How to secure workloads in the multi-cloud era

With today's enterprise architectures, it's no longer a question of whether they have incorporated a cloud, but rather how many. The problem is: How do you create, enforce, and manage security controls across these different clouds when they operate in isolation? The answer is simple: use the network to stitch it all together.

A 2022 survey revealed that 82% of IT leaders have adopted hybrid cloud architectures, and 58% of organizations use between two and three public Infrastructure as a Service (SaaS) clouds, such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Oracle Cloud. By bringing together networking and security, you can protect workloads no matter where they are created or consumed across multi-cloud and hybrid architectures.

This has many implications - from stopping inbound threats that target web and non-web apps (ingress security) to blocking botnets or data exfiltration (egress filtering) to mitigating lateral movement (segmentation).

"Over the past decades, the proliferation of threats has been met by a proliferation of specific security solutions that attempt to solve them, which results in a very disjointed technology stack that security teams are expected to reconcile," says Rick Miles, Cisco vice president of product management for cloud and network security. 

"When it comes to securing cloud networks, complexity is enemy number one," says Miles. "Every public cloud has its own security controls and 'language,' and those controls are working in isolation. Managing the lack of visibility and inconsistent controls is a big pain point."

Cisco's acquisition of Valtix and the subsequent launch of Cisco Multicloud Defense aims to take the complexity out of multi-cloud security by centralizing and consolidating network security. It does so by provisioning distributed enforcement points across Azure, AWS, Google, and Oracle Cloud Infrastructure clouds, all managed from a SaaS-based and easy-to-use control plane that provides security teams with a cloud-native experience.

Consolidated multi-cloud security platform

"It's not sustainable to rely on a fragmented strategy utilizing multiple security point solutions," says Miles. "Cisco's multi-cloud defense will ultimately provide a consolidated platform for securing cloud networks across the public and private cloud with a single console to manage it all, from coverage to policy."

Currently, IT organizations must rely on separate consoles to manage different cloud environments. "Even though customers would love to see standardization across clouds, cloud service providers don’t have a lot of incentive to create that level of abstraction. With Cisco Muticloud, everything that customers love about the cloud - like the agility, flexibility, and scale - is also applied to how those clouds are secured," says Miles.

Cisco believes its portfolio breadth - spanning networking, security, and application observability - positions it to provide customers with a real strategic partner capable of reaching across multiple cloud platforms. "We can provide a translation layer, essentially a Rosetta Stone, for managing multiple clouds and layer security services across an organization's multi-cloud architecture," Miles explains.

That should dramatically improve security experiences for IT and security teams, providing a unified view across a simpler-to-consume and secure multi-cloud environment. "The network is the common ground for cloud management and given the right operational analytics combined with runtime visibility, cloud teams can cut through the vendor finger-pointing that can complicate security management in hybrid and multi-cloud architectures," Miles adds.

For more information on how to connect, protect, and unify security at cloud speed and scale, check out Cisco Multicloud Defense.