Address your Security Challenges with Zero Trust Model on Dell PowerScale
Mon, 03 Oct 2022 16:39:01 -0000
|Read Time: 0 minutes
Dell PowerScale, the world’s most secure NAS storage array[1], continues to evolve its already rich security capabilities with the recent introduction of External Key Manager for Data-at-Rest-Encryption, enhancements to the STIG security profile, and support for UEFI Secure Boot across PowerScale platforms.
Our next release of PowerScale OneFS adds new security features that include software-based firewall functionality, multi-factor authentication with support for CAC/PIV, SSO for administrative WebUI, and FIPS-compliant data in flight.
As the PowerScale security feature set continues to advance, meeting the highest level of federal compliance is paramount to support industry and federal security standards. We are excited to announce that our scheduled verification by the Department of Defense Information Network (DISA) for inclusion on the DoD Approved Product List will begin in March 2023. For more information, see the DISA schedule here.
Moreover, OneFS will embrace the move to IPv6-only networks with support for USGv6-r1, a critical network standard applicable to hundreds of federal agencies and to the most security-conscious enterprises, including the DoD. Refreshed Common Criteria certification activities are underway and will provide a highly regarded international and enterprise-focused complement to other standards being supported.
We believe that implementing the zero trust model is the best foundation for building a robust security framework for PowerScale. This model and its principles are discussed below.
Supercharge Dell PowerScale security with the zero trust model
In the age of digital transformation, multiple cloud providers, and remote employees, the confines of the traditional data center are not enough to provide the highest levels of security. In the traditional sense, security was considered placing your devices in an imaginary “bubble.” The thought was that as long as devices were in the protected “bubble,” security was already accounted for through firewalls on the perimeter. However, the age-old concept of an organization’s security depending on the firewall is no longer relevant and is the easiest for a malicious party to attack.
Now that the data center is not confined to an area, the security framework must evolve, transform, and adapt. For example, although firewalls are still critical to network infrastructure, security must surpass just a firewall and security devices.
Why is data security important?
Although this seems like an easy question, it’s essential to understand the value of what is being protected. Traditionally, an organization’s most valuable assets were its infrastructure, including a building and the assets required to produce its goods. However, in the age of Digital Transformation, organizations have realized that the most critical asset is their data.
Why a zero trust model?
Because data is an organization’s most valuable asset, protecting the data is paramount. And how do we protect this data in the modern environment without data center confines? Enter the zero trust model!
Although Forrester Research first defined zero trust architecture in 2010, it has recently received more attention with the ever-changing security environment leading to a focus on cybersecurity. The zero trust architecture is a general model and must be refined for a specific implementation. For example, in September 2019, the National Institute of Standards and Technology (NIST) introduced its concept of Zero Trust Architecture. As a result, the White House has also published an Executive Order on Improving the Nation’s Cybersecurity, including zero trust initiatives.
In a zero trust architecture, all devices must be validated and authenticated. The concept applies to all devices and hosts, ensuring that none are trusted until proven otherwise. In essence, the model adheres to a “never trust, always verify” policy for all devices.
NIST Special Publication 800-207 Zero Trust Architecture states that a zero trust model is architected with the following design tenets:
- All data sources and computing services are considered resources.
- All communication is secured regardless of network location.
- Access to individual enterprise resources is granted on a per session basis.
- Access to resources is determined by dynamic policy—including the observable state of client identity, application/service, and the requesting asset—and may include other behavioral and environmental attributes.
- The enterprise monitors and measures the integrity and security posture of all owned and associated assets.
- All resource authentication and authorization are dynamic and strictly enforced before access is allowed.
- The enterprise collects as much information as possible related to the current state of assets, network infrastructure, and communications and uses it to improve its security posture.
