Security in the Data Center

The security can be divided in physical and logical security, both of them are a must to consider on your data center, in this post we are going to introduce you to the basics of the security in a data center and we are also going to explain you some basic things to consider at deploying the security of your network. We will start by few councils on how the physical security of your data-center should be oriented:

Physical security:

Place your network layers into different spaces, protected with different measures. Devices situated more to the core of the network are more important for the good performance rather than a simple access switch.

Be aware of surroundings it’s also important. When you try to fit your data center in the centric spaces of your building, you are decreasing the chances of the non-authorized personnel to get into your network facilities.

Train your employees against intentional sabotage and lack of policies. People try to be helpful and kind with their co-workers, this might go against you, as intruders could use social engineering for gaining access to some compromised information, it’s important to train your employees to stick to the security policies of the company and to stick 100 percent to it.

Perform regular internal audits even if you got some enterprise to perform audit, do your own ones. By trying to find blind spots in your infrastructure and weakness in your measures you can detect easier new and old security holes.

Lock everything, this is very basic, but we must say it, lock everything, from racks, to closets of material, don’t forget to place security cameras and other kind of detection sensors, there shouldn’t be any door open, and if the space has no windows even better. Installing biometrics it’s a very popular current trend, so everyone who wants to access the facility has to prove who is him/her by a personal key and by his/hers identity.

Logical security:

Unified management console: concentrate your collected data in one single place, and make sure to collect useful data. It’s important to present the information collected in a user friendly GUI, so it’s easier to understand everything.

Scan for applications and vulnerabilities: Scan regularly your network for vulnerabilities it’s a must in every self-respecting data center, you can do it by your own or with networks tools, like Nessus from Kali and Backtrack. The benefits of this practice it’s that you will be able to neutralize most of the threats of your network by fixing them before they go more serious, also will let you gather information from your network to be aware of the state of it.

Coordinate communication between security devices for visibility into data flows: The concept of coordinating networking devices, firewalls, SSL devices, and intrusion prevention solutions becomes useful in a cloud computing infrastructure

Choose security technologies that are virtualization-aware or enabled: with security working at the network level rather than the server, network security should be integrated at the hypervisor level to discover existing and new virtual machines and to follow those devices as they are moved or scaled up so that policy can be dynamically applied and enforced.