DataCenterNews Asia logo
Specialist data center news for Asia
Story image

How to secure clouds, apps & data without a performance hit

Wed 19 Jul 2017
FYI, this story is more than a year old

You’ve heard it before: The corporate network perimeter has disappeared.

We see this in countless ways.

Organizations are collaborating and conducting digital business globally via hybrid and multicloud, and they’re interacting over social networks. More people and devices are connecting into corporate networks from just about anywhere.

Remote workers accessing information and applications worldwide via mobile devices is just one increasingly common example. Significant digital activity has become a requirement for doing business in the current era.

At the same time, it has widened organizations’ security surface areas and made legacy security boundaries more vulnerable to newer types of cyber-security threats, such as the recent WannaCry ransomware attack.

Leverage an IOA strategy to place secure controls at the digital edge

The blurring of the network perimeter requires a new approach to security. The most effective solution to is to localize security services at the digital edge, where commerce, population centers and digital ecosystems meet, versus the old method of centralizing security services at a single, corporate data center.

The digital edge must be prepared for multicloud application and data flows that service users and things across multiple global networks and cloud services.

In this environment, security can no longer be thought of as a gate, or a wall. It’s now more akin to airport security, with bidirectional domestic and international traffic and various classes of service.

Deploying an Interconnection Oriented Architecture (IOA) strategy is the best way to enforce corporate security in the digital era. It provides a framework for strategically placing networks, security, data and applications at the digital edge.

Locating security services alongside the traffic intersection points of networks, partners and clouds is a major shift from the philosophy of centralizing security services in which most chief security officers (CSO) subscribe.

However, enforcing security controls and extending your security posture to the edge, where most digital business is transacted—allows you to expand, scale and fine-tune your security controls in tune with your digital business.

Not only can you better maintain privacy and data sovereignty requirements, but you can also place latency-sensitive data and services in proximity to multiple clouds and population centers, thereby improving overall performance to all dependent services.

In addition, the strategy helps you gain insights into how cloud and SaaS services are being consumed and enable shadow IT with less risk by applying dynamic and real-time policy controls that govern the use of those services, as well as detect packet-level anomalies.

Finally, the low-latency advantages of implementing security, governance and controls locally can significantly improve the user experience.

Deploying security services via digital edge nodes

Intrigued?

You should be.

By following an IOA strategy, you can accomplish these security capabilities with digital edge nodes that act as communications hubs inside the infrastructure they are meant to protect.

A digital edge node is vendor-neutral, which means you can tailor it to support various network, cloud and data capabilities via interconnection solutions such as the Equinix Performance Hub, Cloud Exchange and Data Hub.

Organizations can add security services to the edge nodes to establish edge-based security checkpoints with localized firewall, SSL termination and malware and DDoS protection using a “trust-nothing” security model.

All traffic can be routed to the edge node, where a deep packet inspection zone enables other security services, such as vulnerability scanning, data leakage control and monitoring and logging for analytics.

You can also apply policy management to detect unauthorized activity and catch rogue traffic and user mistakes.

The steps for greater security and control

Equinix has published an IOA Security Blueprint with detailed step-by-step instructions for deploying a secure edge node infrastructure.

The steps involve:

  1. Establishing digital boundary control: Boundary control is all about setting up security checkpoints at the digital edge’s primary network with localized firewall, SSL termination via virtual private networks (VPNs) and other protections for malware and DDoS. This contains threats at the edge, where they can be neutralized locally.
  2. Deploying an inspection zone: The primary purpose of an inspection zone is to provide transparency (deep packet inspection) to enable other security services (like those that detect vulnerability exploits or lawfully intercept data leakage, etc.) It also monitors and logs activity for security analytics.
  3. Applying policy administration and enforcement: Policy management (via Policy Decision Points [PDP]/Policy Enforcement Points [PEP]) is applied to establish security “guard rails” with fine-grained prescriptions for what is and is not allowed in traffic flows. Policy management, operating in line with the traffic segmentation strategy, detects rogue traffic or unauthorized activity. It also catches mistakes made by users or developers.
  4. Locating identity and key management locally: By colocating high dependency identity and key management services in each digital edge node, it’s easy to improve performance and scale. Simply place services closer to where you have large numbers of users and at multicloud intersection points.
  5. Linking all security controls with logging and analytics: By linking security controls, algorithms can detect any security issues before they cause a problem and ensure all traffic is legitimate before a breach occurs, blocking unwanted traffic locally at the edge.
Security at the digital edge benefits

