Secure By Default

Is hyper-converged infrastructure (HCI) more secure than traditional infrastructure? Yes, or at least it has the opportunity to be. Traditional solutions, including converged infrastructures are ‘stuck’ in baselines, because a third party has to “approve” changes made to the baseline – which can take months to years. That leaves a traditional infrastructure open to every publicly known attack vector announced for any script kiddie to attack your preciously secured legacy baseline. Hyper-converged solutions can and do supply updates much faster to significantly reduce the threat landscape – because they are not concerned with the vast complexities of interoperability challenges updating software versions present in traditional solutions.

Traditional solutions are nothing more than integrated hodgepodge of independently developed products integrated together, think VCE or FlexPod. Security best practices are forced to be laxed because of interop, weakening the design. Hyper converged solutions are developed together, and as such, can be/are developed to be much more secure than traditional solutions will ever be as they act as a single software platform, not integrated by a third party with no access or modification of the source code of the duct taped integration.

Does that mean all HCI are same? No. Nutanix has taken great strides to lead with security. While I wasn’t close to the deal I can almost bet my years wage that the FBI selecting Nutanix for VDI had lots to do with security. The issues mentioned to above are in large part taken care of Nutanix’ Security Development life-cycle (SecDL) and the automated Security Technical Implementation Guides STIGs. SecDL and the automated STIGs set Nutanix apart from any other HCI vendor.

The newly written Security Tech Note from Nutanix goes thru the SecDL and what the STIGS have to offer customers. The ability to shrink a time consuming process from months to minutes in both development and hardening is helping to keep Nutanix customers secure from emerging threats that have no signs of slowing down.

Please read the Security Tech Note and let me know what you think.

< Download here >

< Video on KVM security automation >

Speak Your Mind