NetApp is thrilled to announce our collaboration with Amazon Web Services (AWS) as a launch partner for Amazon Elastic Kubernetes Service Hybrid Nodes (EKS-H)
... View more
Data is the cornerstone of modern AI applications, especially for generative AI (GenAI), where retrieval-augmented generation (RAG) enhances the relevance and utility of generated content. But what if you have sensitive data you DON’T want shared by your GenAI solution?
... View more
Data centers house critical business applications and sensitive information, making them prime cyberattack targets. Effective security measures ensure business continuity and protect against data breaches, which can have severe financial and reputational consequences. NetApp and Cisco products are vitally hardened with inventive and reliable security best practices at all stages of product implementation (design, hardware implementation, and software development) to ensure there is no compromise in any stack. These products are also backed by vigorous certifications to verify the assertions. This alliance offers FlexPod as a secure infrastructure solution for businesses that are mindful of their security aspect.
FlexPod
Offered jointly by NetApp and Cisco, FlexPod Datacenter is a full-stack robust secure architecture. FlexPod consists of Cisco UCS servers, Cisco Nexus switches, Cisco MDS switches, and NetApp ONTAP storage controllers. It supports all kinds of critical business workloads from virtualization, databases, AI/ML, healthcare, containers, and beyond. Bundled with effective automation, FlexPod solution delivers reliability, flexibility, and simple manageability for businesses.
FlexPod with Security
From the ground up, each component in the FlexPod stack does not compromise on security. Both NetApp and Cisco are committed to build security from inception, and this is verified by robust product certifications including FIPS 140-2/140-3, ISO 27001, CSfC, etc. For effective deployment of these security products, FlexPod security solutions serve all the necessary guidelines and best-practice procedures to implement critical business use cases.
FlexPod Security Hardening TR is one of the first solutions from NetApp that offers guidance and configuration examples at network, storage, compute, and virtualization layers to harden FlexPod infrastructure security and help organizations achieve their security objectives.
FlexPod Datacenter Zero Trust Framework CVD is a joint solution from Cisco and NetApp that leverages several technologies and security products to incorporate segmentation and control (multi-tenancy design using VRF, VLANs), visibility and monitoring (network and OS level visibility and anomaly detection), threat protection and response into the infrastructure. This solution incorporates various security products and components providing a robust framework that extends to all layers, including network, compute, hypervisor, and storage and includes implementation of tenant-based segmentation. The Zero Trust framework for FlexPod solution utilizes multiple additional security components by Cisco and NetApp including Cisco Secure Firewall Threat Defense (FTD), Cisco Secure Network Analytics (previously Stealthwatch) to provide visibility and monitoring, Cisco Secure Workload (previously Tetration), and NetApp Autonomous Ransomware Protection (ARP) to provide threat protection and response.
ONTAP Security
ONTAP provides a set of controls that allows you to harden the ONTAP storage operating system, the industry's leading data management software. Using the guidance and configuration settings for ONTAP helps your organizations meet prescribed security objectives for information system confidentiality, integrity, and availability. Some of the important features that secure ONTAP systems include multi-admin verification (MAV), multi-tenancy (multiple IPspaces), ONTAP Fpolicy, Autonomous Ransomware Protection etc.
Ansible Automation
Leveraging the power of programming, automation enables simplification of the complete deployment procedures. The automation support allows users to significantly reduce time to deploy and deployment error. FlexPod automation delivers a fully automated solution deployment that covers all sections of the infrastructure and application layers. The Ansible playbooks, to configure the different sections of the solution invoke a set of Roles and consume the associated variables that are required to setup the solution. Based on the installation environment customers can choose to modify the variables to suit their requirements and proceed with the automated installation.
Users can leverage Ansible playbooks that have been designed to set up the ONTAP configuration with security best practices. It is assumed that the ONTAP base setup is in place as per the procedures mentioned in the FlexPod Base CVD before executing these Ansible playbooks. Features such as tag-based execution, and automated solution deployment enable replicating the manual deployment procedures and support the versatile use of Ansible playbooks according to the deployment scenarios. Users can execute specific tasks using the tags associated with the fine-grained tasks within the roles. This automation support enables users to deploy the ONTAP security configuration within minutes with the least error factor.
Conclusion
FlexPod is a proven secure architecture supporting both traditional and modern application workloads. FlexPod combined with Ansible automation helps customers to build repeatable building blocks that are continuously updated to align with the technology innovations incorporating the novel security best practices conforming to the joint reference architectures from Cisco and NetApp. With robust security features, the complete life cycle of cyber-security including prevention, protection, and recovery can be implemented with utmost confidence.
References
FlexPod Security Hardening GitHub Repository
FlexPod Datacenter Zero Trust Framework Design Guide
FlexPod Datacenter Zero Trust Framework Deployment Guide
FlexPod Base CVD
FlexPod Security Hardening (TR-4984-1123)
FlexPod ransomware protection & recovery (TR-4961)
... View more
In an era where data creation is skyrocketing, efficient data and storage management has become paramount.
More than ever, data teams are looking to streamline their data management effort by selecting future-proof storage solutions that not only handle vast amounts of data, but also provide flexibility and simplicity while keeping infrastructure and operational costs in check.
This guide walks you through the storage functionalities of the newly announced NetApp® BlueXP™ workload factory for AWS, a free-of-charge service designed to help you optimize your AWS storage efficiency via automated data and storage analysis, deployment, and management.
Read on as we cover:
What is workload factory?
How workload factory manages your storage in its entire lifecycle operation
Choosing your operational mode
Day 0 operations: Assess cost-saving options
Day 1 operations: Deploy FSx for ONTAP
Day 2 operations: Manage FSx for ONTAP
What’s next?
... View more
In Active IQ Unified Manager 9.8, you can bring your own excel sheets with customized reports. With this feature, you can customize existing UM reports by creating a formula, charts, etc, and upload it back into UM. Now each time the report is created manually or through a schedule, the customized report will be generated with the latest updated values. You can use this feature in 3 simple steps.
In this blog, we will walk you through how to bring in your own Excel for custom reporting.
... View more