The benefits of deploying security at the digital edge via an IOA strategy include:

  • Airtight security that doesn’t impinge on performance, scale or the user experience
  • Increased insight into cloud and SaaS service consumption, with the ability to apply real-time policy controls that govern their use dynamically
  • The extension of your security strategy and posture to where you do most of your digital business, scaling and changing as your business scales and changes
  • The removal of the security risks of shadow IT, in fact security becomes an enabler to innovation rather than a road block.

Article by Bryson Hopkins, Equinix Blog Network 

Related stories
Top stories
Story image
Microsoft
Microsoft, Cloudian partnership offers data center flexibility
Cloudian’s HyperStore object storage platform is now integrated and validated to work with Microsoft SQ Server 2022, offering more flexible and scalable data centers.
Story image
Sustainability
SoftIron named global leader for efficient DC infrastructure solutions
SoftIron has been named a global leader for supplying energy-efficient data infrastructure solutions for core-to-edge data centers after an assessment by Earth Capital Ltd.
Story image
Sustainability
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
Employment
Tech job moves - Forcepoint, Malwarebytes, SolarWinds & VMware
We round up all job appointments from May 13-20, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Disaster Recovery
Kacific launches emergency connectivity offering, CommsBox
Kacific has announced the release of a new emergency connectivity offering designed to rapidly provide broadband service in emergency or disaster zones.
Story image
Digital Transformation
Multiplex, NEXTDC making strong progress on S3 data centre
Multiplex has made a significant achievement on Stage 1 of NEXTDC’s S3 data centre, ‘topping out’ the structure in the Artarmon on Sydney’s lower North Shore.
Story image
Data Center
Digital Edge to build South Korea's largest commercial data center
The project will be the largest commercial data center project in South Korea with total IT power of 120MW and a capital investment of more than KWR$1 trillion.
Story image
Akamai
Akamai announces new products across security, computing
Akamai has announced a series of new products and updates to existing products across its security and compute product lines, including its entry into the infrastructure as a service (IaaS) market.
Story image
SD-WAN
Orange moves Siemens AG’s entire operations to a SD-WAN
Orange Business Services has migrated Siemens AG's entire global operations, 1168 sites across 94 countries, to a SD-WAN
Story image
Sustainability
Siemens showcases new automated solutions for data centers
Siemens has implemented new automated solutions and AI in the Baltic region's largest data center, providing insight into the future of data center management.
Story image
Microsoft
Microsoft unveils adaptive accessories for disability access
Microsoft is introducing an expansive Inclusive Tech Lab to give people with disabilities greater access to technology through new software features and adaptive accessories.
Story image
Sustainability
AirTrunk boosts Japan presence with West Tokyo data center
AirTrunk is planning to build TOK2, a new hyperscale data center in Japan which will strengthen the company’s presence in the country.
Story image
Sustainability
NTT launches IoT Services for Sustainability offering
"We know what actions are needed to build a more sustainable future and have a robust suite of technologies available to help deliver this impact."
Story image
Cybersecurity
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Colocation
Digital Edge chooses Nortek’s StatePoint for new data center
Digital Edge will use Nortek's StatePoint liquid cooling technology in its new data center, the first commercial colocation operator in Asia to do so.
Story image
Data Center
Tier III Ready Datacenter solutions shortlisted for major awards
"These designs will accelerate data center clients' own Tier III certification, reduce the cost, and fast-track their time to market."
Story image
SaaS
Cisco reveals new tech, intends to prevent network issues
Cisco has revealed new technology intended to mitigate costly disruptions by aiding IT teams in learning, predicting and planning.
Story image
Talend
Talend introduces new data health solutions for businesses
Talend has announced its latest version of Talend Data Fabric, with the release of Talend Trust Score enabling data teams to establish a foundation for data health.
Story image
Digital Transformation
EdgeConneX enters Indonesia, plans for data center campus
EdgeConnex has announced it is expanding its presence in Asia with the acquisition of GTN Data Center in Indonesia.
Story image
Databricks
Databricks grows in APAC market, expands into Korea
