DataTap Solutions

Category Archives:Security

Cognitive Analytics

If your IT environment is like 90% of the other complex environments out there, chances are that you are dealing with lots of data (structured & unstructured) and limited resources (Tools & Personnel). Powerful technologies exist and are being improved that automate analytics and decision making. Among the technologies driving IT automation are machine learning, neural networks, deep learning, natural language processes, and more. These technologies have statistical roots and are mainly constructed around analytics.

analyticsEras

 

Cognitive Analytics add a flavor of automation in the form of processing adhoc data streamed from multiple sources. These Analytics have the power to characterize any type of information embedded in the data and put them to use in real-time. Some of the examples include, automatic issue remediation by conducting pro-active diagnostics, adaptive communication frameworks such as BOTS, etc…

 

DataTap’s solution is capable of collecting data from multiple data sources, learn and characterize the entities, correlate and isolate anomalies, prescript the insights into various processes and measure the effectiveness of the prescriptions. This level of automation enables your IT teams to handle the onslaught of data volumes and keep the costs low.

 

Please visit other DataTap blogs that explain how each of these solutions work. If you need more information on our products and services, please contact us at contactus@datatapsolutions.com.

Advanced Threat Defense

Fifteen plus years of efforts to curb IT security issues are still searching for answers. Hackers are getting innovative day by day always having a slight edge over their IT targets. Along came security solutions such as Anti-Malware, Firewalls, IDS, IPS and WAF. Unfortunately there is a common fallacy among all these solutions in the form of vectors, rules that protect either endpoints or perimeter. Fact of the matter is that these solutions offer siloed approach to security. Take a look at this article from Tech Target – search for answers to ‘advanced threat’ defense.

 

The headline caught my attention –

Visibility into what is happening on your network may matter more than stopping an attack. Can technology keep up with advanced threats?

This is a well said statement. There is a reason security issues are termed as ‘virus’. Advanced-Threat-Defense based on behavioral analytics is like a standby doctor constantly diagnosing human body. Behavioral Analytics also unravel the issues that conveniently break deployed security solutions.

DataCenter Operators: Key Concerns and Top Priorities

Recent survey of Datacenter operations managers revealed that Security and System Performance are the top two challenges in the fast growing data traffic environment.

datacenter-top10-challenges (1)

Understanding datacenter operations goes long ways into addressing these challenges. Check out our products and services designed for Datacenter operations. Our solutions give a single pane of glass to address multiple challenges like security, operations analytics, SLAs along with basic monitoring capabilities like application performance management, traffic patterns, SLAs, etc…

 

Planning-a-hybrid-cloud

If you are an IT manager planning a hybrid cloud environment, you are concerned about the aspects such as security in a public cloud and cost of a private cloud. Although security is a top concern in public clouds, the automation appeal of a public cloud is still a big plus. Here are some factors to consider as you plan your hybrid infrastructure:
  • Hypervisor: If you are a KVM or Vmware ESX shop in your private cloud/datacenter and trying to add AWS or azure, you need to make sure the application images are compatible and convertible.
  • Security: Encrypting communications with between your public and private cloud infrastructure by creating a VPN tunnels of sort is going to integrate your public cloud smoothly with your datacenter. Solutions such as VNS from Cohesive Networks might be of great help to you here. This should be the top consideration in planning-a-hybrid-cloud.
  • OrchestratorYou need centralized orchestration software such as OpenStack in your private cloud to control both public and private clouds.
  • Management: Hybrid clouds require greater levels of automation management to achieve higher degrees of availability, performance, and security.
  • Visibility & Flow Analytics: Planning-a-hybrid-cloud requires understanding your data for efficient division of labor between private & public clouds. The ability to run applications in a private cloud during peak usage hours and then offload to the public cloud during off-peak hours affords enormous flexibility. This provides maximum use and efficiency of both internal and external resources. You need to know which data needs higher security, which data must be compliant with regulatory requirements and which data you can safely farm out to public clouds. For this purpose, you need to have a network visibility and analytics solutions like ours in place.

hybrid_cloud_graphic

 

Cloud-Security-Practices

It baffles me that the CSO’s get only 10% of the total IT budget in organizations even in 2010s where we have seen at least one noteworthy security breach. And 9 out of that 10% is spent on threat prevention software leaving 1% of IT budget to other security products like threat detection and network DVR type applications. As cloud adoption accelerates, cloud security practices are in check and so are the items that need a CSO attention.
In an InformationWeek article on cloud security practices, Amrit Williams placed Continuous visibility as the top security practice. Here is an excerpt from his posting:

First and foremost, companies need to have 100% continuous visibility into their technology assets and services. In brief, you can’t secure what can’t see. Know what you’ve got and what it’s doing at all times. This sounds incredibly basic, but given the automated, elastic, on-demand nature of modern virtual infrastructure, visibility can be a challenge. Once you understand what’s going on with your infrastructure, applications, data, and users, you can begin to understand how to limit your attack surface and better prevent or mitigate attacks.

 

You can read the complete article here.

Cloud-Security-Model

Security is the one word that makes people stop and think for a minute on the impact of their actions. With the uncertainty that cloud imposes on where the resources and data are hosted makes cloud security a hot topic. I really like the cloud security model put together by Mark Nunnikhoven, where the shared responsibility of cloud provider (facilities, physical infrastructure, network infrastructure, virtualization layer) and hosted entities (the operating system, any applications, data) described. However, I am not able to come to grips with the concept of ‘The Wall’ and the proposal that individual VMs in the enterprise cloud environment should employ security controls, instead of all of environment itself. Please read –

The irony of the public cloud is that while compute and storage resources are available in abundance, bandwidth is typically scarce. All of the traditional methods of deploying these controls are bandwidth intensive.

 

Successful security in the cloud moves these same controls to the virtual machine. We move from single, large security controls that protect the entire data centre to controls deployed directly on the virtual machine and responsible for only that virtual machine. This allow the use of much smaller rule sets since the control now has the context in which it’s running.

 

Think of it this way: the traditional method is to have the city guard check everyone at the gate. The guard has to know the business of everyone in the city and then validate whether or not the folks at the gate have a valid reason for being there. By moving that check to the door of the business someone is visiting, it makes it a lot easier for the guard at the door to do more in-depth checks. The guard at the door only has to keep track of the one business, not the entire city.

The problem with this approach is now the intruders are not watched for until they hit on a door of a business (individual VMs). I feel the analogy is some what not relevant here. There are so many security checks that are common among an enterprise cloud VMs, a centralized security analytics platform is not only helpful but a must have to find the breach before it finds you.
You can read the complete cloud security model article by Mark here.