Introducing Dell EMC CloudIQ Cybersecurity
Looking past 2020, you couldn’t stop but notice that hackers are trying to steal as much as digital bytes they could, no stone was left behind, identificaton, user data, you […]
Dell Storage, PowerStore, PowerFlex PowerMax & PowerScale, Virtualization & Containers Technologies
Looking past 2020, you couldn’t stop but notice that hackers are trying to steal as much as digital bytes they could, no stone was left behind, identificaton, user data, you […]
Looking past 2020, you couldn’t stop but notice that hackers are trying to steal as much as digital bytes they could, no stone was left behind, identificaton, user data, you name it! So ‘Security’ is a very big term that means, many things to many people so what about, ‘CyberSecurity’? Looking at TechTarget defintion : “Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems”. Ok, so couple of years ago, we thought, our storage arays are a good mixture of hardware + software, they are connected to many servers and we should try to protect them at the infrastructure layer as much as we could, and yes, there are many options to already do so at the product level, most are documented but many customers don’t read all the documenhtion so it should be built-in or at least, warn you about issues. Enter CloudIQ Cybersecurity: Dell Technologies has expanded the capabilities of it CloudIQ AI/ML-based proactive monitoring and analytics application to include cybersecurity monitoring. CloudIQ will assess if infrastructure security configurations adhere to a user’s chosen policy and will proactively notify them of misconfigurations and recommend actions to quickly reestablish security.
Why spend hours manually checking infrastructure security configurations every day or leave infrastructure vulnerable if you don’t have time to check them, when automation can notify you when security is misconfigured and what to do about it?
What are security configurations and why are they important? To keep IT infrastructure meeting business’s needs, IT administrators tune infrastructure performance and capacity, similar to mechanics tuning your car. Systems administrators must have access to each IT system’s components (e.g., CPU, memory, disk drives, ports, system software/firmware, etc.) to make the necessary configuration changes. But these configurations (or settings) must be locked down to keep out cybercriminals. Infrastructure misconfiguration opens organizations to intrusion and is considered to be a leading threat to data security (e.g., within the top 10 security risks according to the Open Web Application Security Project foundation). CloudIQ monitors security configurations to reduce IT infrastructure’s attack surface and visibility to cybercriminals. Called “infrastructure hardening,” security configurations are the foundation for a comprehensive cybersecurity solution, which includes a host of security applications and processes beyond above the hardened infrastructure. What is the advantage of having cybersecurity monitoring in CloudIQ? Infrastructure misconfiguration opens your organization to cyber-intrusion and is a leading threat to data security. Using the same application for monitoring infrastructure health cybersecurity keeps security top-of-mind with system administrators, who are best positioned to quickly remediate security misconfigurations because they are the people closest to infrastructure every day. Dell EMC CloudIQ Cybersecurity is a Tier-3 cloud-based software that is part of CloudIQ SaaS solution and provides an inherent, simple, and reliable solution for Cybersecurity risk assessment in various ISG products (starting with PowerMax and PowerStore storage systems). CloudIQ Cybersecurity will support the organization’s business functionality by reducing the attack surface and visibility to cybercriminals. CloudIQ Cybersecurity will provide an on-going Cybersecurity risk assessment on selected and important security configurations and setups. It presents the impact of the Cybersecurity risk on a specific and/or family of systems. CloudIQ Cybersecurity does not impact the system health score and provides a new and dedicated Cybersecurity risk level. CloudIQ Cybersecurity will present to the customer new information on his system’s Cybersecurity status all the time. Cybersecurity is a feature in CloudIQ (our Saas monitoring) that provides, an inherent, simple, and reliable solution for cybersecurity risk assessment. It provides an ongoing risk assessment on selected security configurations and setups. Is my cybersecurity information safe in CloudIQ? Yes. CloudIQ uses the same, proven network that customer’s systems use to automatically call home the Dell Technologies data center for support. The cybersecurity data is safely stored with CloudIQ and with privacy controls, the Dell Technologies data center. CloudIQ supports Role-Based Access Control (RBAC), so only users designated by the primary CloudIQ user (e.g., storage system administrator) are allowed to see cybersecurity information. Which infrastructure products does CloudIQ cybersecurity support today? CloudIQ cybersecurity will support PowerMax (available May 26, 2021 with Unisphere 9.2.1.0 and beyond) and PowerStore (planned availability June 9, 2021 for PowerStore 2.0.0.0 and beyond). CloudIQ also supports health, performance and capacity monitoring and analytics for PowerMax and PowerStore. What is the cost of CloudIQ cybersecurity? Cybersecurity is a new standard feature for CloudIQ, and CloudIQ is included in customer’s ProSupport Enterprise contract at no extra cost. The primary user will be the system administrator who uses CloudIQ today to monitor and troubleshoot system health, performance, and capacity, but IT security specialists can also use CloudIQ dashboards and the policy tool. What are the three big benefits? CloudIQ Cybersecurity helps you:
Key features that deliver the three big benefits. Reduce risk with:
Manage Policy with:
Improve Productivity with:
Now, let’s discuss some defintions that are important to understand within the context of CloudIQ Cybersecurity:
Now, enough with the theoretical materials, let’s see some screens:
EDIT
The following table describes the CloudIQ Cybersecurity risk levels and when each level can occur:
Risk Level: | Occurs when: |
Normal | •There are no Active Cybersecurity issues. •The number of tests in the plan is above 70% of the available tests, and the number of tests in the plan is greater than 5. |
Low | •There are 1 to 2 Active Low severity Cybersecurity issues. •The number of tests in the plan is above 70% of the available tests, and the number of tests in the plan is greater than 5. |
Medium | •There are 1 to 5 Active non-High severity Cybersecurity issues where at least one is Medium severity, and the number of tests in the plan is greater than 5. •There are greater than 5 Active Low severity Cybersecurity issues, and the number of tests in the plan is greater than 5. |
High | •There is at least one High severity Cybersecurity issue, and the number of tests in the plan is greater than 5.
•There are greater than 5 Active non-High severity Cybersecurity issues where at least one is Medium severity, and the number of tests in the plan is greater than 5. |
User is at the overview page
User clicks on link, in the cybersecurity widget User is routed to System Risk page
tab
System name and link to Switch to list its cybersecurity tab view
• Switch between cybersecurity issues and evaluation tabs:
UI flow
UI flow
System name
You can see a demo of the CIQ Cybersecurity UI, below
more posts:
Dell Technologies Bolsters AIOps with Cybersecurity | Dell Technologies
Introducing Cybersecurity for CloudIQ – mybitstream
And, the datasheet