Dell EMC has introduced cybersecurity features into CloudIQ, its AIOps application for Dell EMC IT infrastructure products.
CloudIQ supports PowerMAX, PowerStore, PowerScale, PowerProtect, VxBLock, VxRail, as well as older arrays and filers such as Isilon, PowerVault, Unity, SC, VMAX, and XtremIO, plus APEX storage and Connectrix switches. The latest iteration adds CloudIQ cybersecurity using machine learning, and assesses security status as well as an array’s performance, capacity and general health.
We saw a pre-publication blog by Greg Findlen, VP Product Development, Engineering, for Dell Technologies, which reads: “We’ve implemented cybersecurity with the kind of proactive monitoring, notification, and recommendation capabilities that CloudIQ provides to system administrators for addressing infrastructure health, performance, and capacity issues.”
CloudIQ cyber security checks if an IT infrastructure is appropriately hardened — ie, that security configurations adhere to an IT team’s set policy, notifies IT/security specialists of misconfigurations, and recommends actions to make data storage safer.
FIndlen writes that Infrastructure policies regarding role-based access control, default administrative passwords, data at rest encryption enabling, and NFS security levels are foundational to what he terms infrastructure hardening. Misconfiguring an infrastructure can leave gaping holes for attackers.
Layered security elements on this foundation may include network micro-segmentation, firewalling, incident detection and protection. He suggests using VMware NSX for the network aspect and Carbon Black for incident detection/protection.
He blogs: “Our security engineering team has programmed CloudIQ to continuously evaluate infrastructure security misconfigurations and provide recommendations for remediation.
“You initiate CloudIQ to collect and store your systems’ cybersecurity data via a secure Dell Technologies network; you choose the security configurations to define your policy, and CloudIQ evaluates the data, notifies you of misconfigurations and what to do about them.”
CloudIQ initially supports cybersecurity for PowerStore and PowerMax storage systems, and it’s planned to expand its cybersecurity coverage across Dell’s infrastructure systems portfolio.
We understand CloudIQ is restricted to evaluating Dell Technologies’ products — fine in a homogenous Dell Technologies environment, but no help outside it.
Comment
Adding security policy adherence to a storage array/HCI performance, capacity and status checking service is a simple enough idea. It requires additional telemetry from the monitored systems and provides a so-called closed loop system. It can’t check if attackers using stolen credentials are accessing the monitored systems, but it can check if the security basics are in place — like making sure the office door is locked when you are away.
Over time the capabilities can be extended to more systems and integrated with upstream security systems through supplier partnerships — Virtana for example, or Cisco Intersight and AppDynamics. Dell says CloudIQ is an AIOPs product, and AI-based Security Ops (AISOps?), looking beyond Dell kit confines, would seem a logical and useful extension — particularly in this ransomware pandemic period.
Check out a CloudIQ datasheet to find out more.