Published: 07 Jan 2022
No matter which of the many proposed models for shared-edge networking is chosen, rising demand for ultra-low-latency applications will likely incentivise the location of micro-datacentres at those edges. This raises concerns about management and physical security.
Andy Barratt, UK managing director at global cyber security specialist Coalfire, agrees that edge micro-datacentre management will prove challenging, but suggests solutions will largely be evolutionary, not revolutionary.
“It’s all the same problems again that we had back with the remote branch office client-server build-out,” says Barratt.
With increased artificial intelligence (AI) processing offline and rapid responses required, including to and from a central office, management and physical security challenges are magnified when one or more network edges meet. It is essential to increase security while ensuring that all touchpoints are available and available at the correct levels.
” As part of deregulation, Openreach must give you poles or ducts so that you can lay your own fiber or infrastructure. “Theoretically, we could see BT approved edge devices used right next to fibre connectivity accessing cloud environments out in the wild,” he said.
Barratt quips that electrified barrier fences, like those a farmer might use when trying to keep animals in (and predators out) of their enclosures, might sound tempting in such circumstances. Remote edge devices and networking can be affected by animals and people. It’s not possible to protect them from all kinds of damage.
That said, the physical security classics – hardened, weather-proofed, ruggedised and standardised enclosures and locks, access control, surveillance and testing – remain useful, with self-contained, automatically deployable and “completely headless” operations being his choice of architecture in many cases.
When one or more network edges intersect, management and security problems are magnified. Security must be increased while ensuring that all touchpoints are available and accessible at the correct levels.
“There’s always someone who’s got the key,” he says. “There is always someone who can say, “Oh, I’ll turn the thing on and off.” Then before you know it, that critical edge compute application has been switched off and nobody knows why you can’t get into the cloud anymore.”
Tomas Rahkonen, distributed datacentres research director at the Uptime Institute, says ultra-low-latency applications that require shared-edge networking might include environments such as mass vaccination centres, live events ticketing or vehicle-to-vehicle communications, where edge devices on multiple networks – such as smartphones – need to connect to a separate, intelligent database in real time.
A lot of details depend on the edge model selected and the end requirements. Rahkonen recommends that you start with a risk assessment and analysis. Also, consider the expected benefits. Is that the level of functionality you need?
“What’s the value in the end? Rahkonen says that if safety or public health is important, then any downtime cost, even for small sites, could be very significant. “It needs to be viewed holistically as part of your design and operation, with particular attention to the operational processes.”
Different designs for shared-edge environments might incorporate multiple locations and even multiple-edge colos or edge operators, all of which will present multiple variables that complicate management and security.
Filter all aspects of the proposition through that thinking process and decide if datacentre abilities at the edge, at those particular locations, is essential, because there will be costs to trade off. He suggests that you get technical approval after this.
“There are so many facets to it. Rahkonen says that you have processes, data, and personnel. You need to be prepared. You need to have a strategy for the event that someone gets into that type of facility because, for someone, it will happen at some point.”
Remote monitoring and management more important than hardware?
This points up the criticality of strong remote monitoring and management (RMM), including resilient tools, systems and processes that deliver the required continuity and uptime, perhaps incorporating a centralised network operations office that manages several edge-located micro-datacentre installations.
All these aspects will require support staffing, possibly with multiple telecoms and compute skillsets distributed across different locations.
“What happens in a power outage? He says that remote monitoring requires dedicated power. “Perhaps you need an out-of-band network or on fibre, or be on 4G or 5G or something like that as a backup.”
With software-defined networking and bare metal servers, edge sites can ultimately become more flexible software-controllable points, which will likely make smarter edge deployments more attractive over time, Rahkonen suggests.
Nik Grove, head of hybrid cloud at ITHQ, warns that “full care and feeding” will still be required even for modular micro installations. Complexity still exists in utilities, services, and connectivity. Staffing challenges, failover, continuity, and critical response times also present problems.
” It can all come down to time to market and the speed at which you can implement services. Grove says that monitoring is still necessary and that you unplug the device. It’s also important to know where your item will be placed first.
When it comes to remote-edge physical security, he relates a tale about a containerised datacentre in the Qatari desert, located a “suitable” distance from the city in question for disaster recovery purposes. The facility caught on fire after labourers left a leaking diesel forklift in its wake, near a generator.
