The hyperconverged data center—a data center deployment in which most or all of the data center’s functions are defined virtually and exist on a single physical server—promises unprecedented improvements in scalability and cross-purpose uses of data for enterprises. However, it poses some unique concerns when it comes to security.
Because all of the data in a hyperconverged data center exist in one physical place (and are ideally managed through one pane of tools), a hacker who gains access to a single function of a hyperconverged data center can then leap from system to system, whereas, in a more traditional data center, a sort of de facto fault zone is created between parts of the data center that operate independently of one another, limiting damage.
So how do you prevent hackers from breaking into a hyperconverged data center and prevent them from having carte blanche access if they do find their way in? The following security tools are important options to consider for hardening a hyperconverged data center against a potential cyberattack.
1. Security Information and Event Management (SIEM) Tools
Monitoring network activity throughout an enterprise for irregularities is becoming even more important as hackers become more sophisticated at camouflaging themselves and the malware that they place on networks. But often the logs that different parts of a computing enterprise generate go ignored, as they present data that are too unwieldy on their own to be actionable.
SIEM solutions remedy this by bringing together all of the data from all of the different monitoring solutions throughout a network and data center in order to provide alerts and make anomalies easy to spot throughout an entire enterprise: on the network, on the hyperconverged data center, and anywhere else that traffic, public or private, may flow. This positions IT to nip any evolving cybersecurity threats in the bud and keep an eye out for ongoing threats capable of hiding themselves.
2. Web and Email Gateway Protection
Many of the cybersecurity threats that end up harvesting business-critical information from data centers don’t enter through attacking a data center component. Rather, they enter through a web URL or implant malware through an email-based phishing scheme and then head to the data center, because that’s where the information they want is.
Sometimes when enterprises deploy a hyperconverged data center, the fact that it seems like an all-in-one solution allows them to forget that the parts of their computing enterprise that don’t come in that box also need top-notch security. Preventing such infiltrations of a data center starts with not leaving any of these ways in through the network open. Implementing penetration testing can help enterprises find their vulnerabilities and secure them appropriately. And in the case of phishing schemes, where malware can subvert perimeter security through tricking an employee of a business into clicking on a malicious link, companies can run live training programs in order to teach staff to avoid clicking on such links and minimize the type of common end-user error that compromises networks.
If a hacker does manage to infiltrate a hyperconverged data center, microsegmentation is critical in limiting the amount of damage done. By creating a fault zone around a given piece of the hyperconverged data center, microsegmentation allows a hyperconverged data center to act—from a security perspective—more like a traditional data center in which components are generally physically separate from one another and individually secured. Hackers, then, can’t leapfrog from one part of the data center to the next, stealing data from the entire enterprise as they go.
What tools have you seen successfully used in order to secure hyperconverged data centers?