IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

How to keep applications secure in a private cloud

Security is a key area of application performance and delivery

A lock in a cloud

Many organisations are considering the best methods for building and managing their private cloud deployments, with private cloud adoption rising from 63% to 77% over the last year.

As private clouds increasingly host mission-critical production applications, security increasingly comes into focus as a key part of application performance and delivery.

Network and application security concerns in a private cloud are largely the same as those faced by enterprises in traditional data centres and in the public cloud. Organisations confront web application threats, issues of identity and access management, mitigation of distributed denial-of-service (DDoS) attacks and SSL and encryption concerns in their efforts to secure their applications and ensure that private data remains private.

Web application firewall

When considering implementing a private cloud architecture, organisations must deploy advanced network firewall services, including a solution that can control traffic using basic criteria such as IP address, port and protocol, as well as advanced principles such as HTTP protocol validation, geographical location or endpoint reputation. In addition, a robust WAF can provide comprehensive tools to identify web application threats, block malicious traffic and offer outbound data loss prevention services.

Identity & access management

Managing identity and access in a cloud computing environment with an increasingly distributed mobile workforce becomes more complex every day. Enterprises require a solution that provides advanced authentication services, such as two-factor tokens, CAPTCHA, or geographical restrictions as well as client certificate checking and endpoint inspection. In addition, many organisations consider deploying SAML identity provider services to provide an architecturally sound single sign-on (SSO) solution throughout the enterprise.

DoS & DDoS

With more and more sites facing multiple denial-of-service (DoS) attacks each year, DoS mitigation services are a necessity for most enterprises running private clouds. A strong solution provides proactive bot defence as well as application-layer DoS detection and mitigation.

SSL

Finally, in the contemporary business world, Secure Sockets Layer (SSL) is everywhere. Analysts predict that encrypted traffic will jump to nearly 64% of all North American online traffic in 2016, up from just 29% in 2015. Enterprises must ensure security with a strong SSL solution that provides decryption, traffic inspection and re-encryption, as well as optimise performance by offloading of computationally intensive SSL workloads from compute node resources.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Recommended

Cloud security market to hit $106 billion by 2029
cloud computing

Cloud security market to hit $106 billion by 2029

11 Apr 2022

Most Popular

Empowering employees to truly work anywhere
Sponsored

Empowering employees to truly work anywhere

22 Nov 2022
Q&A: Fred Voccola, Kaseya
channel

Q&A: Fred Voccola, Kaseya

30 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022