PowerScale OneFS follows the zero trust model
The PowerScale family of scale-out NAS solutions includes all-flash, hybrid, and archive storage nodes that can be deployed across the entire enterprise – from the edge, to core, and the cloud, to handle the most demanding file-based workloads. PowerScale OneFS combines the three layers of storage architecture—file system, volume manager, and data protection—into a scale-out NAS cluster. Dell Technologies follows the NIST Cybersecurity Framework to apply zero trust principles on a PowerScale cluster. The NIST Framework identifies five principles: identify, protect, detect, respond, and recover. Combining the framework from the NIST CSF and the data model provides the basis for the PowerScale zero trust architecture in five key stages, as shown in the following figure.
Let’s look at each of these stages and what Dell Technologies tools can be used to implement them.
1. Locate, sort, and tag the dataset
To secure an asset, the first step is to identify the asset. In our case, it is data. To secure a dataset, it must first be located, sorted, and tagged to secure it effectively. This can be an onerous process depending on the number of datasets and their size. We recommend using the Superna Eyeglass Search and Recover feature to understand your unstructured data and to provide insights through a single pane of glass, as shown in the following image. For more information, see the Eyeglass Search and Recover Product Overview.
2. Roles and access
Once we know the data we are securing, the next step is to associate roles to the indexed data. The role-specific administrators and users only have access to a subset of the data necessary for their responsibilities. PowerScale OneFS allows system access to be limited to an administrative role through Role-Based Access Control (RBAC). As a best practice, assign only the minimum required privileges to each administrator as a baseline. In the future, more privileges can be added as needed. For more information, see PowerScale OneFS Authentication, Identity Management, and Authorization.
3. Encryption
For the next step in deploying the zero trust model, use encryption to protect the data from theft and man-in-the-middle attacks.
Data at Rest Encryption
PowerScale OneFS provides Data at Rest Encryption (D@RE) using self-encrypting drives (SEDs), allowing data to be encrypted during writes and decrypted during reads with a 256-bit AES encryption key, referred to as the data encryption key (DEK). Further, OneFS wraps the DEK for each SED in an authentication key (AK). Next, the AKs for each drive are placed in a key manager (KM) that is stored securely in an encrypted database, the key manager database (KMDB). Next, the KMDB is encrypted with a 256-bit master key (MK). Finally, the 256-bit master key is stored external to the PowerScale cluster using a key management interoperability protocol (KMIP)-compliant key manager server, as shown in the following figure. For more information, see PowerScale Data at Rest Encryption.
Data in flight encryption
Data in flight is encrypted using SMB3 and NFS v4.1 protocols. SMB encryption can be used by clients that support SMB3 encryption, including Windows Server 2012, 2012 R2, 2016, Windows 10, and 11. Although SMB supports encryption natively, NFS requires additional Kerberos authentication to encrypt data in flight. OneFS Release 9.3.0.0 supports NFS v4.1, allowing Kerberos support to encrypt traffic between the client and the PowerScale cluster.
Once the protocol access is encrypted, the next step is encrypting data replication. OneFS supports over-the-wire, end-to-end encryption for SyncIQ data replication, protecting and securing in-flight data between clusters. For more information about these features, see the following:
- PowerScale: Solution Design and Considerations for SMB Environments
- PowerScale OneFS NFS Design Considerations and Best Practices
- PowerScale SyncIQ: Architecture, Configuration, and Considerations
4. Cybersecurity
In an environment of ever-increasing cyber threats, cyber protection must be part of any security model. Superna Eyeglass Ransomware Defender for PowerScale provides cyber resiliency. It protects a PowerScale cluster by detecting attack events in real-time and recovering from cyber-attacks. Event triggers create an automated response with real-time access auditing, as shown in the following figure.
The Enterprise AirGap capability creates an isolated data copy in a cyber vault that is network isolated from the production environment, as shown in the following figure. For more about PowerScale Cyber Protection Solution, check out this comprehensive eBook.
5. Monitoring
Monitoring is a critical component of applying a zero trust model. A PowerScale cluster should constantly be monitored through several tools for insights into cluster performance and tracking anomalies. Monitoring options for a PowerScale cluster include the following:
- Dell CloudIQ for proactive monitoring, machine learning, and predictive analytics.
