Skip to main content

More about Consistent security policies

In a heterogeneous data center, there may be several different groups of people managing different aspects of the operation. One group might be responsible for managing network equipment (routers, switches, etc.), another group for servers (UNIX, Windows, etc.), another group for the physical infrastructure (racks, power, cooling, etc.).

Frequently there are different levels of security requirements for those different groups. It is not uncommon to find environments where, for example, firewalls and software tools are deployed by the network group to prevent, detect and mitigate the effects of denial of service attacks that could affect service availability. At the same time, power control appliances providing power for the servers and KVM switches may be accessible through the network without any security protection.

It is important for the entire OOBI (console servers, KVM and KVM over IP switches, power control appliances, service processor managers, blade managers and OOBI manager) to be integrated under the same consistent security and management model. As discussed earlier, one isolated vulnerability or a single weak component is enough to compromise the security of the entire system.

These requirements for integration and consolidation become even more important as the data center evolves, with server consolidation, virtualization, and partitioning technologies blurring the boundaries between different systems and requiring the management of the IT infrastructure as a single, consistent system.