Hybrid and multi cloud infrastructures represent today’s “new norm” for IT infrastructure. Heterogeneity is required for IT shops to simultaneously meet stringent cost and growing service level agreement (SLA) requirements on an application-specific basis.
These architectures are powerful tools for IT to balance tradeoffs in areas such as capital and operating expense costs, latency and scalability – but, they materially disrupt the traditional security perimeter. Where previously applications and data were contained to on-premises physical and virtual machines, today they must be able to move across a complex web of on-premises infrastructure and private clouds, as well as third-party delivered cloud resources. This approach substantially increases the number of potential security risks while expanding the attack surface.
Remote access virtual private networks (VPNs) historically used for perimeter security are a particular vulnerability in the hybrid and multi cloud model, with a key risk factor being that they further expand the network attack surface.
DH2i – DxOdyssey
DH2i has launched its DxOdyssey software to help IT departments modernize their legacy perimeter approaches as they integrate off-premises cloud services into their infrastructure and security paradigm.
Per DH2i, it is building from a core competency of facilitating workload portability on premises with its Smart Availability software, DxEnterprise, which decouples databases and containers from the infrastructure itself. DH2i asserts that it helps its customers to reduce planned and unplanned recovery time objectives (RTOs) to less than 60 seconds, to consolidate the number of operating system instances deployed, and to reduce other software and infrastructure costs by 50%-70%.
DH2i’s newer DxOdyssey platform extends the core value proposition of enabling applications to run on their best execution venues into the cloud era by facilitating a more dynamic network security perimeter that can be deployed dynamically wherever it is needed.
The software enables administrators to create micro-tunnels that can be orchestrated to change in tandem with application requirements, and that also have automatic fault detection and failover. These micro-tunnels are segmented by application, which helps to contain the potential damage in the event of a security incident. Furthermore, network administration is simplified as there are no network access control lists or firewall rules to manage.
DxOdyssey provides server cloaking and randomly generated UDP ports for what DH2i describes as “discrete invisibility;” so that even with the use of port scanners, there is no way to intercept or disrupt the data transmission. The software can be deployed on any host – thus avoiding infrastructure-level vendor lock in.
A flexible, infrastructure agnostic security perimeter can serve as a fundamental approach for IT organizations to avoid data breaches. DH2i’s DxOdyssey effectively facilitates application-level micro-tunnels that are scalable across cloud environments, and that can be easily integrated into existing infrastructure without reconfiguring the network or purchasing, deploying and managing net new infrastructure. This agility, simplicity and cost efficiency is a compelling value proposition for network administrators seeking service isolation and fine-grained user access against a backdrop of infrastructure sprawl and pressure to free up as much time as possible from day-to-day management tasks to more strategically supporting business initiatives.