Data Center Security

Our first key challenge is risk management which can be addressed with the layered physical security approach. Thereat to the data center can be of many forms, like third part contractors or employees who may have access to inflict unintended or intended damage. Deploying a layered security strategy can provide you feasibility to deter, detect or detain at every layer of your data center security producing the risk of breach. There are six layers of security. They are,

• LAYER 1 – Perimeter Defense: The site perimeter is not just the border; it is the first layer of data center protection. Measure used to fortify perimeter security include Video Surveillance, fence, limited entry points with access control, physical security barriers such as anti-ram fencing gates and guard station with security personnel these are all decided to deter the intruders. Car trap and security personnel can delay the intruders.
• LAYER 2 – Clear Zone: The second layer of the security addresses the space between the perimeter and the building exterior. These area is monitored by intrusion detection sensors and video surveillance to identify breaches.
• LAYER 3 – Facility Facade/Reception Area: The third layer is the highest level of perimeter security. We have the opportunity to prevent the unauthorized access into the facility.
• LAYER 4 – Hallway/Escorted Area/ Gray Space: The fourth layer of the security, validates access rights of authorized individuals into specific environments such as the data hall, network operation center, power and cooling facility areas.
• LAYER 5 – Data Center Room: As you enter the data hall the fifth layer of security is the selective profile of authorized staff, contractors and visitors.
• LAYER 6 – Data Center Cabinet: The sixth layer of security provides the controlled access and accountability directly at the equipment location. The interoperability of these six layers mitigates your risk of an effective and efficient protection of the facilities critical data.

Attacks can also come outside in. And today the most popular attacks are the ones that target web applications. Hackers know that the web apps are full of vulnerabilities and can lead to very profitable exploitation. And another popular data center attacks strategy is Distributed Denial of Service (DDoS), where the attacker generates massive amounts of traffic to overwhelm and paralyze your systems. Also another common attack is AppDos attacks which targets specific application. These types of attacks can be prevented by the effective use of firewalls. Also there are different use case for firewall technology. In campus branch the next gen firewall will be deployed. Intrusion Prevention System (IPS) which relies on repeating and other intelligent data source, to provide additional defense. And there is an Application visibility control where we can see and control the internet apps and content the employees are accessing. And finally, there is an active directory integration where the identities can be managed and controlled.