CloudLink 7.1: Simplifying datacenter security
Fri, 23 Apr 2021 12:10:59 -0000
|Read Time: 0 minutes
Are you feeling safe about the security of your data center’s infrastructure? Chances are, you aren’t. According to a recent poll1, 74% of customers report experiencing some form of cyber attack in the last twelve months, and 86% were concerned about potential cyberattacks. Clearly, data center security is a topic than can no longer be ignored - and most of our customers are taking steps to ensure their data is safe. Yet even though it’s necessary, adopting data center security can be confusing, complex, and difficult to implement.
Dell EMC CloudLink aides our customers in this effort by being reliable, flexible, and easy to use. Our 7.1 release adds new tools to our toolbox including shallow rekey for our Container based encryption, support for vVols encryption and IPv6 only environments, and the new Secure Configuration Summary page designed to make security audits of CloudLink a breeze.
Every security related framework published discusses the need for regular monitoring and assessment of implemented security controls to ensure that the products and deployment are meeting relevant industry standards. Such activities usually include the dreaded yearly security audit. Datacenter administrators view this effort with disfavor because it takes time out of their already busy schedule to walk through the deployment with the auditor to prove compliance.
In the past we’ve heard from our customers that the CloudLink GUI is easy enough to navigate that security audit reviews weren’t too painful, but they occasionally expressed that it would be nice to make them a little bit easier. Well we heard their requests loud and clear and have obliged with the Secure Configuration Summary. We’ve gathered the information commonly requested during security audits onto one page so when the security administrator and auditor go to CloudLink for a review, it’s a one stop shop.
With audits though, simply viewing configuration settings isn’t enough as most auditors require tangible proof to attach to their reports. Screen shots work but we offer something better – the ability to export the configuration settings provided on the summary page. As with most of our GUI pages, you can export the Secure Configuration Summary to a handy-dandy spreadsheet which can be presented directly to the auditor. A one click audit review – can it get any easier than that?
Of course, not all audits are the same and some requirements are more extensive than others. To accommodate this eventuality, our summary page provides direct links to the configuration pages for each setting. If an auditor needs more information on a particular configuration, simply jump to the relevant page, review, and download an export if needed.
Encryption is hard and it can be a challenge to understand, implement, and maintain. We understand that most of our customers are not in the datacenter security business. CloudLink strives to make data encryption in the datacenter a simple, set it and forget it task, so that our customers can focus on their core business, not on trying to figure out how to keep their data safe – that’s our job.
If you would like to know more about CloudLink and our latest release please visit our website and reach out to your Dell Technologies sales team to ask how we can make data encryption easy for you too.
1 Source: statista.com
Related Blog Posts
The Benefits of Composable Infrastructure for VMware Cloud Foundation on vSAN Ready Nodes
Thu, 25 Aug 2022 15:53:40 -0000
|Read Time: 0 minutes
Discussions comparing the public cloud to on-premise architectures have shifted to discussions about the best way to build a hybrid model.
Multi-cloud delivery services alongside on-premise infrastructure seems to provide the versatility that organizations need for business critical missions, however they are often complex and costly. Ending up with multiple administrative teams, toolkits, and processes doesn’t appeal to most organizations as a winning horse.
As usual, simplicity comes to our rescue. An integrated offering that provides customers with the advantages of both the public cloud and an on-premise infrastructure helps organizations with the following:
- Control infrastructure price and performance
- Improve their deployment times and thus time to value
- Minimize cost and complexity, through a single set of skills and tools
Most organizations that are interested in these benefits are not prepared to build a hybrid cloud themselves. Running an on-premise datacenter or building assets in the main public cloud tends to be more familiar for most IT teams, but managing both at the same time may be beyond the capabilities of some existing IT teams.
In these cases, a trusted partner that brings guidance and innovation to follow this path is crucial. Such a partner can provide a set of familiar management tools with all the administrative and analytics capabilities required to monitor business workloads—such as tools that can be extended to multiple public cloud providers, giving organizations the advantages of compelling cost, efficiency, and speed.
Because most organizations today are using virtualized on-premise infrastructure, VMware comes to my mind as a perfect partner for this journey, having a mature technology offering to help companies build a hybrid cloud.
VMware on Dell offers infrastructure to build a foundational hybrid cloud. This architecture makes the on-premise more cloudy and enables workload mobility to place every workload, whether it is in a public cloud or in our on-premise infrastructure.
Dell PowerEdge MX offers a software defined data center that empowers organizations towards a hybrid cloud model. For example, when this infrastructure is coupled with VMware Cloud Foundation (VCF) and VMware on AWS organizations can build a hybrid cloud using popular VMware tools and capabilities.
Figure 1: MX composable infrastructure chassis
MX chassis is built with capabilities that perfectly match vSAN requirements. Each node can hold six drives, which ensures that that two of the drives are caching devices within the vSAN cluster for optimal performance.
A low latency smart fabric is built into the MX design. This minimizes the risk that lack of throughput or excessive latency presents for a hybrid cloud deployment. Expandable and extensible by design, the MX family can deliver cloud value across many technology generations.
Dell MX management is integrated with VMware Cloud Foundation 4.x. The MX hardware has the systems’ management and APIs to hook into the VMware consoles that customers are used to. This way we can deploy VCF into the MX infrastructure though a simplified path that eliminates tedious stepwise processes around setup, monitoring, provisioning, and management.
