On February 21st, ONUG conducted a live webinar in which the IT executive co-chairs of the Software-Defined Security Services Working Group presented an overview of the requirements for the three primary use cases that will underpin the working group’s activities in 2019:
#1 Binding Security Policies to Workloads – Policies should be bound to workloads, such as virtual machines, containers, applications, services or micro-services.
#2 Single Policy, Multiple Deployments – Write security policy in one place and deploy in multiple places, where workload policy would then be enforced.
#3 Measured Security Protection Capabilities – Must be able to measure the ability of network workloads to ensure the confidentiality, integrity, and availability of the services they are delivering.
The speakers presented a conceptual model illustrating how workload security policies adhering to these principles are able to span public, private and hybrid clouds:
This was followed by an overview of the more recent draft of the SDSS Elaborated Use Case Requirements document that the working group has developed with the goal of specifying requirements in such a way that they are unambiguous and measurable. The document includes a definition of terms, a description of the core requirements generally applicable to security products and services, followed by a list of 20 detailed requirements specific to the three use cases for applications running in hybrid multi-cloud environments.
The goal of the SDSS Working Group in 2019 is to take these use case requirements and work with a solutions integrator to deploy a hybrid multi-cloud workload security reference solution in a testbed environment, integrating products and solutions from the ONUG vendor community and open source software developers for both demonstrations and validation testing.
The reference solution will be based on a hybrid/multi-cloud configuration developed by the ONUG Working Groups in 2018 in which application workloads are distributed across multiple public clouds and a private cloud data center:
ONUG has adopted the open source MediaWiki software package as the baseline application that will be used for solution integration demonstrations and testing.
The webinar concluded with a brief description of this ONUG reference model environment followed by Q&A.