Home > Design Patterns > Secure Connection for Scaled VMs

Secure Connection for Scaled VMs (Cope, Erl)

How can connections be scaled to protect dynamically scaled VMs in a way that mitigates cloud provider lock-in?

Secure Connection for Scaled VMs

Problem

When scaling cloud resources, differences between cloud consumer on-premise firewall and multiple cloud provider firewall and network protection offerings can make it difficult to configure secure networking.

Solution

A system can be established by controlling network traffic moving in and out of the VM using firewall agents or operating system firewalls. This will create a portable security solution that is location independent and scales as VMs are created.

Application

Using firewall agents or operating system-based firewalls, VMs can be pre-configured with a baseline of firewall policy, including VPN configuration, so that when VMs are created or live migrated in a cloud burst or other scaling activity, the associated firewall is also created or live migrated and pre-configured with firewall policy.
Secure Connection for Scaled VMs: An OS or virtual agent firewall connects Business Process A’s services via a VPN (A). An OS or virtual agent firewall connects Business Process B’s services via a VPN (B). They are all managed by a policy-driven firewall management system capable of managing multiple OS-type firewalls or firewall agents (C).

An OS or virtual agent firewall connects Business Process A’s services via a VPN (A). An OS or virtual agent firewall connects Business Process B’s services via a VPN (B). They are all managed by a policy-driven firewall management system capable of managing multiple OS-type firewalls or firewall agents (C).

Secure Connection for Scaled VMs: An example of the establishment of a VPN.

An example of the establishment of a VPN.