- Superna Ransomware Defender for protecting a PowerScale cluster by detecting attack events in real-time and recovering from cyber-attacks. It also offers AirGap.
- PowerScale OneFS SDK to create custom applications specific to an organization. Uses the OneFS API to configure, manage, and monitor cluster functionality. The OneFS SDK provides greater visibility into a PowerScale cluster.
Conclusion
This blog introduces implementing the zero trust model on a PowerScale cluster. For additional details and applying a complete zero trust implementation, see the PowerScale Zero Trust Architecture section in the Dell PowerScale OneFS: Security Considerations white paper. You can also explore the other sections in this paper to learn more about all PowerScale security considerations.
Author: Aqib Kazi
[1] Based on Dell analysis comparing cybersecurity software capabilities offered for Dell PowerScale vs competitive products, September 2022.
Related Blog Posts
PowerScale OneFS Release 9.3 now supports Secure Boot
Fri, 22 Oct 2021 20:50:20 -0000
|Read Time: 0 minutes
Many organizations are looking for ways to further secure systems and processes in today's complex security environments. The grim reality is that a device is typically most susceptible to loading malicious malware during its boot sequence.
With the introduction of OneFS 9.3, the UEFI Secure Boot feature is now supported on Isilon A2000 nodes. Not only does the release support the UEFI Secure Boot feature, but OneFS goes a step further by adding FreeBSD’s signature validation. Combining UEFI Secure Boot and FreeBSD’s signature validation helps protect the boot process from potential malware attacks.
The Unified Extensible Firmware Interface (UEFI) Forum standardizes and secures the boot sequence across devices with the UEFI specification. UEFI Secure Boot was introduced in UEFI 2.3.1, allowing only authorized EFI binaries to load.
FreeBSD’s veriexec function is used to perform signature validation for the boot loader and kernel. In addition, the PowerScale Secure Boot feature runs during the node’s bootup process only, using public-key cryptography to verify the signed code, to ensure that only trusted code is loaded on the node.
The Secure Boot feature does not impact cluster performance because the feature is only executed at bootup.
Pre-requisites
The OneFS Secure Boot feature is only supported on Isilon A2000 nodes at this time. The cluster must be upgraded and committed to OneFS 9.3. After the release is committed, proceed with upgrading the Node Firmware Package to 11.3 or higher.
Considerations
PowerScale nodes are not shipped with the Secure Boot feature enabled. The feature must be enabled on each node manually in a cluster. Now, a mixed cluster is supported where some nodes have the Secure Boot feature enabled, and others have it disabled.
A license is not required for the PowerScale Secure Boot feature. The Secure Boot feature can be enabled and disabled at any point, but it requires a maintenance window to reboot the node.
Configuration
You can use IPMI or the BIOS to enable the PowerScale Secure Boot feature, but disabling the feature requires using the BIOS.
For more information about the PowerScale Secure Boot feature, and detailed configuration steps, see the Dell EMC PowerScale OneFS Secure Boot white paper.
For more great information about PowerScale, see the PowerScale Info Hub at: https://infohub.delltechnologies.com/t/powerscale-isilon-1/.
Author: Aqib Kazi
Why Fortify with Modern Security and Zero Trust?
Thu, 26 Jan 2023 21:34:59 -0000
|Read Time: 0 minutes
Today’s infrastructure landscape is rapidly changing. Customers’ data is scattered — across cloud, multi-cloud, core datacenter, and edge. And with that comes a more challenging threat landscape. The security provisions you deployed yesterday may not be ready for today’s security reality. Cyberattacks can come from anywhere — inside and outside of your organization. This means that you must have a comprehensive and continuous security strategy that is cyber resilient and enables zero trust principles.
Why bother with a comprehensive approach like zero trust?
Cyber threats are real. And the damage caused by attacks can be costly and devastating. Likewise, regulatory pressures (from a compliance, financial, and liability perspective) that have come about as a result of these attacks are growing.
