How to Beef Up Your Hyperconverged Infrastructure Security With Microsegmentation

Click here for Part 3

In the previous article in this 10-part series, you learned about the basics of securing hyperconverged infrastructure (HCI). Now we take the next step into better security.

Security inside the walls of a HCI solution is satisfied by most of the major players in the market. A strong security solution, however, smashes through those walls and permeates the rest of the enterprise computing environment.

Let’s look at how HCI can form the basis for an enterprise platform that enables distributed security, both on-premises and in the multi-cloud world.

Network Microsegmentation

In a legacy computing environment, once a bad guy gains a foothold behind the corporate firewall, jumping from system to system and application to application is trivially easy. The firewall, while playing an essential role, is a single point of security failure in many organizations. If breached, there are no more backstops to keep hackers from spreading like the plague and infiltrating other systems.

This is where microsegmentation comes in. In the context of HCI, microsegmentation is a security service that operates on each hyperconverged host and provides what is essentially a distributed firewall. Microsegmentation learns about your applications’ communications patterns before it begins to enforce deviations from expected behavior. This enables the microsegmentation service to fully understand exactly how your applications interact at the network and port level. See Figure 1.

Prior to network segmentation, you had to sift through reams of documentation and attempt to piece together the methods by which various parts of an application communicated with one another. No more: By watching your network, microsegmentation can do most of that hard work for you, providing actionable information you can use to help lock down your network.

Microsegmentation enables a zero-trust environment, unlike traditional security implementations.
Figure 1. Microsegmentation enables a zero-trust environment, unlike traditional security implementations.

Enabling Multi-Cloud Security

HCI is most often associated with the private cloud portion of the hybrid cloud function. By providing local, scalable services, HCI brings to the enterprise some of the benefits of the public cloud—and at the very least, it gets much closer than is possible with legacy architecture.

Some HCI companies take things to a whole new level, though, by embracing the public cloud and helping organizations ensure high levels of security for their new multi-cloud environments. This is an area in which leveraging HCI as the core of the computing environment can pay big security dividends, as that environment morphs into a broader platform.

It’s worth noting that the multi-cloud, if it isn’t already, soon will be the norm, so onboarding an HCI solution that supports this future is generally going to be your safest option.

Speaking of multi-cloud, that’s what the next article in this series deals with.

Click here for Part 5