Email Subscription Notifications Suspended Temporarily
We are in the process of making navigation in the Servers and Operating Systems forums simpler and more direct. While doing this, we have to temporarily suspend email notifications for subscriptions. If you are subscribed to one or more discussion boards or blogs in the community, please check them daily to see new content. Notifications will be turned back on in a few days. We apologize for any inconvenience this may cause. Thanks, Warren_Admin
Transforming IT
Showing results for 
Search instead for 
Did you mean: 

Is the security of your converged infrastructure assured?


thCAH54YAC.jpgJust when you thought you had it all figured out, having adapted your security program for virtualization and cloud – along comes the converged data center (CDC).  What does this actually mean? How much change will your security program have to undergo? In order to answer these questions and more, we need to first define converged data center. The best definition that I have found is “A data center, which has a common, modern IT architecture that pools resources across servers, servers and networking.”


If we accept this definition of the CDC, we can then make some assumptions as to what changes would be needed within an organization’s security program. 


To illustrate this, I have highlighted the primary areas that CISOs should be aware:


  • Physical and logical security will converge, requiring a single view of anomalous events occurring at the physical as well as logical layers within the data center.
  • CDC assets (server, storage and networking) will meld together requiring that security professionals acquire a working knowledge of how to protect all three homogeneously.
  • Data center assets will become commoditized being primarily configured and utilized through computing fabrics. Security technologies will need to deeply integrate within these computing fabrics.
  • Cloud-computing platforms will reside atop CDC platforms requiring further process integration in order to enable the cloud platform to access CDC resource pools. Security will need to protect the cloud and the CDC uniformly accounting for each platform’s unique threat profile.
  • Computing requirements will be fulfilled through abstractions of the IT enterprise creating a dynamic computing environment. Security will need to be applied using similar abstractions.
  • Resource pools will require high-degrees of availability and failover. Security and continuity related downtime will need to be all but eliminated as change control windows dramatically diminish.
  •  IT assets will require defined assurance levels in order to ensure they are abstracted commensurate with the security policies specified for the application or service requesting computing resources.


Converged infrastructures bring converged threats.  Networking physical and logical resources and assets together opens new threat vectors for exploitation by internal and external sources of risk.   The CDC creates a unified cyber domain, opening up previously un-accessible assets to attack. In addition, the CDC is about more than just IT assets, it involves the orchestration of people, processes and operations.  Each of these represents their own unique risks.


If you want to learn more about converged data centers, check out HP's Converged Infrastructure resource site. Also, keep tuned to this blog site to see my next posting discussing HP’s CDC Assure Reference Architecture.


I would like to know your thoughts and insights on protecting a converged infrastructure as well as what specific steps you have already taken to protect your next generation data center.


10/4 UPDATE: HP has announced HP OneView, a breakthrough infrastructure management platform that’s a giant stride toward the truly converged data center. You can learn about new services for HP OneView here.

0 Kudos
About the Author


Tari is a Distinguished Technologist with 30 years of IT and cyber security experience. He is dual board certified in information security/business continuity and is responsible for a wide range of management and technology consulting services encompassing information security, disaster recovery, privacy, and risk management. His problem-solving skills, knowledge of various technology platforms, compliance statutes, industries, as well as his experience in deploying defense-in-depth and InfoSec Program solution architectures is commonly applied when advising CIOs/CISOs as well as leveraged in numerous HP client engagements throughout the world. Tari has designed, built, and managed some of the world’s largest InfoSec programs allowing them to defend against even the most aggressive attackers.

28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
HPE at Worldwide IT Conferences and Events -  2017
Learn about IT conferences and events  where Hewlett Packard Enterprise has a presence
Read more
View all