins that allow it to connect seamlessly with AWS, Microsoft SQL Server, MongoDB, Oracle, MySQL, Cassandra and other data and cloud companies.
Read user reviews of HashiCorp
Value proposition for potential buyers: IBM offers a comprehensive array of security services under its Managed Security Services banner. Its benefit is that one vendor can provide all the tools, so they interoperate together. These include firewall management, intelligent log management in the cloud, intrusion detection prevention system management, security intelligence analysis, gateway management, endpoint security, managed identify services, secure SD-WAN and unified threat management.
- IBM’s firewall management service supports all major industry platforms, including Check Point, Fortinet, Cisco and Juniper. It offers highly customizable reporting, access prevention tools and robust firewall logging.
- Enhanced security and intelligence analysis for IBM Managed Security Services (MSS) taps the firm’s security expertise to help clients analyze their security posture and address gaps. The solution includes access to the Virtual Security Operations Center (SOC) Portal, which serves as a repository for network activity, tickets, logging and security intelligence.
- IBM’s Amazon GuardDuty detects and responds to security events within Amazon Web Services (AWS). It encompasses intelligent security monitoring and IBM X-Force Incident Response and Intelligence (IRIS) that improves security integration within workflows.
- Managed identity Services provide a robust set of access management tools for managing employees, business partners, suppliers and customers.
- IBM Secure Virtualization protects IBM Cloud, VMWare Cloud and other components down to the microchip level.
Read user reviews of IBM
Value proposition for potential buyers: Juniper Networks takes aim at data center security requirements through a collection of next-generation firewalls that are designed for today’s data centers. They address conventional hardware and software, virtualized environments, and private, public and hybrid clouds. In addition, Juniper offers an Advanced Threat Protection (ATP) solution and management, visibility, analytics security software and automated security management tools. Gartner designated Juniper a “Leader” in its 2018 Magic Quadrant for Data Center Networking.
- Juniper SRX Series Services Gateways feature advanced, integrated threat intelligence delivered on a highly scalable and resilient platform. The firm’s vSRX Virtual Firewall offers specific protections for private, hybrid and public clouds.
- Next-gen Firewall (NGFW) Services allow organizations to deploy a single device that manages policy-based awareness and control over applications, users and content.
- Juniper threat prevention appliances detect malware, understand behavior, and mitigate threats through a one-touch approach. They are able to pull data from multiple network sources without regard to the vendor. They also are designed to work with nearly any vendor’s firewall.
- The vendor’s Junos Space Security Director provides visibility into network and threat behavior, along with robust policy management capabilities, including the ability to adapt rapidly under changing conditions. The automated security management solution also offers a centralized dashboard with strong reporting features.
Read user reviews of Juniper Networks
Value proposition for potential buyers: The vendor is among the most recognized names in cybersecurity and data center security services. In short, the company has a reputation to uphold in the security sector. In particular, its cloud native tools are impressive. It offers an impressive mix of products and services for enterprise security, including data centers. This includes: the firm’s MVISION cloud platform, endpoint security, a cloud access security broker (CASB), data loss prevention, an ePolicy orchestrator, encryption tools and Data Center Security Suite for Databases.
- McAfee Data Center Security Suite for Databases delivers real-time protection for business-critical databases. It is designed to protect against external, internal and intra-database threats. The platform delivers visibility into all database activity, protects unpatched databases and offers single-pane manageability for database security. It also offers automated database discovery, tools to manage security policies, and insights into security gaps.
- The vendor’s MVISION platform offers a cloud-native open architecture that protects against threats across devices, networks and clouds. It includes robust policy orchestration features, data theft and system rollback and the ability to customize dashboards and reports for specific needs.
- MVISION cloud delivers a CASB that provides complete visibility into cloud-based data, context and user behavior across devices and cloud services. It has the ability to protect data as it moves into and out of clouds and data center environments.
Read user reviews of McAfee
Value proposition for potential buyers: Another of the most recognized names in the cybersecurity field is Symantec. The company offers a wide range of enterprise products that address data center security requirements, including integrated cyber defense, advanced threat protection, information protection and endpoint security. Particularly impressive: its tools cover both the cloud and on-premise worlds. Symantec Data Center Security offers complete server protection, monitoring and workload micro-segmentation for on-premises as well as cloud environments. You can be sure that Symantec has benefited from massive customer feedback in the security sector.
- Symantec Data Center Security revolves around hardening and monitoring security for clouds and physical data centers. It includes full support for agentless Docker containers, the ability to block zero-day exploits, secure open-stack deployments and continuous security monitoring. The platform also provides agentless anti-malware and threat protection for virtual servers.
