Remote operations, distributed IT staff, integration of cloud services, and ever increasingly sophisticated cyber threats present a more challenging environment for protecting and securing the edge. Modern enterprises need a solid framework to ensure safe, secure, and reliable access at distributed edge locations.
Traditional data center-oriented approaches to security aren’t sufficient, requiring cloud-based software updates, management, automation, centralized security, and isolated data protection services for streamlining and strengthening security at the edge. Some in the industry refer to this as Zero Trust Edge (ZTE).
While not a complete roadmap for implementing a zero trust edge framework, we’ll discuss some common principles and best practices to consider when implementing a modern server storage edge platform that adheres to a zero trust security model.
1. Cloud-controlled Software Updates
Good security at the edge starts with making sure server and storage software are up-to-date with the latest features, bug fixes, and security enhancements. Although, this often requires some level of dedicated onsite staff at remote locations and involves using on-premises management consoles/stations from which to orchestrate and monitor. Not only do these add additional cost and administrative burden but they also can impact resiliency and ultimately expose security vulnerabilities.
By their remote nature, edge locations get little to no administrative attention. They tend to run vulnerable software far longer than required since they often require manual site-by-site, cluster-by-cluster, or even host-by-host interaction to update.
A cloud-control-plane-based approach can provide real-time, up-to-date management capabilities as a service making infrastructure software updates faster, simpler, and more predictable, thus allowing software updates to be done more frequently than traditionally. It can also identify out-of-date firmware and software across all devices, simultaneously providing on-demand or scheduled updates for any number of edge locations.
The nebulon ON cloud control plane update process allows updates to be managed centrally from anywhere while providing real-time guidance for recommended upgrade paths. Updates happening non-intrusively and regularly ensure all edge locations are always at the highest level of feature parity and that bug fixes and security patches are done much more frequently. More frequent and timely software updates mean a greater assurance that security vulnerabilities at the edge are minimized.
2. Cloud-controlled Secure Administration
Streamlining and enforcing consistent access control best practices at the edge can be daunting, and security concerns abound.
Rogue administrators, poorly enforced security policies, and improper or non-existent auditing can make edge locations vulnerable. Are the proper password policies in place? Has two-factor authentication been enabled? Are the same RBAC rules being applied consistently among all edge locations? Who is accessing what, where, and when? Are audit logs easily accessible for all remote sites within a common management endpoint?
A zero trust model ensures that the proper mechanisms are in place to guard against illegal or improper access to edge resources. A cloud-control-plane-based approach acting as a single control point or source of global truth can provide centralized security and permissions management. In addition, outside of the infected domain (on-premises), it provides an additional layer of security an on-premises management console/station cannot.
All actions are role-based access control secured and audited within the nebulon ON cloud control plane to allow and monitor delegated management. nebulon ON is the single source of truth enforcing two-factor authentication coupled with a global view of all user/group accounts and RBAC policies for fine-grained control over who can authenticate (sign in) and is authorized (appropriate permissions) to utilize edge resources. This ensures consistency of access control across all distributed edge locations. In addition, end-to-end encryption using modern TLS between API-client, cloud, and infrastructure prevents eavesdropping. No longer is the integrity of the organization’s security posture threatened due to inconsistencies of the applied security policies or personnel setups similar but not necessarily identical across edge locations.
3. Cloud-controlled Global Management and Automation
Remote management at the edge tends to be poor or non-existent. IT organizations that are unable to enforce strict, centralized, and consistent patch and configuration management are particularly exposed as device-by-device management can result in misconfiguration, inconsistent patch levels, and server configuration “drift” (i.e., deviation from expected server software configurations). This problem is amplified when managing and maintaining hundreds or thousands of servers, making them vulnerable to undetected malware which may lay dormant within the infrastructure.
Onsite visits can be costly, and configuration drift among hundreds of remote edge deployments makes it impossible to tame the administrative chaos. Again, personnel setups may be similar but not always identical across multiple edge locations. Did the right operating system image get deployed? Is encryption of data at rest enabled on all volumes? Did the correct passwords and RBAC policies get set? Is the right retention level configured for the storage snapshots? Is the configuration of the server, its storage, and the policies that govern them get properly configured? The level of entropy at the remote edge can be high, leaving systems potentially vulnerable to security threats.