This, combined with the complexity of the modern IT infrastructure and the sophistication of today’s threat landscape, requires a trust model that validates at every point in the IT environment before permissions are granted.
Zero trust is an approach to security that assumes that every part of your infrastructure is at risk — requiring continuous verification and validation. While the purpose of this blog is not to talk in depth about what zero trust is, we do want to explain its validity given today’s threat landscape and explain how Dell Technologies’ cyber-resilient architecture is the foundation for the critical elements of a zero-trust environment.
Learn more about how Dell provides broad coverage across these pillars in our Zero trust architecture infographic.
You might be wondering, why does zero trust have so many categories? The simple answer is that you need as complete and continuous coverage as possible across your infrastructure if you want your security efforts to be successful. For example, your organization might do encryption really well. But this doesn’t matter if you don’t have strong multifactor authentication to identify the users of that encrypted data. Your organization is only as secure as your weakest link, which is why focusing on all seven pillars is your best defense in combating threats.
While the ultimate goal is to keep attacks from coming in at all, rejecting them at the point of entry, that’s not always possible. The zero-trust model requires more refined validation at key intersections for verified trust, optimizing least privilege without impacting workload efficiency. However, if a breach does occur, the sphere in which they could do damage should be minimized, along with an enhanced ability to detect and remediate immediately. Dell Technologies’ cyber-resilient architecture, enhanced over many years, is the foundation for the critical elements of a zero-trust environment.
What is the value of having a cyber-resilient architecture?
In simple terms, cyber resiliency within your infrastructure is what helps minimize the exposure to attacks. Dell Technologies solutions are hardened and designed to help you protect, detect, and recover from cyberattacks.
Dell, of course, has been talking about its cyber-resilient architecture for a long time. What’s changed now, however, is that given the emerging threat landscape, we can see how zero trust goes hand in hand with a cyber-resilient architecture. And it’s why we’re continually making enhancements to our cyber-resilient architecture: to provide even greater visibility, risk reduction, and resilience — so that your infrastructure intrinsically supports a zero-trust approach.
We’ll explore cyber resiliency in more detail in a later blog. For now, you can find additional information about Dell’s cyber-resilient architecture in our infographic and video.
Why partner with Dell?
Dell creates the products and features to help you meet your zero-trust goals. We also watch the regulatory landscape to make sure that our solutions meet industry standards and exceed capabilities in the area of security. We do this through:
Processes: Delivering a cyber-resilient architecture requires security awareness and discipline at each stage of development. The Dell Secure Development Lifecycle (SDL), for example, outlines the set of activities required throughout the product lifecycle to promptly build security resiliency and consistent security capabilities into our products and respond to any security vulnerability.
Additional security solutions: In addition to embedding layered security into our products, we provide standalone security solutions focused on specific areas, like data protection. If data does get compromised, you want a backup system that enables business continuity and provides assurance that the backup itself hasn’t been compromised. Offerings like Dell PowerProtect Cyber Recovery and CyberVault enable a robust backup, including the use of Airgap and CyberSense to detect anomalies and mitigate potential problems that could compromise your data.
Simplification: Security controls are useless if they’re not being used. While Dell provides you with sophisticated security controls, we’ve also significantly simplified their use and deployment. Look for more information about “security complexity” in a later blog.
Supply chain security: At Dell, we’re also focused on personnel, operational, and supplier provisions for supply chain security. We have technologies and programs in place, like Secured Component verification that enable the verification of your components from the factory to your site.
Regulatory certifications: We closely monitor regulatory requirements around the world — and make sure our solutions contain the certifications (FIPS, USGv6, Common Criteria, and others) that matter to you. With this focus, we’re able to provide security controls that match emerging regulatory requirements, helping to keep your business secure and compliant.
This is just a glimpse of what Dell Technologies is doing in this space. As Cybersecurity Awareness month kicks off, please take time to read the follow-on blogs in this series and discover the different ways that Dell Technologies is working hard to protect your business.
Author: Craig Phelps