Welcome!

AJAX & REA Authors: Elizabeth White, Liz McMillan, ChandraShekar Dattatreya, David H Deans, Trevor Parsons

Related Topics: Cloud Expo, Java, SOA & WOA, Virtualization, Security, SDN Journal

Cloud Expo: Article

When Is a Stack Not a Stack? When It's Unified in the Cloud

All the right tools do not necessarily give you the best visibility across your enterprise

While trawling the blogs, feeds and news I came across an analyst’s article about best security practices in which he kept referring to “the stack.” And by this, he meant a multitude of various solutions that address certain security needs and capabilities; everything from email filtering, firewalling, authenticating, credentialing, logging and intrusion detection, etc...

And, if you read my blogs often enough, you know I am a big proponent of unified security. However, unified security is not a stack. It is easy to be confused as both look to utilize best of breed tools to prevent negative impact on IP assets. A stack references a number of technologies where each operates independently from one another. Single sign on by itself is a sufficient tool, but when operating alone in its own silo, important contextual information is lost.

The unified approach, as I describe in REACT, is a collaborative practice whereby each tools’ capabilities are cooperatively leveraged. It is a tightly integrated system where everything is correlated in real time in order to provide an accurate and up-to-the-moment view of who is doing what and how to your online and network resources. For example all the data collected from identity or access management is shared with SIEM and Log Management. Unification is about better visibility. It marries the features and functionality into a central understanding of what is truly going on in your network.

As 451 Group analyst and research director Rachel Chalmers said, “It takes more than a firewall to secure virtual infrastructure.”

Let’s look at unified security collaboration (UniSec) from a more practical standpoint. Your company has invested in several cloud-based database/CRM and other useful (legacy) applications. In some cases sensitive data exists somewhere in these apps—passwords, customer numbers, invoices, even personal/personnel information. Now single sign on makes it easier for authorized users to log into these resources. Identity management provisions (based on roles/rules) what specific assets they can see. If it ends there, you have partial visibility. You have controlled information and get the necessary reports. They only cover certain applications, but not the entire expanded network.

However, you also use a log management tool. So every log on is noted in some machine code and filed away for further review. But, your security designee is now reviewing similar data in multiple places. And, it’s often without context and days or weeks after any particular incident.

Now assume your company also has SIEM or some version of intrusion detection. Is it looking at Active Directory log ons? Is it looking at application usage? Is it notating unusual activity? Is it doing so in real time?

If stacked, you potentially have all the tools but, like a thoroughbred with blinders, it doesn’t see to the left or right. These tools do their job, but if they are performing in parallel, your visibility is limited. When unified through a REACT (real time event and access correlation technology) platform, a very different picture may emerge. Because an active SIEM correlates data from multiple silos of information, what looked like a simple log in, now is suspect (or vice versa). Who is accessing the database and making modifications at 3 in the morning? Who is using an unsecured device? Why does R&D need access to payroll records? Why is a retired password being used to log on…from an IP address in Bulgaria? Mr. Jones is no longer an employee, but has logged in 3 times this week and accessed our customer list.

And most importantly, what can be done with enhanced visibility? Faster, better decisions; quicker response to potential harmful situations; smarter deployment of personnel and computing resources. And that the reporting and the capabilities are all controlled centrally removes the time and effort to compile and analyze all the silos independently.

The unified approach addresses the broader threat landscape. Threats aren’t always large brute force attacks by some army of hackers trying to knock down the castle door with a battering ram. In most cases they’re considerably more subtle, but just as destructive. So if you can intelligently correlate information from a variety of sources, the greyer, more problematic issues can be addressed, alerted and remediated.

Now bundle it up as a cloud-based security initiative and there emerges other tangible and budgetary benefits. Companies who were certain they could only afford firewall and malware protection can now deploy an enterprise-grade security program complete with live security-as-a-service analysts monitoring 24/7. The scalability and agility make this option very attractive and very affordable for most modest or budget restrictive companies.

It is a great first step if an organization makes the investment in such tools as SIEM, Log Management, Single Sign On, Identity and Access Management. If you can afford it and have the manpower the proactively manage it, great. However, not to belabor the point, having all these tools can be like having lumber, nails, appliances, carpeting, concrete, etc…but if it doesn't “work” together, it is not a house, it is simply a stack of  useful parts. . Unification makes it a house…and the cloud makes it a home!

Kevin Nikkhoo
Unified!
www.cloudaccess.com

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo – to be held June 9-11, 2015, at the Javits Center in New York City, NY – is now accepting Hackathon proposals. Hackathon sponsorship benefits include general brand exposure and increasing engagement with the developer ecosystem. At Cloud Expo 2014 Silicon Valley, IBM held the Bluemix Developer Playground on November 5 and ElasticBox held the DevOps Hackathon on November 6. Both events took place on the expo fl...
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...
There's Big Data, then there's really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at Big Data Expo®, Hannah Smalltree, Director at Treasure Data, discussed how IoT, Big D...
The Internet of Things promises to transform businesses (and lives), but navigating the business and technical path to success can be difficult to understand. In his session at @ThingsExpo, Sean Lorenz, Technical Product Manager for Xively at LogMeIn, demonstrated how to approach creating broadly successful connected customer solutions using real world business transformation studies including New England BioLabs and more.
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrateg...
Fundamentally, SDN is still mostly about network plumbing. While plumbing may be useful to tinker with, what you can do with your plumbing is far more intriguing. A rigid interpretation of SDN confines it to Layers 2 and 3, and that's reasonable. But SDN opens opportunities for novel constructions in Layers 4 to 7 that solve real operational problems in data centers. "Data center," in fact, might become anachronistic - data is everywhere, constantly on the move, seemingly always overflowing. Net...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and asse...
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the ...