- The firm’s integrated cyber-defense platform delivers an integrated suite of enterprise security tools, including endpoint security, web and network security, e-mail security, cloud security and more, through ongoing threat intelligence, AI and machine learning, API management, and automation.
Read user reviews of Symantec
Value proposition for potential buyers: Trend Micro, a leading name in both overall cybersecurity and data center security services, offers a broad array of tools and solutions that address data center security requirements. Trend Micro very much targets the need of companies with a hybrid cloud. Their solutions encompass cloud security, network defense and user protections through specific tools ranging from container security and intrusion prevention to endpoint security and SaaS application security.
- The vendor’s Data Center and Virtualization Security solution is specifically designed for data centers with physical systems, virtualized servers and cloud-based architectures. It has built in policy management tools and it delivers central visibility. It supports VMware, NSX and virtual desktop infrastructure (VDI) and integrates with containers and leading cloud platforms such as AWS, Azure, Google Cloud and IBM Cloud.
- Trend Micro is among the pioneers in offering IoT and industrial IoT-specific security. The solution is designed to support smart factory and other business environments.
- Trend Micro Deep Security is specifically built for virtualized data centers. It uses strong policy-enforced security controls to automatically shield VMs from network attacks and vulnerabilities, thwart malware and ransomware, and detect unauthorized system changes.
Read user reviews of Trend Micro
Value proposition for potential buyers: VMware’s prominence in the virtualization arena is undisputable. Given how central virtualization is to the data center, its no surprise that VMware’s data center security tools are robust. Its data center security services and tools include three different security solutions under the NSX designation. NSX Data Center provides virtualized networking and security entirely in software en route to a software-defined data center (SDDC). Be aware, of course, that this software defined focus will require the in-house staff that can handle it. The vendor also offers NSX Cloud for public, hybrid and private cloud environments, and NSX for Horizon for virtual desktop infrastructure (VDI).
- NSX Data Center virtualizes security components such as firewall, network switch, route rand load balancer to streamline security. This allows an organization to replicate security configurations across multiple clouds and physical sites. The platform uses micro-segmentation to enable a least-privileged approach, and ties security policies directly to an application and allows them to change as the environment and threats change.
- NSX Cloud delivers consistent security across all types of clouds and across virtual networks, regions, availability zones and multiple private data centers and public clouds. It offers single pane of glass visibility and end-to-end operational control and visibility.
- NSX for Horizon provides a platform for managing virtual desktops, including security policies. It delivers advanced security features and connects to an ecosystem of security partners.
Read user reviews of VMware
Data Center Security Providers Comparison Chart
|Vendor||Key Tools/Solutions||Focus||Key Differentiator|
|Cisco||Application Centric Infrastructure (ACI)||Software-defined networking security||Ideal for multicloud networks that require a high level of scalability and flexibility|
|FireEye||Helix Security Platform; Managed Defense; Network Security and Forensics||A broad array of security tools that protect the data center and network||Cloud hosted security operations platform|
|Fortinet||FortiGate platform, which includes next-gen firewalls and other products||The FortiGate platform offers a comprehensive set of tools designed to protect the data center and network||High flexible and easily integrated with other vendor’s solutions and services.|
|HashiCorp||Vault||Protecting access to tokens, passwords, certificates and encryption keys||Designed to protect sensitive data and assets across multiple cloud and private data center environments|
|IBM||Managed Security Services||A comprehensive suite of data center and network security tools within a managed services platform||Powerful security tools for the data center and network within a single managed services platform|
|Juniper Networks||Juniper SRX Series Gateways; Junos Space Security Director||Next-gen firewalls and other security tools for the data center and network||Designed to address the needs of organizations with conventional data centers as well as virtualized and cloud-based environments|
|McAfee||MVISION cloud platform; Data Center Security Suite for Databases||A comprehensive set of tools and services designed to lock down data, applications and controls within the data center and network||MVISION is a cloud-native open architecture that delivers a CASB and other powerful capabilities. Data Center Security Suite specifically protects databases.|
|Symantec||Symantec Data Center Security||Broad tools and services for protecting the data center and network||Symantec Data Center Security offers complete server protection, monitoring and workload micro-segmentation for on-premises as well as cloud environments|
|Trend Micro||Data Center and Virtualization Security; IoT security||Protecting assets within physical and virtualized data centers.||Data Center and Virtualization Security solution is specifically designed for data centers with physical systems, virtualized servers and cloud-based architectures.|
|VMWare||NSX Data Center; NSX Cloud; NSX for Horizon||Security for software-defined data centers (SDDC)||Delivers robust security across all types of cloud and virtualized environments|