Take Control of Server Cybersecurity with Intelligent Cloud-Based Monitoring
- June 9, 2022
You’ve read the headlines: cybersecurity threats and losses for businesses have grown precipitously. According to the United States FBI Internet Crime Complaint Center, in 2021 Americans had over 850,000 cybercrime reports and related losses estimated at $6.9 billion¹, nearly double from the FBI’s report from just 3 years ago. Globally, Check Point Research² reported a 50% increase in attacks on corporate networks per week from 2020 to 2021 and a peak of 900-plus attacks per week per organization by the end of 2021.
As the worldwide threat of ransomware and cybercrime is ever evolving, businesses must adopt stricter cybersecurity policies to close any exploitable vulnerabilities. There are plenty of cybersecurity standards and frameworks that organizations can conform to for protecting their servers, but how can this be tracked?
To answer that question, I’m excited to share a new feature in CloudIQ, Dell’s cloud-based, AIOps monitoring and analytics application for IT infrastructure systems, that enables PowerEdge server users to set and track cybersecurity configuration settings. This includes a powerful new capability that will enhance your cyber-defenses, as well as two other important new CloudIQ features for servers: Performance Anomaly Detection and REST API/Webhook support.
CloudIQ for PowerEdge was introduced in August of 2021, and our product team is continuously releasing new features that help server administrators reduce risk, plan ahead and improve productivity. To date, CloudIQ is connected to hundreds of thousands of servers, storage, data protection and networking systems, giving IT organizations a single easy-to-use portal that provides system health, remediation recommendations and powerful performance monitoring capabilities. In fact, CloudIQ has accelerated time to these kinds of valuable insights for our server customers by over 3x³, drastically improving IT operations and IT situational awareness.
PowerEdge customers with ProSupport or higher contracts can connect today at no additional cost via OpenManage Enterprise (OME) and the CloudIQ Plugin, which establishes a secure, encrypted connection from your on-prem infrastructure to Dell’s secure private cloud. Because CloudIQ is cloud-based and is accessible through a web browser, you don’t have to host, maintain, or upgrade CloudIQ software on your premises – we do it for you in our cloud.
CloudIQ Cybersecurity for PowerEdge servers with OME 3.9 and the CloudIQ Plugin version 1.1 debuted in May 2022. To ensure servers are locked down and hardened against growing cyberthreats, you will be able to track and monitor over 30 different server configuration settings. This list of settings is derived from the NIST cybersecurity framework and Dell’s best practices. Once policies are set and enabled, CloudIQ continuously tests your servers’ cybersecurity settings and provides a powerful mechanism for notifying server administrators and security specialists about non-compliant settings and risks.
Want to make sure USB ports are disabled on a select group of servers? Want to confirm if Access Control settings like Active Directory authentication or LDAP authentication are enabled across a group of servers? With this new feature, PowerEdge users will be notified of risks when servers deviate from policy criteria, will be able to see the date these risks occur and provided with recommended actions to eliminate risks. A complete listing of configuration settings tracked for PowerEdge is available in the CloudIQ white paper.
Other major CloudIQ for PowerEdge features are Performance Anomaly Detection, REST API and Webhook.
CloudIQ continuously and securely collects server performance metrics, and you can see that data plotted over time on the CloudIQ Performance page. With Performance Anomaly Detection, you can view a historical normal range of values based on the distribution of data points collected of the past 22 days.
Server Performance page graphs are called historical seasonality, and they show what is an expected value for CPU, memory, or other metrics at a specific time in the day. When metrics fall outside of what is expected, an anomaly is detected in CloudIQ. Anomalies in CloudIQ are defined as behavior outside of the norm, and do not always point to issues that need further troubleshooting. Rather, Anomaly Detection serves as a springboard to conduct more troubleshooting when issues arise.
Our strategy is to build upon this feature to tie anomalies to performance impacts, which CloudIQ already supports for storage systems, and serves as a more proactive means of detecting and notifying customers of system issues.
Other new CloudIQ for PowerEdge features are REST API and Webhook. All the valuable data presented in the CloudIQ GUI can now be retrieved via API or pushed via Webhook to make IT management more efficient and seamless across different applications.
A short list of examples includes sending CloudIQ notifications and data to third-party applications such as ServiceNow (for ticketing), Slack (for DevOps notifications); Microsoft Teams (for escalation), plus Ansible and VMware vRealize (for automating corrective actions in the infrastructure). There is an abundant number of possibilities with API support.
CloudIQ is a business-critical tool for IT teams large and small. We are continuously evolving it, with new features seamlessly available every week. PowerEdge users with ProSupport or higher contracts can leverage these and many upcoming features at no additional cost. Getting started with CloudIQ for PowerEdge is easy. Download and install the CloudIQ plugin for OpenManage Enterprise today to benefit from these great new features.
2 Check Point Research Blog: Cyber Attacks Increase 50& Year Over Year
3 Tolly Group Report: EMC CloudIQ for PowerEdge Server Infrastructure Insights, June, 2021