According to him, the challenges presented by remote micro-datacentres with or without armoured, intelligent CCTV are the same as those faced when setting up a full datacentre elsewhere.
“Now people are deploying 4K-8K, high-res HD cameras and want that data accessible for 30 days. It’s entirely possible your local McDonald’s could have requirements for 100TB [terabytes] of storage on site. He points out that even your local Dalek could be considered a micro-datacentre.
Strategic planning and design is key
Any edge datacentre must be planned over many years. It should also be designed with all limitations and restrictions clearly understood, exposed, and managed. A few servers or racks of servers might make it more practical to deploy minimal workloads.
“There is a place and time for micro-datacentres – anywhere with a glut of processing and compute that must be done on site, and you don’t want to pull that out to the cloud. Grove says that micro-datacentres should be part of your overall IT strategy and not an act of tactical kindness.
“There’s a time and a place for micro-datacentres, anywhere there is an excess of computation and processing that must be done on-site.”
Nik Grove, ITHQ
Simon Brady, datacentre optimisation programme manager at Vertiv, says physical security is sometimes the last thing thought about when familiar with larger, layered datacentres.
Intelligent alarm systems that respond in real time are a must-have for timely interventions from disconnecting to shutting down, switching on defences or re-routing traffic.
“That’s as good as you can do, because if somebody wants it, they’re getting it,” says Brady. It’s difficult to ensure security for something that is essentially small and far from help. The software and the monitoring might be more important than a strong lock and hinge on a door.”
Storage policies, data and disk management, encryption, and backup remain key, as do internet of things (IoT) considerations and compliance with the General Data Protection Regulation (GDPR) and standards such as the EN 50600 series.
Balance risk against reward – work out how much you are prepared to spend, including on pen testers and standards, dogbolt or lock suppliers, and makers of cabinets or other so-called street furniture, and the costs of not protecting specific data.
Brady also notes that external perimeter fencing and security guards on patrol may be overkill for a micro unit.
“To talk about remote security, [imagine wanting] To build a load somewhere between Africa and Europe,” he said. “In Africa, you can build sites and they disappear in three days. Only the foundations are left.”
Steve Wright, chief operating officer at 4D Data Centres, says that while the relatively small and developed UK does not need really ultra-low latency at the edge today, probably in time it will.
” If we give people technology, they’ll usually find a way to use it.” He said. “It was never really a quick use case for fibre roll-out, but over the next decade, usage will go through the roof.”
Wright agrees that edge micro deployments will require attention to utilities, generators and extensive fire suppression systems, as well as automated workload movements to handle interruptions and the like.
Fully exploiting edge means eliminating human intellect interactions, “because that won’t scale”, and development of orchestration platforms for a multicloud concept, as well as high-performance computing (HPC) advances for more dynamic workloads.
“It’s still more suited to, ‘I’ve got this application stack that can work in this hyperscaler under this configuration, or this hyperscaler under this configuration, or my legacy VMware environments, in either my colocation datacentre or on my on-premise facility’,” says Wright.
Build security and keep adding to it
Stefan Schachinger, product manager for network security at Barracuda, warns that setups may work well in the lab with five devices and be a completely different story with hundreds in the wild, all requiring connectivity and management of software including firewalling, reliability and efficiency at a remote location.
“Look at access to the cabinet [and] how you get access to the central application or to the entire network. Schachinger adds that authentication is necessary to minimize what happens to physical access. “How long does it take for you to notice that something has happened?”
“My advice here is always implement a defence-in-depth concept, including network security and multiple components.”
The key to security is to begin somewhere, regardless of whether it is adequate or not. From there, you can continue to evolve. It’s an ongoing process. Schachinger says to start with the low-hanging fruits, identify the most dangerous, and then continue,” he said.
Read more on Managing servers and operating systems
Datacentres in 2030: What the future holds
By: Caroline Donnelly
Security Think Tank: Security at the distributed edge
By: Anup Deb
Build a migration plan for enterprise edge infrastructure
By: Kerry Doyle
Edge computing environments: what you need to know
By: Fleur Doidge
For more dWeb.News Technology News https://dweb.news/category/dweb-news/section-d-digital-world-tech-technology-news/
The post Sharp edge of the edge: Managing microdatacentres within a shared environment appeared first on dWeb.News dWeb.News from Daniel Webster Publisher dWeb.News – dWeb Local Tech News and Business News