How FlexPod Cybersecure Architecture Helps You Protect, Detect, and Recover Your Precious Data 

Leaders at most modern organizations would readily agree that data is critical to today’s digital-first businesses. Maybe that’s why there are so many metaphors about data with comparisons to oil and currency—it’s even described as a lifeblood.

However, the most useful metaphor of all might be seeing data as a key. One that unlocks insights businesses can use to improve customer experience, reduce sales friction, and promote brand loyalty in a hypercompetitive landscape.

Data is so vital, you might think that the adoption of technologies and processes that can help protect, monitor, and detect possible threats—and also be able to recover it from catastrophic events—would be a priority. But according to the latest Cisco Cybersecurity Readiness Index, many companies believe they are falling woefully short of the mark. Consider these stats:

• Almost 60% of companies surveyed said they had experienced some kind of cybersecurity incident, such as a ransomware attack, in the last 12 months. The incidents cost at least US$100,000 for 71% of organizations affected, with 41% saying the overall cost was US$500,000 or more.
• Just 15% of organizations globally deem themselves to have a mature level of preparedness to handle the security risks of a hybrid and multicloud world, while 47% of organizations fall in the formative category, the lowest level of preparedness.

FlexPod cybersecure architecture

To help our customers build and deploy a robust and secure infrastructure, Cisco and NetApp partnered to develop the FlexPod cybersecure architecture to protect apps and data from unauthorized access, detect threats early to keep data safe, and recover data quickly to reduce downtime. Existing FlexPod customers can use this reference architecture to strengthen the security of their FlexPod infrastructures. New FlexPod customers can deploy a more secure solution immediately.

This is the latest achievement that builds on the decade-plus success of Cisco and NetApp delivering compelling innovations for converged infrastructure. This is a validated approach (see below) for deploying tightly integrated compute, networking, storage, and management technologies from Cisco and NetApp for hybrid and multicloud environments.

The latest generation of FlexPod is powered by Cisco Unified Computing System (UCS) servers, including the award-winning Cisco UCS X-Series Modular System. The server is managed by Cisco Intersight, which enables IT leaders to easily adapt to the unpredictable needs of modern applications. Combined with NetApp innovations, the FlexPod cybersecure architecture empowers organizations with a strong foundation to maintain the integrity, confidentiality, and availability of their apps and data, ensuring long-term success and resilience in an ever-changing cybersecurity landscape. This proactive approach is further defined by the three cybersecurity pillars of protect, detect, and recover. Here is a brief technical overview:

Protect

Applies a holistic approach to safeguarding systems, management, data, and applications via a zero-trust model and architecture. This includes:

• Built-in security at the server hardware level (such as secure boot and anti-counterfeit protection) to prevent attackers from gaining access to the platform, installing malicious code, and exploiting data
• Hardening of devices, logic, and information—including Cisco’s industry-leading firewall protection
• Secure microsegmentation across networks, servers, and storage into smaller, isolated zones to limit lateral movement of threats
• Multifactor authentication to verify users and devices before granting access
• The power and flexibility of a SaaS operations platform to manage assets and users from anywhere
• A validated FlexPod foundation with a growing portfolio of tested, documented, and secure solutions

Detect

Quickly detects, analyzes, and responds to threats, preventing loss and corruption of data via:

• Integration with security information and event management (SIEM) platforms like Splunk through the Intersight API for advanced incident analysis and response
• End-to-end FlexPod security with threat visibility across the entire network, compute, and storage platforms through extended detection and response (XDR) technology
• Preemptive risk mitigation through comprehensive analysis of telemetry data with immediate notification of potential security issues and infrastructure vulnerabilities
• Machine learning to automatically discover, classify, catalog, and securely retain data and apps to simplify data governance
• Continuity of service from first call to resolution from an architecture expert who is accountable for your case, no matter where the issue resides

Recover

Swiftly addresses data protection and recovery in the unlikely event of data breaches and ransomware attacks. User access is quickly blocked upon detecting anomalies, with detailed forensic analysis conducted for future prevention. With policy-based server profiles and data recovery capabilities, FlexPod can restore an environment in minutes to ensure a fast resumption of operations, mitigating the cost of downtime through:

• Stateless server architecture with policy-based profiles enabling rapid configuration of servers and restoration of virtual machines (VMs) to accelerate recovery and meet service level agreements
• Immutable copies that can be used for secure data retention and as a logical air gap for quick recovery from ransomware
• Reduction of backup windows by combining space-efficient snapshot technology with block-based data replication

 Cisco Validated Design for FlexPod

We are diligently working on our latest Cisco Validated Design (CVD), which will show customers how to confidently deploy a FlexPod cybersecure architecture for their specific environments. We stand behind every FlexPod solution with our experience, resources, and technical expertise to deliver full solution support to our customers. We are excited to be incorporating many technical design elements into this CVD, such as the following:

Secure segmentation

Enables segmentation by tenants (such as application tiers, business units, and managed services) through virtual routing and forwarding (VRF) and virtual LAN concepts within Cisco Nexus switches and Cisco Unified Computing System (UCS) servers—and further protection using Cisco Secure Firewall. The goal is to provide better control and protection of external (“north-south”) traffic among tenants.

Secure workload

For additional protection of internal lateral traffic within a data center (“east-west” traffic), the CVD will leverage workload security through microsegmentation, proactive identification of security incidents using behavior analysis, and reduction of the attack surface by identifying software-related vulnerabilities.

Secure analytics

Addressing the concept that you can’t protect what you can’t see, the CVD will use analytical tools and concepts like NetFlow and logs at various points in the network to create a baseline to detect and root out anomalous actions.

Ransomware protection

Malicious security attacks via ransomware already cost companies billions of dollars a year to recover their data. Cisco and NetApp are planning to integrate our respective ransomware protection capabilities, which will be available through a joint external data representation (XDR) solution.

Learn more at NetApp INSIGHT 2023

More information about the FlexPod cybersecurity architecture will be available at the NetApp INSIGHT 2023 event in Las Vegas. Featured sessions include:

• Simplify your infrastructure and ops with Cisco computeSimplify your infrastructure and ops with Cisco compute
• Protect your apps and data with FlexPod security framework

We hope to see you there.

Read more about FlexPod and Cisco at NetApp INSIGHT