This application relates generally to network security. More specifically, the disclosure provided herein relates to decoupling hardware and software components of network security devices to provide security software as a service in a distributed computing environment.
Today, many companies interact with their customers, vendors, development communities, and others via the Internet and other networks. These interactions expose companies to a wide range of security threats, many of which are constantly evolving. In an effort to prevent or at least mitigate security threats, companies devote significant financial and engineering resources to deploy and to maintain security appliances within their internal networks and their gateways to public networks such as the Internet.
Many companies deploy a security perimeter that includes multiple security appliances to protect their data, technology infrastructure, and other assets. These appliances are often dedicated hardware devices upon which security software is executed. The security software may provide security functions such as, for example, firewall protection, intrusion detection, intrusion prevention, or authentication. The perimeter-based security model may provide the necessary protection for certain security threats, but as these threats evolve, the ineffectiveness of this model is quickly exposed—that is, for example, the inflexibility to enable rapid deployment of new security appliances and to enable the hardware and/or software of existing security appliances to be updated or otherwise improved to adapt to these evolved security threats.
Furthermore, the increased adoption by companies of the bring-your-own-device policy introduces additional security concerns. For example, allowing an employee to bring his or her smartphone device to work and allowing that device to connect to their company's wireless local area network may introduce malicious software into the company's internal network, often unbeknownst to the employee. With tens, hundreds, or even thousands of devices interacting with a company's internal network on a daily basis, the number of possible security threats from each individual device, let alone any malicious software or rogue code operating within what is perceived to be legitimate software, is likely to increase significantly, and increase the ineffectiveness of the current perimeter-based security model.