Microservices’ Role in Transforming IT Security

Thanks to the rise of microservices, IT security may never be the same. IT organizations increasingly need to leverage massive amounts of compute horsepower to thwart attacks that are increasing in size and sophistication. To address that issue, Barracuda Networks has launched an advanced threat protection (ATP) microservice that the company hosts in the cloud.

Now, Barracuda Networks is extending that ATP microservice via third-party partnerships with application vendors. One such partner, SignNow Enterprise, now is enabling organizations that subscribe to its e-signature service to also dynamically invoke an embedded ATP service provided by Barracuda Networks.

Ken Grohe, senior vice president and general manager for emerging products at Barracuda Networks, says this microservice is the first of many the company expects to develop. Driving those efforts is the knowledge that attacks can come from almost anywhere. Because it’s impossible to predict precisely whether an attack will be focused on an endpoint or the entire network, organizations need to be able to scale the resources they can invoke to strengthen their defenses.

Grohe says Barracuda Networks is just now exploring the role containers will play in enabling the vendor to expand the reach and scope of the microsevices it will provide. But it is clear that microservices have a major role to play in enhancing IT security. Like most battles, victory goes to the combatant that can bring the most amount of resources to the point of attack. But even when IT organizations do know where the point of attack is, it often takes too long for them to marshal their resources. Microservices should make it possible to dynamically apply additional resources to combat cybersecurity as needed, which should enable IT organizations to better combat, for example, brute force attacks.

Of course, there’s little that can be done to stop cyberattacks from being launched in the first place. But IT security defenses are becoming a lot more sophisticated. It shouldn’t be too long before just about every application is augmented by IT security capabilities delivered via the cloud and dynamically invoked as a microservice. That may not stop every data breach, but it sure will go a long way toward limiting them.

Naturally, it will take a while for a microservices-based approach to IT security to proliferate. But once it does, IT organizations should have at their disposal a much better set of emergency responses. The good news is, thanks to rise of machine learning algorithms and advanced analytics driving threat intelligence services, IT organizations will have more visibility into the cybersecurity attacks being launched against them. The next big challenge then becomes how best to respond to those attacks in a way that doesn’t wind being prohibitively expensive. By combining microservices with compute resources in the cloud, the cost of mounting an effective IT security defense should soon drop considerably.

Mike Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Mike Vizard has 1630 posts and counting. See all posts by Mike Vizard