Current Filter: Network>>>>>Feature>

   

Cloud platforms and managed services have become a commodity in the evolving technology landscape. But as these applications become more complex, there is a growing need to manage them quickly and efficiently. It's here that automation can lend a helping hand to cloud engineers, system administrators and network managers.

Automation applied on multiple levels needs to be managed effectively, much like a project, which is why orchestration helps. Orchestration is the process of running automated processes in an organised manner. Cloud management services offer orchestration as an API which allows a smooth configuration of stack topologies: a control panel which wires all automated processes together. Like the musical terminology which lent it its name, orchestration is the practice of assembling and organising various elements for a harmonious outcome.

Like its musical counterpart, technology orchestration needs a conductor, the network administrator or manager, to coordinate the workflow. Innovative work into the field of intelligent orchestration is under way but a completely autonomous cloud deployment is quite a way off.

Cloud computing has presented businesses with great cost savings and efficiency. As the possibilities of scale have increased, the cloud has grown more complex. Adopting orchestration in the cloud infrastructure can be time-saving and it eliminates routine operations that humans find boring using scripting. Significantly, it also reduces manual configuration errors.

Automated as they may be, tools still need to be scheduled in a particular sequence, into specified groups and with specific permissions, multi-regional layers etc. All this can be now loaded into a configuration template.

Because orchestration must work with diverse systems and the management of complex domains (firewalls, enterprise network) it is essential that integration with other tools is seamless. It also imposes the accurate deployment of all the automated tasks it manages. The knock-on effect of one mismanaged process can collapse the entire infrastructure.

Security is one of the processes that can be integrated into the workflow of an orchestrated environment. Routine functions have long been accomplished without human intervention. From large generic enterprise consoles to personalised tools, automation has quickly turned into a great asset for information security managers. Cloud is famously plagued with passing the responsibility when it comes to security, but integrating security into the building blocks of the platform makes sense. But, can security be integrated into the bare bones of an orchestrated network?

Continuous diagnostic monitoring, SIEM and compliance auditing are all suited to automation and therefore readily suited to orchestration. Yet continuous monitoring is plagued by fundamental misunderstandings about its function; SIEM is complex and sometimes not cloud-compatible. IT security compliance caters to a huge range of industries while generic tools do not help auditors, who must re-script existing policies.

It seems that a blanket approach is preferred, which a console can offer, even at the risk of leaving gaps. CISOs bare a huge responsibility to the board and when things go wrong, it is always preferable to have generic protection rather than a more selective one. But a blanket approach with cloud orchestration may be the equivalent of the square peg in the round hole. Thanks to the cascading effect, one badly managed risk in a small task will create a greater hole in the security overall.

Flexible, integrated, complementary security tools applied at various stages of the orchestration process, alongside baseline security, will ultimately be far less vulnerable.

Orchestration certainly has the potential to make the life of a network manager easier and this will proliferate. Security applied granularly throughout the orchestration process, rather than to the end result, may be the lesson we learnt from creating a vulnerable Internet. NC