Dell and VMware have also worked together to improve telemetry and insight, giving operators an improved view of resource utilization for each node and chassis in the MX infrastructure.
In summary, the advantages of running VCF on Dell vSAN Ready Nodes based on PowerEdge MX servers include:
- A scalable network design that provides a low latency, automated and not oversubscribed fabric to support any workload deployment the business may need
- A secured stack all the way from the hardware to the VMware management console
- An integrated management with tool set that helps IT admins provision, monitor, and maintain their MX based vSAN Ready Node farm. One console can manage multiple chassis and even other server and storage types.
Figure 2: MX integrated management simplifies hybrid cloud operations
One way to see the integration of VCF with MX based vSAN Ready Nodes in action is to deploy a new workload cluster of Dell vSAN Ready Nodes MX750c into an existing VCF infrastructure.
Principled Technologies performed this test and showed how simple and straightforward the expansion process is with MX servers. They also showed, by following the same expansion process with two generations of MX servers (MX740c and 750c), that the tools and processes remain the same across server generations.
The engineers completed the expansion process in just two hours and 21 minutes. It took the same time for each of the two server generations.
For more information about this test case, see the Principled Technologies report.
Conclusion
Although building a functioning hybrid cloud to support real business workloads may look complex, it can be simplified if by using the proper technologies and tools. VCF combined with Dell vSAN Ready Nodes MX composable infrastructure offers a perfect duo to reach an organization’s hybrid cloud goals.
You can read more about Dell vSAN Ready Nodes at the Dell Technologies Info Hub.
Author information
Iñigo Olcoz
Twitter: @virtualOlcoz
References
New File Services Capabilities of PowerFlex 4.0
Fri, 12 Aug 2022 14:25:22 -0000
|Read Time: 0 minutes
“Just file it,” they say, and your obvious question is “where?” One of the new features introduced in PowerFlex 4.0 is file services. Which means that you can file it in PowerFlex. In this blog we’ll dig into the new file service capabilities offered with 4.0 and how they can benefit your organization.
I know that when I think of file services, I think back to the late 90s and early 2000s when most organizations had a Microsoft Windows NT box or two in the rack that provided a centralized location on the network for file storage. Often it was known as “cheap and deep storage,” because you bought the biggest cheapest drives you could to install in that server with RAID 5 protection. After all, most of the time it was user files that were being worked on and folks already had a copy saved to their desktop. The file share didn’t have to be fast or responsive, and the biggest concern of the day was using up all the space on those massive 146 GB drives!
That was then … today file services do so much more. They need to be responsive, reliable, and agile to handle not only the traditional shared files, but also the other things that are now stored on file shares.
The most common thing people think about is user data from VDI instances. All the files that make up a user’s desktop, from the background image to the documents, to the customization of folders, all these things and more are traditionally stored in a file share when using instant clones.
PowerFlex can also handle powerful, high performance workload scenarios such as image classification and training. This is because of the storage backend. It is possible to rapidly serve files to training nodes and other high performance processing systems. The storage calls can go to the first available storage node, reducing file recall times. This of course extends to other high speed file workloads as well.
Beyond rapid recall times, PowerFlex provides massive performance, with 6-nines of availability1, and native multi-pathing. This is a big deal for modern file workloads. With VDI alone you need all of these things. If your file storage system can’t deliver them, you could be looking at poor user experience or worse: users who can’t work. I know, that’s a scary thought and PowerFlex can help significantly lessen those fears.
In addition to the performance, you can manage the file servers in the same PowerFlex UI as the rest of your PowerFlex environment. This means there is no need to learn a new UI, or bounce all over to set up a CIFS share—it’s all at your fingertips. In the UI it’s as simple as changing the tab to go from block to file on many screens.
The PowerFlex file controllers (physical) host the software for the NAS servers (logical). You start with two file controllers and can grow to 16 file controllers. Having various sizes of file controllers allows you to customize performance to meet your environment’s needs. The NAS Servers are containerized logical segmentations that provide the file services to the clients, and you can have up to 512 in a cluster. They are responsible for namespaces, security policies, and serving file systems to the clients.
Each of the file volumes that are provided by the file services are backed by PowerFlex volumes. This means that you can increase file service performance and capacity by adding PowerFlex nodes to the storage layer just like a traditional block storage instance. This allows you to independently scale performance and capacity, based on your needs.
The following table provides some of the other specs you might be wondering about.
Feature | Max |
FS Capacity | 256 TB |
Max file size | 64 TB |
# of files | 10 billion |
# of ACLs | 4 million |
User File Systems | 4096 |
Snaps per File System | 126 |
CIFS | 160000 |
NFS exports | 80000 |
Beyond the architectural goodness, file storage is something that can be added later to a PowerFlex environment. Thus, you aren’t forced to get something now because you “might” need it later. You can implement it when that project starts or when you’re ready to migrate off that single use file server. You can also grow it as you need, by starting small and growing to a large deployment with hundreds of namespaces and thousands of file systems.
With PowerFlex when someone says “file it,” you’ll know you have the capacity to support that file and many more. PowerFlex file services provide the capability to deliver the power needed for even the most demanding file-based workloads like VDI and AI/ML data classification systems. It’s as easy managing the environment as it is integrated into the UI.
If you are interested in finding out more about PowerFlex file services, contact your Dell representative.
Author: Tony Foster
Twitter: @wonder_nerd
LinkedIn
1 Workload performance claims based on internal Dell testing. (Source: IDC Business Value Snapshot for PowerFlex – 2020.)