@NutanixNext
Visit Nutanix

Nutanix Connect Blog

Welcome to the Nutanix NEXT community. To get started please read our short welcome post. Thanks!

Showing results for 
Search instead for 
Do you mean 

A Security-First Approach to Support

by Community Manager ‎07-01-2016 06:13 AM - edited ‎07-01-2016 06:16 AM (2,307 Views)

Welcome back! This is the last blog of the security-first blog series. Let’s do a quick recap. In the first blog, we discussed the importance of building a secure platform by including security conscious code through an iterative security development lifecycle (SecDL). Then we followed it up with deploying and managing infrastructure through a secure interface utilizing two-factor authentication and cluster lockdown features to prevent unauthorized access.

 

In this blog, we will discuss how the Nutanix enterprise cloud platform simply scales with secure building blocks as business needs change. In addition, we will discuss Nutanix support and their ability to quickly remediate new security threats.

 

Picture1.png

 

Legacy Infrastructure is Not Secure

Looking for the “safest” infrastructure is not always easy but understanding the entire offering pays dividends in the long run. Security is not always considered on the front end when purchasing infrastructure, but it is crucial when it comes to supporting and scaling it.

 

There are a few key avenues that should be considered as requirements are drawn for new environments. For example, leveraging external security expertise reduces the requirements placed on internal IT teams, holistic support narrows the time to removing threats, and securely scaling systems maintains minimal attack surfaces as infrastructure grows.

 

  • Security expertise: In order to keep infrastructure secure once it has been deployed, one approach is for enterprises to invest in security expertise to understand new vulnerabilities and how it affects their infrastructure. However, the onus shouldn’t be put on the customer, the vendor should provide the expertise and patches in days/weeks and not months or years through non-disruptive upgrades as they are the authority on the infrastructure.
Picture2.png

 

  • Holistic support: Applying security patches to vulnerable systems in production environments without a holistic view could leave several systems unpatched due to compatibility concerns, forcing infrastructure to remain vulnerable. This quickly snowballs out of control and renders systems to fall out compliance.

 

  • Securely scale with confidence: Building an enterprise cloud enables fractional consumption models and, as business demands change, keeping infrastructure secure as it scales is highly important. In order to reduce zero-day threats, systems must be shipped with a hardened by default security posture that can be added to an existing cluster with confidence.

 

Nutanix keeps security front and center

Security-first is not just a saying. Nutanix has security professionals on staff who continually monitor threats out in the wild. This team is laser-focused on delivering a platform that is designed to be good enough even for government users out of the box. For example, when a new vulnerability is discovered the security team works closely with engineering teams to pin-point the vulnerability and issue a patch through a non-disruptive upgrade.

 

This process is similar to public cloud providers who own the entire infrastructure and can quickly resolve known threats. The Nutanix enterprise cloud platform is designed to bring the same security to on-prem infrastructure.

 

Support understands the entire topology

Anyone who has ever worked in enterprise IT understands the process of creating a support call with a vendor, which is quickly multiplied with legacy three-tier architecture. The Nutanix enterprise cloud platform includes compute, storage, and virtualization all in one platform, providing support with a holistic view. For example, Nutanix support has the ability to look at the entire infrastructure stack end-to-end to quickly diagnose problems, often times in days and not months.

 

Extending this concept to security patches could easily exacerbate the problem. Imagine a scenario where a new vulnerability is discovered across SSL (Secure Socket Layer) discussed in a previous blog and how each one of the components in a legacy three-tier infrastructure is affected. A simple patch that should apply across the stack has now created three separate support tickets and potentially countless hours of downtime as systems are upgraded.

 

Picture3.png

 

Scaling has never been so easy

Public clouds have encouraged enterprise IT teams to rethink scaling environments to be more dynamic and respond to new business requirements at a new pace. Securely scaling the environment has to be handled with simplicity and without disruption. Nutanix does not distinguish between the building blocks in terms of security, as the underlying software is hardened through the same rigorous process discussed in a previous blog throughout the platform.

 

There is also a great blog which dives into the Nutanix architecture and how the platform is built to scale. The secure platform is built using the Nutanix Distributed File Systems (NDFS) at the core, which leverages the distribution of resources. As nodes are brought into the cluster, resource allocations are dispersed in order to handle additional workloads.

 

In contrast, many other platforms may have some ability to scale but they increase their attack surface at the same time. Also, they don’t always scale without disrupting the environment. The Nutanix experience offers secure seamless infrastructure that scales.  

 

Summary

This is the last blog in the security-first blog series and we’ve uncovered how starting with a secure platform makes the lifecycle of deploying, managing, scaling and supporting easier. Creating products in a security conscious environment removes multiple attack vectors and limits how the infrastructure can be exploited.

 

Deploying and managing infrastructure from a secure Prism interface is designed to prevent man-in-the-middle attacks and keep intruders out of the platform. Even after the system is deployed and new vulnerabilities are found, the Nutanix security and support teams continue to provide patches in a non-disruptive manner.

 

Nutanix adds value in keeping infrastructure secure through each phase of the lifecycle as companies adopt an enterprise cloud platform.

 

Click here to take a deeper dive into security.

 

Continue the conversation on our forums and follow Nutanix on Twitter for the latest news and announcements. 

 

This post is authored by Rohit Goyal, Product Marketing Manager at Nutanix

 

Announcements

One of the features you see a lot of on social media sites are @Mentions. With @Mentions you can acknowledge other community members.

Read More: Did you know: You can @Mention other members
Labels