IoT data center network security

IoT traffic differs and data centers network traffic as communication becomes digital and control instances become communication hubs from from on-premise data center to clouds. 

There are three new areas of massive horizontal (east/west) traffic:

  • On-edge: That is, a LAN connecting vending machines
  • Intra-DCs: Between different apps, storage, and DBs for various purposes (billing, analytics, control)
  • Inter-DCs: Interaction between apps of different customers in data centers (order, manufacture, ship)

Traffic with new paths and new content has massive east/west sensitive private data, and today's applications are dispersed to hundreds of either identical (load sharing) or complementary (process chain) instances while every set of data collections will be processed multiple times (over time) by different applications across the data centers. Their east/west traffic is highly dynamic as app instances come and go. These apps get frequently updated with most of the sensitive data processed and stored. We should prepare ourselves to prevent, detect, and contain breaches in a highly dynamic environment.

We can apply below policies and proactive actions to avoid any security breaches :

  • Distributed firewall (DFW): Micro segmentation to protect and filter every instance individually at its interface. People can’t harm what they can't touch.
  • Guest introspection: Observe data and behavior in every instance to detect data leakage or dormant malware by spotting the symptoms and preventing its execution.
  • Network introspection: Observe network traffic on layer 7 in mid-air to protect valuable data, and protect instances by turning out pockets when crossing levels. As we are evolving our data center from a shopping mall into a jail, we have to automate or fail the whole process with automation by one engine to gain and sustain coherence.
  • Automate remediation: We find breached instance and distributed firewall quarantines it immediately by doing guest introspection.
  • Automate coherent perspective: Allow OPS to have holistic views across silos from declarative perspectives.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.129.23.30