Introduction
The fact that the year 2020 started off with a bang, so to speak, only accelerates the already rapidly ongoing migration to the cloud. Haste in this case does make waste, however, and we are witnessing significant breakages in enterprise security architectures, with many singling out the increased use of public clouds as the leading cause of security compromise.
As companies scramble to enable and support WFH on a large scale amidst the Covid-19 pandemic, the security controls already in place are failing to cope with the speed, scale and complexity of such network diaspora, leaving doors ajar and architectures open to attacks and breaches.
Things are even more complicated for organizations working with more than one cloud provider because multi-cloud security relies on not only one set of network policies but also a capable multi-cloud security platform in order to unify security across private and public cloud deployments.
Requirement
Capable cloud-based security must fulfill the following criteria:
- Seamless hardware-software integration
- Pro-active threat prevention with proven threat intelligence database
- An actionable single set of policies for multi-cloud deployment
- All-seeing-eye visibility and management across organizational environments
- Automated workload security in any cloud
Lanner Solution
The NCA-1510, a fanless SFF desktop network security appliance designed for managing edge security at small and medium enterprises is powered by Intel® Atom® C3000 (codenamed Denverton) CPU. This appliance features robust performance and Intel’s QuickAssist Technology, offering cryptographic acceleration and commercial-grade LAN functions in a 231mm x 200mm x 44mm form factor.
Intel® Atom™ C3000 CPU and Intel® QuickAssist Technology, running at 10G, together greatly boost network responsiveness and security by distributing processing power to more critical applications and by offloading computationally intensive compression and encryption/decryption tasks; what’s more, the NCA-1510 is also armed with secure boot, support for TPM 2.0, K-lock and FIPS compliance.
The fanless NCA-1510 offers 0~50ºC operating temperatures, Intel® AES-NI, up to 16 GB of DDR4 2133MHz memory and 6x GbE RJ45 or x4 GbE RJ45 and 2x GbE SFP; it also provides 1x mini-PCIe slot and 1x M.2 slot with nano SIM accessibility for function expansion and wireless connectivity via 3G, Wi-Fi or LTE. Other I/O includes 1x mini USB console, 2x USB 2.0, 1x 2.5” HDD/SSD bay and 1x onboard EMMC (8GB).
Benefits
A cloud-native security solution running on Lanner’s NCA-1510 offers three-pronged advantages.
First, it enables airtight and fully integrated security rules and workload runtime protection that prevent APTs and zero-days from infecting clouds and workloads. Such workload runtime protection measures, including firewall, IPS, Application Control, IPsec VPN, Antivirus and Anti-Bot, are based on and powered by a real-time, cloud-based threat intelligence database.
Two, it paves way for a unified cloud security posture management, meaning not only a holistic, at-a-glance insight into organizations’ multi-cloud environments but also a 24/7/365 analysis and control of their cloud security posture.
And finally, it automates security for all workloads taking place in any cloud as such setup provides organizations the capability to secure any workload, anywhere with auto-provisioning, auto-scaling and automated policy updates, automatically, in single or multi-cloud deployments.
Results/Conclusion
As more businesses are embracing cloud-based protections, cloud-based security built using Lanner’s NCA-1510 and a cloud-native security software is considered almost the industry standard for delivering secure, stable, complete access to critical applications and services as such complete solution enables a consistent tool and a unified management window across the entire architecture in a multi-cloud environment.
The Covid-19 pandemic has fully demonstrated the do-or-die reality for truly integrated cloud security for organizations of all sizes.