Transforming IT
Showing results for 
Search instead for 
Do you mean 

Is the security of your converged infrastructure assured?

TSchreider on ‎09-11-2013 11:11 AM

thCAH54YAC.jpgJust when you thought you had it all figured out, having adapted your security program for virtualization and cloud – along comes the converged data center (CDC).  What does this actually mean? How much change will your security program have to undergo? In order to answer these questions and more, we need to first define converged data center. The best definition that I have found is “A data center, which has a common, modern IT architecture that pools resources across servers, servers and networking.”


If we accept this definition of the CDC, we can then make some assumptions as to what changes would be needed within an organization’s security program. 


To illustrate this, I have highlighted the primary areas that CISOs should be aware:


  • Physical and logical security will converge, requiring a single view of anomalous events occurring at the physical as well as logical layers within the data center.
  • CDC assets (server, storage and networking) will meld together requiring that security professionals acquire a working knowledge of how to protect all three homogeneously.
  • Data center assets will become commoditized being primarily configured and utilized through computing fabrics. Security technologies will need to deeply integrate within these computing fabrics.
  • Cloud-computing platforms will reside atop CDC platforms requiring further process integration in order to enable the cloud platform to access CDC resource pools. Security will need to protect the cloud and the CDC uniformly accounting for each platform’s unique threat profile.
  • Computing requirements will be fulfilled through abstractions of the IT enterprise creating a dynamic computing environment. Security will need to be applied using similar abstractions.
  • Resource pools will require high-degrees of availability and failover. Security and continuity related downtime will need to be all but eliminated as change control windows dramatically diminish.
  •  IT assets will require defined assurance levels in order to ensure they are abstracted commensurate with the security policies specified for the application or service requesting computing resources.


Converged infrastructures bring converged threats.  Networking physical and logical resources and assets together opens new threat vectors for exploitation by internal and external sources of risk.   The CDC creates a unified cyber domain, opening up previously un-accessible assets to attack. In addition, the CDC is about more than just IT assets, it involves the orchestration of people, processes and operations.  Each of these represents their own unique risks.


If you want to learn more about converged data centers, check out HP's Converged Infrastructure resource site. Also, keep tuned to this blog site to see my next posting discussing HP’s CDC Assure Reference Architecture.


I would like to know your thoughts and insights on protecting a converged infrastructure as well as what specific steps you have already taken to protect your next generation data center.


10/4 UPDATE: HP has announced HP OneView, a breakthrough infrastructure management platform that’s a giant stride toward the truly converged data center. You can learn about new services for HP OneView here.

0 Kudos
About the Author


Tari is a Distinguished Technologist with 30 years of IT and cyber security experience. He is dual board certified in information security/business continuity and is responsible for a wide range of management and technology consulting services encompassing information security, disaster recovery, privacy, and risk management. His problem-solving skills, knowledge of various technology platforms, compliance statutes, industries, as well as his experience in deploying defense-in-depth and InfoSec Program solution architectures is commonly applied when advising CIOs/CISOs as well as leveraged in numerous HP client engagements throughout the world. Tari has designed, built, and managed some of the world’s largest InfoSec programs allowing them to defend against even the most aggressive attackers.

27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all