In 2018, the Hybrid Multi-Cloud Security Working Group published the specification for a comprehensive set of tactical and strategic baseline requirements to help guide technology suppliers in the development of software-defined security products and services. Hybrid multi-cloud deployments incorporate public cloud services, infrastructure and networks. Therefore, security products and services must be capable of delivering protections for the confidentiality, integrity, and availability of data and information systems equivalent to that currently provided by physically isolated networks and infrastructure.
Building on this foundation, in 2019 the security working group is concentrating on the development of multi-vendor reference solutions, based on an intent-based security framework, that address three foundational use cases:
1. Policies should be bound to workloads, independent of type or host model, such as virtual machines, containers, serverless, applications, services or micro-services.
2. Write the workload security policy in one place and deploy in multiple places, where the policy would then be enforced local to the workload independent of location.
3. Must be able to measure the ability of securing network workloads to ensure the confidentiality, integrity, and availability of the services they are delivering.
Hybrid Multi-Cloud Security Framework
Next steps for the working group include documenting reference solutions and conducting independent validation testing to ensure that each reference solution complies with the security requirements specified for each use case.
Validation testing will be conducted by a solutions integrator operating a testbed in which security products and services from multiple suppliers can be tested in realistic hybrid multi-cloud deployment configurations, employing various workload host models.
IT executives, amplify your voice by aggregating your user case requirements with peers so that vendors, standards and open source communities build industry solutions needed. You’ll also share best practices and challenges for IT organizational re-design, culture and skills needed to deliver the digital transformation effect.
For vendors, participating in the ONUG Working Groups will contribute to product and feature development as well as assure that your company is meeting market needs.Join the Community Today
Join your peers at these companies to amplify your use case requirements to the vendor/standards and open source communities by being an ONUG Working Group member.