Data Center Security
Data Center Security
Hi everyone! In today’s post we will talk about a really critical requirement which our Data Center must meet: Security.
When talking about security in networking and applications we have to mention some topics that will be the key points of our security system.
The firewalls are devices that will control and monitor the incoming and outgoing traffic and that will manage this traffic according a set of security rules that we must define. Firewalls can be installed inside our Data Center in order to avoid having malicious traffic traveling inside our network or can be placed in the boundaries of our network to prevent external attackers to breach inside our systems.
A web application firewall is used to monitor and block traffic to and from a web application. This is used to prevent attacks like cross-scripting or SQL injections and to prevent attackers to take advantage of any security misconfiguration inside an application. This devices work together with the traditional firewalls in order to cover all angles of the security requirements.
An intrusion detection system is a software application that scans our network and traffic looking for malicious and unauthorized uses or accesses and reports them in order to help the IT Security department to protect the sensitive data that our Data Center handles. If necessary, the IDS will send a notification to the monitoring system or a SIEM in order to quickly trigger an intervention.
Denial of Service attacks occur when someone or something generates a massive amount of traffic to our network. The devices and systems can’t handle this huge amount of data (queries, connections, requests, etc…) and start to work slower or even collapse making our services and applications unreachable. This will be a very ugly scenario when dealing with a financial entity because a couple of hours or even minutes of down-time can result into a loss of money.
Data leak prevention is a key part of our Data Center security system because of the amount of confidential data stored in our servers. This software monitors the traffic and blocks streams of data that may contain sensitive information in order to prevent ex-flitrations and data security breaches.
All this topics must be considered when choosing the products and designing the security system that is going to be implemented. We must compare between all the options in the market and try to meet the maximum of requirements possible.
See you in future posts!