Additionally, the amount of telemetry that needs to be collected and analyzed from these remote edges to provide actionable insights requires a distributed approach; therefore, monitoring must be cloud-based. It needs an extensive compute platform given the amount of data and the scope of analysis necessary to make proactive recommendations to keep your applications safe.
A zero trust model ensures that every remote edge deployment is identical using automation that enforces all server and storage configurations and application settings to be secure and compliant according to the organization’s policies and mandates. A cloud-based management solution simplifies the edge, providing zero touch remote management, a standard, single API in the cloud, and automation capable of delivering fast & consistent deployments across distributed edge sites.
The nebulon ON cloud control plane allows you to fleet manage all edge sites as one providing zero touch global management from a single API endpoint. Remotely provisioning application-focused infrastructure from anywhere empowers product teams and app-owners with no infrastructure knowledge to deploy and scale best practice infrastructure rapidly. Curated application templates are used to automate the deployment of a secure infrastructure tailored to the needs of the chosen application and guarantee no snowflake deployments that could fall victim to cyber-attacks. Consistency drives reliability and security.
The telemetry and anonymized data being collected by nebulon ON enable it to be specific and articulate in generating action alerts and recommendations. Our extensive compute platform in the cloud applies AI and machine learning techniques to this anonymized telemetry data for predicting and proactively alerting customers of potential security issues with actionable recommendations they can immediately implement without pointing them to another console or self-maintained management software. Additional insights can adjust functionality on-demand based on detected vulnerabilities or surface better recommendations for protecting against a cyber-attack.
4. Isolated Data Protection & Recovery Services
Malware detection consumes valuable host resources, so it’s not often deployed or used. While it may be more common to deploy it in the data center where critical business applications are running, the edge tends to be left out of the picture, yet it’s in a more vulnerable place from a threat standpoint. Detection is important, but it’s the recovery that really impacts the business. Twenty-three days is the average number of days it takes an enterprise to recover from ransomware, according to Gartner.¹ The lion’s share of that recovery time is not the application data necessarily but the operating system and application binaries. Application data is typically protected by snapshot technology, and it’s pretty ubiquitous these days. However, it’s the boot volume, where the OS or hypervisor runs, that is left unprotected and often requires either manual reinstallation or complicated recovery from a backup. It’s a process that usually involves skilled, knowledgeable resources, which tend to be little or none at remote edge locations. This becomes a more daunting effort when this needs to be done at scale (multiple edge locations); especially when networking services might also be compromised.
Nebulon provides powerful edge security protection with 4-minute remote ransomware recovery of both application data and OS. With Nebulon, we only present logical volumes to the OS and applications controlled by a server-embedded PCIe device called a Service Processing Unit (SPU.) The SPU resides in its own isolated secure domain and is the only entity with physical access to the drives and thus can guard against malware encrypting them at the back end. The SPU is a black box, and our built-in snapshot retention rules prevent the deletion of snapshots (even by an admin) prior to their expiration. It is the recovery of these immutable snapshots, that we call TimeJump, which allows an entire cluster (OS, Cluster config, Apps, app data) to be recovered in under 4 minutes. The actual recovery process is a simple push-button, API-accessible mechanism which can be remotely executed from anywhere in the organization.
In extreme cases, where the edge has been cut off from the administration network, personnel on the remote side can be instructed to simply “reboot the server”. Nebulon’s ImmutableBoot is the industry’s first “reboot to recover” cyber-resilient solution for bare metal, virtualized, and container-based systems. ImmutableBoot protects application infrastructure from a ransomware attack or a misconfigured operating environment with a simple server reboot to a known, good operating system version. Essentially, preventing persisting unplanned configuration changes to the operating system volume and accelerating recovery.
Closing in on Zero
Traditional security and infrastructure management approaches don’t support today’s distributed enterprises, which demand competent, secure connectivity from virtually anywhere. A new model, the Zero Trust edge (ZTE), combines management, automation, and centralized security driven by a single cloud control plan coupled with the isolated data protection services of a server-embedded SPU dedicated to streamlining and strengthening security at the edge.
To learn more about how you can take your distributed edge to zero and learn more about TimeJump and ImmutableBoot, core capabilities of Nebulon’s cyber-resilient smartInfrastructure portfolio, register for our on-demand webinar.
¹Gartner, Are You Prepared for a Ransomware Attack