The vantage point being offered for cloud users is the ability to pay-for-what-they-use vs the maximum performance specs for the physical server they could have purchased.
Security products like routers, switches, firewalls, load-balancers, are now too evolving to cope up with the cloud phenomenon, so that ‘virtualization’ on the Infrastructure layer could be offered to clients. Ideally, you would like a system that is virtually bifurcated from the rest of the tenants on the cloud architecture. The underlying security threat that was levied on these gear before, still remains.
The ability of such Layer 2/3 equipment to be integrated with the Cloud Management Application is something to be seen.
Some of the Cloud OS Builders are: Openstack.org,Eucalyptus.com, OnApp.com, Nimbula.com, etc. You might want to look at these, as any vulnerabilities in the underlying cloud OS can have some serious security impact.
Having said this – the biggest advantage for cloud is the elastic computation power they provide. Many companies have in some crude manner disguised this for say DDoS defense (in its truest sense, its not exactly a ‘cloud’ per se, but a more of a ‘blackbox’ phenomenon just being labeled the cloud).
Two companies that are actively pitching their DDoS solution for in the cloud defense are Prolexic and Verisign, you can start with them, by better understanding what type of security mechanism, etc. they have in place. Most of the solutions used within the DDoS world are deemed ‘secret sauce’ the solution provider would not be sharing this information with you.
Other companies like Incapsula, CloudFlare are also utilizing their multi-node approach to provide ‘in the cloud’ based security, you can start a dialogue with them (both these companies routinely answer questions here on Quora).
You can look at some companies that are actively provide gear/solutions for Cloud based security – like XRoadNetworks (http://www.xroadsnetwork
A good list was maintained by The Cloud Security Alliance – you may also want to look there (https://cloudsecurityall
The underlying infrastructure is the same, it has just been labeled a ‘Cloud’ nomenclature, which essentially gives the user the power to do Iaas/PaaS in near-realtime whilst in a multi-tenant environment.
This page was last updated on July 22, 2011.