Making Datacentre Security a Priority

The data Centre is the heart that pumps the lifeblood of any organization - core business and operational data throughout the network. The goals of data Centres have always been to provide high performance access to flexible and adaptive business applications, with extremely high availability, while minimizing costs by standardizing and automating support processes. This is reflected in the current and planned network, storage, and processor architectures.

However, data centres are attractive targets for malicious activity. Improperly secured data centres are targets of hackers and worms, which can cause significant havoc and costly damage. Unfortunately, data centres assembled quickly during the economic boom were rarely built with an emphasis on the security, and many applications and storage “islands” resulting from these efforts are often vulnerable to attack and compromise.

Challenges and Threats

In support of management goals to protect, optimize, and grow the business many IT organizations are consolidating data centre resources such as servers, storage, networks, and applications. Another common phenomenon is the outsourcing of data Centres today. In the past, managers relied upon physical application isolation or perimeter defense for security. This is inadequate to defend today’s virtualized data centre resources and applications from attacks, which continuously become more sophisticated and dangerous. Any “script kiddie” can download hacker tools from a Website and inflict considerable damage to poorly protected data Centres. Attacks progress faster than ever. More damage occurs in a few seconds today than was possible in a few days five years ago. The Slammer, Blaster, and MyDoom worms took only minutes to circle the globe.

Threats from inside the enterprise can be even more damaging because hackers exploit detailed knowledge of the organization to wreak serious financial damage inadvertently or deliberately. These hackers can include employees, temporary workers, and consultants. To protect applications, data centre managers must use modern technologies that limit user access to only those resources they need to do their job.

It is essential that security and network managers collaborate to understand the particular vulnerabilities and threats to data centre resources, so that they can develop a robust network security architecture. Vulnerabilities and threats can prevent users from accessing mission-critical applications, directly disrupt application operation, or compromise confidential and valuable information. Threats can include the following:

Attacks on mission-critical applications, application servers, databases, database servers, and storage resources through buffer overflows, malicious worms, viruses, and administrative access breaches

*Vulnerabilities resulting from misconfigured systems and incorrect or outdated software expose IT managers to the time-consuming task of operating system and patch updates, resulting in possible system downtime and productivity loss

*Attacks on network systems and devices such as routers, switches, and firewalls through administrative access breaches

*Threats to the network infrastructure through distributed denial of service (DDoS) and syn flood attacks

The Backbone of the Data Centre

Modern-day data centres are distinguished by the size of their operations. A data Centre considered economically viable could contain between a hundred to several thousand servers. To enable this, a cohesive network architecture that supports immediate data centre demands such as consolidation, virtualization, business continuity and security would be needed at each layer.

It is critical for a business critical data centre to ensure maximum data security and cent percent availability. Data Centres have to be protected against intruders by controlling access to the facility, and using biometrics & video surveillance. In addition, data centres must have the capability to withstand calamities like fire and power failures. Recovery sites have to be maintained where everything in the data centre is replicated. Data Centres provide a shared, multi-host, multi-application environment to carry out the hosting of large volumes of corporate data along with providing functionalities like data mining and data warehousing. As businesses go global and get Internet-enabled, these services become mission-critical. There is a requirement for services from simple Web-hosting to managed services such as storage on demand, performance measurement and storage management.

Data Centre network architecture should comprise of the following three layers:

* Foundation Infrastructure: including the intelligent IP network infrastructure, intelligent storage networking, and data Centre interconnect

* Network System Intelligence: including security, delivery optimization, manageability and availability

* Embedded Application and Storage Services: including storage virtualization, data replication and distribution, and advanced application services.

Comprehensive architectures like Cisco’s Data Centre Network Architecture enable IT executives to perform the following:

* Consolidate and virtualize computing, storage and network resources to cater to growing business needs on-demand and on-time

* Deliver secure and optimized employee, partner and customer access to information and applications by defense in depth strategy

* Protect and rapidly recover IT resources and applications

* Enable the data centre for emerging Service Oriented and Utility computing technologies such as blade servers, virtualization, Web services and GRID.

* Day-Zero attack mitigation, easier management, flexible, integrated and collaborative security architecture enabling lower cost of ownership.

Data Centre Security Strategy: A Self Defending Network with Defense in Depth is the Need of the Hour

Today many organizations are using biometric-based access control for critical areas inside the data centre to enhance security. With the increase in use of integrated building management systems (which have capabilities of remote monitoring using IP addressing), integration of data centre systems with network management systems has also empowered IT managers to manage their data Centre more effectively.

Robust data Centre security strategies recognize that security is a continuous process that should be integrated with data centre operations, communicated to the user community, and incorporated into the organization’s culture and way of doing business.

Any security strategy begins with a security policy, which aligns business needs with security goals and defines how to implement them through processes and technologies. The policy determines security design, management processes, and technologies that enable policy implementation and enforcement. The policy is not static and should be refined and adjusted as the security posture changes.

A Security Posture assessment can identify specific vulnerabilities and risks within the existing environment and recommend ways to mitigate them. The network is an essential component of the assessment and should provide solid first layer of defense, complementing operating system and application level security. Segregating the network into virtual components allows security managers to consolidate resources in a cost effective manner and control user access to each application.

In conclusion, the enterprise data centre is the heart of the enterprise network because it contains the data, applications, and other resources for business. Protecting and ensuring the ongoing availability of these resources is vital to the success of any organization. Customers, partners, and internal users need to trust that confidential information remains private and reliable. Maintaining the integrity of the network and its attached resources is vital. This will enable businesses to move toward data centres that are able to deliver better uptime, lower downtime, better access and power distribution, a seamless expansion and well-managed capacity.

Cisco Security Architecture

a) Threat Defense

Threat defense security solutions mitigate network and host attacks caused by viruses and worms, DDoS attacks, and other malicious network traffic. Deploying these solutions throughout the data centre isolates and blocks intruders, rouge applications, and other unwanted traffic and very high speeds thru switching fabric.

b) Trust and Identity Management

Trust and Identity Management enables access to network services and data centre resources by authorized users, administrators, and applications. Access control, Security posture assessment of the end device and AAA are critical architectural components which are needed in the solution.

c) Secure Connectivity

Securing connections within and between data centres, these solutions offer standards based VPN and encryption techniques to ensure data integrity. SSL services for web-enabled application and content security, Virtualized and routed virtual SAN networks are the essential component of the security architecture at this stage.

d) Data Centre Security Management

Security Management is essential for spotting and blocking violations before damage occurs. Monitoring is the heart of security management, and administrators need tools that digest the massive amount of data generated by security components, identify suspicious activity, and proactively respond to threats. Device configuration management, change management, policy management are some essential components at this stage.
 

Source : https://www.siliconindia.com/magazine_articles/Making-Data-Center-Security-a-Priority--PECT323945766.html