Expert Tips: How to find out where data center vulnerabilities are located

Each data center has potential areas of weakness, ranging from security strategies that are far from ideal to infrastructure issues, to network failures and physical environments. But unfortunately, no single product can solve all the weak points, but we have a way to find the point of failure, which is the first step to build a safer, more reliable and efficient data center. The following is a list of strategies for building a powerful data center.

From the beginning


monitoring data center managers concern is to find the weak link is not an isolated problem. In a recent survey of data center users, Emerson Network Power believes that users are increasingly concerned about data center monitoring and management capabilities. They also stressed that users are increasingly concerned about data center availability and heat density issues.

Ashish Moondra, senior manager of energy products at Avocent, a division of Emerson, said: "The three most important data center concepts are formed in mind, tracking energy consumption and cooling costs and data for data center managers. The comparison of central capabilities is critical. This will help data center managers make predictions about the weaknesses of the data center and quickly fix them."

Many experts stressed that, although the physical environment into the data center and check the network connection and the measured temperature is still very important, but the most vulnerable areas might have to through the monitoring software can be found. According to Joe Yeager, product manager at Lancope, a network performance and security monitoring company, these tools are the only way to monitor the network to identify potential pitfalls.

He emphasized that "peer-to-peer monitoring allows data center managers to understand the need to develop a forward-looking plan for data center health to detect data center attack vulnerabilities and effectiveness in advance."

Yeager added that data center monitoring should be deployed at every level of the data center, even the virtual layer can not let go: "The same level of monitoring for the virtual environment deployment and physical environment should be each The goal of the data center."

Applying the right tools


Given the size and mode of operation of the data center, there is no versatile software on the market that can achieve a comprehensive system vulnerability assessment, wireless security solution. Ozzie Diaz, CEO of solution developer AirPatrol, said. However, regular penetration testing and automated regulatory audits are helpful for data center managers, and for viruses that are highly flexible, monitoring tools can prevent their spread and spread.

Moondra also added that monitoring energy usage is also very important. He stressed that "the overall cost of data center efficiency and energy consumption is gradually becoming the top priority for data center managers. However, unfortunately, the reality is that most data center managers do not have actual energy consumption in the data center. Too much understanding."

Moondra believes that with monitoring tools, data center managers can understand data center power consumption, calculate costs, and make effective and informed decisions that optimize the availability of all physical infrastructure components.

usually point to consider is the monitoring tool can only monitor the entry and exit points of information but can not monitor internal data center activities. Yeager said that "packet sniffer technology cannot be extended within the data center, and system logs and simple network management protocol monitoring solutions are not able to achieve the level of monitoring users need."

Monitoring of system-to-system activity becomes more complex in virtual environments because virtual machine-to-virtual machine interconnects are often invisible in virtual environments, Yeager adds, monitoring these virtual machines. Interconnection is critical to maintaining network security and is also critical to managing network and application performance.

Yeager recommends that IT departments should use some tools for traffic surveys for most routers and switches—monitoring, troubleshooting, and security maintenance of data centers in physical and virtual environments.

to create a schedule


mastered the knowledge of monitoring tools can help you accomplish these tasks, it is time to create a data center of the agenda was available. Almost all monitoring software runs continuously and provides early warning of potential hazards, but users still need to periodically check the tools themselves to ensure they are properly tracking data center issues and sending alert notifications to relevant managers.

Moondra recommends that data center managers using monitoring tools generate a monthly usage report. Reports can be set to be automatically generated, but data center managers must set the time for actual research to monitor.

"This report provides a trend to monitor capacity so that data center managers can have a clear understanding of the state of their data centers and make forward-looking judgments based on the conclusions of the report."

Yeager also added that while such conventional audit is necessary, but possible to achieve automation is very useful. Data center managers should choose automated tools to reduce the burden of day-to-day management so that data center administrators can focus more on tasks that cannot be automated, such as manual testing and training programs.

solve design problems


automation tool in identifying weaknesses and help data center managers to strengthen the data center environment has been explored for a long time, but sometimes these Weakness is hidden in the entire data center design. Peter, Vice President of Marketing, Adaptive Computing. Fokker said that if vulnerability assessments face design challenges, they can be addressed through integration, standardization and virtualization.

Fokker recommends that users use integration tools to eliminate resources that may not be fully utilized and cannot be used for other purposes. The goal is to develop a flexible resource pool that can be easily used to support multi-service services.

Standardization can be used to reduce the number of different hardware and software architectures required to deliver the business services, Fokker stressed. In terms of virtualization, the main advantage of separation from the software layer logic is that business services can be delivered from the underlying infrastructure, eliminating the dependency between software and allowing the data center to be considered as a "holistic computing environment", configuring applications based on user needs. software.

The goal of adopting these strategies is the same as using monitoring tools and hiring security consultants for risk assessment: to identify weaknesses that could threaten the data center and cause system downtime. Combine strategies, tools and strategies with automated processes, focus on all aspects of the data center, and IT managers monitor the entire data center. With multiple perspectives, data center managers can intensively train on data center types.