Databricks officially launches a local office in Seoul, Korea, building on existing partnerships with Cloocus, Megazone and the Weverse Company
Story image
Power / Energy
DigitalBridge makes $30 million equity investment in LEDC
Leading Edge Data Centres (LEDC) has announced it has secured an AUD$30 million equity investment in its regional edge network from an affiliate of DigitalBridge Group, DigitalBridge.
Story image
Sustainability
YTL unveils development of solar-powered data center campus
YTL Power (YTL) has announced the development of a 500MW data center campus in Johor, the first data center park in Malaysia to be powered by solar energy.
Story image
Telstra
Telstra expands business offerings in the Philippines
The expansion aims to offer more choice for customers and enhance connectivity into the Philippines, and within the country.
Story image
Research
New strategies for cloud-native attacks - Aqua Security
New research from Aqua Security reveals attackers are using more sophisticated techniques to target cloud-native environments.
Story image
Microsoft
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Power / Energy
Keysight Technologies introduces new next-gen DPT solution
Keysight Technologies has announced its new next-generation Double-Pulse Tester (DPT) with the PD1550A Advanced Dynamic Power Device Analyser.
Story image
NVIDIA
NVIDIA announces a spate of new innovations at Computex 2022
NVIDIA has announced its latest innovations in data center, robotics, content creation, and gaming in a virtual keynote address on the opening day of Computex 2022 in Taipei.
Story image
Sisense
Data and analytics could be key to higher selling prices in APAC
Sisense's latest report has found that almost half of data professionals in APAC think customised data and analytics can create better selling prices for their products.
Story image
Hyperscale
SpaceDC partners with Aofei for data center sales in Asia
SpaceDC has partnered with Aofei Data International to sell Aofei's data centers, CDN and SDN in China.
Exabeam
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image
Story image
Sustainability
RDA and MVGX partner for sustainable data center development
Red Dot Analytics (RDA) and MetaVerse Green Exchange (MVGX) have entered a strategic partnership to make Singapore's data center development and operations more sustainable.
Story image
Storage
Energy storage demand momentum continues, says BYD
BYD has announced an expansion of its production capacities and will deliver 250,000 units of its energy storage system, BYD Battery-Box Premium.
Story image
APAC
Odaseva expands in APAC and UK with more security features
Odaseva, a data platform for Salesforce, is establishing new headquarters in London as well as a new data center in India.
Story image
Digital Transformation
The Huawei APAC conference kicks off with digital transformation
More than 1500 people from across APAC have gathered for the Huawei APAC Digital Innovation Congress to explore the future of digital innovation.
Story image
Data Center
CBRE finds record levels of investment in APAC data centers
CBRE's new report finds direct investment in the sector more than doubled in 2021, surpassing investment volumes for the past four years combined
Story image
Sustainability
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Cloud
Colt connectivity with AWS increases services in Asia
Colt Technology Services expands cloud connectivity to AWS Direct Connect Hosted services, with speeds of up to 10 Gbps in Asia.
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
Sustainability
Intel unveils new investments for data center sustainability
Intel has announced two new investments, continuing its efforts to create more sustainable data center technology.
Story image
Infrastructure
Report - Data investment the key to better business growth
New research from Digital Realty has revealed that almost half (47%) of IT leaders globally believe their business investment in data systems and infrastructure is a key obstacle or concern.
Story image
Red Hat
Red Hat expands capabilities to provide streamlined application development in cloud
"Application development is undergoing significant change and developers need tools to support this transformation."
Story image
Sustainability
Daikin and SP Group to build new energy efficient district cooling system
The project, set to be complete by 2025, will create a system with a cooling capacity of up to 36,000 refrigerant tonnes (RT). 
Story image
Sustainability
AyalaLand and FLOW partner for data center development
AyalaLand Logistics Holdings Corp (ALLHC) and FLOW Digital Infrastructure have entered into a framework agreement to bolster the development of carrier-neutral data centers in the Philippines.
Story image
Tech Data
Tech Data to use Pluribus Networks’ cloud solutions in APAC
Tech Data says using Pluribus Networks' Unified Cloud Fabric solution will be a "game-changer" for its data center infrastructure customers and partners.