标签归档:data center

Data Center Network Security Threats and Solutions

Background

Data center security includes physical security and virtual security. Data center virtual security is actually data center network security,it refers to the various security precautions that are taken to maintain the operational agility of the infrastructure and data. Data center network security threats have become more and more rampant, and enterprises need to find countermeasures to protect sensitive information and prevent data vulnerabilities. We will discuss the data center cyber attacks and solutions.

What Are the Main Data Center Networking Threats?

Data center network is the most valuable and visible asset of storage organizations, while the data center networks, DNS, database, and email servers have become the number one target for cybercriminals, hacktivists, and state-sponsored attackers. Regardless of attackers’ purpose and what they are seeking financial gain, competitive intelligence, or notoriety, they are using a range of cyber technology weapons to attack data centers. The following are 5 top data center network threats.

DDoS attack

Servers are prime targets of DDoS attack designed to disrupt and disable essential internet services. Service availability is critical to a positive customer experience. DDoS attacks, however, can directly threaten availability, resulting in loss of business revenue, customers, and reputation. From 2011 to 2013, the average size of DDoS attacks soared from 4.7 Gbps to 10 Gbps. What’s worse, there has also been a staggering increase in the average number of packets per second during a typical DDoS attack. This proved that the rapid growth of DDoS attacks is enough to disable most standard network equipment. Attackers can amplify the scale and intensity of DDoS attacks primarily by exploiting Web, DNS, and NTP servers, which requires enterprises to do a good job of network monitoring at all times.

Web Application Attack

Web applications are vulnerable to a range of attacks, such as SQL injection, cross-site scripting, cross-site request forgery, etc. Attackers attempt to break into applications and steal data for profit, resulting in enterprises’ data vulnerabilities. According to the 2015 Trustwave Global Security Report, approximately 98% of applications have or have had vulnerabilities. Attackers are increasingly targeting vulnerable web servers and installing malicious code to turn them into a DDoS attack source. Enterprises need proactive defenses to stop web attacks and “virtual patching” of data vulnerabilities.

DNS Attacks

DNS infrastructure is also vulnerable to DDoS attacks or other threats. It is turned into a target of data center cyber attacks for two reasons. First, attackers can prevent Internet users from accessing the Internet by taking DNS servers offline through a variety of means. If an attacker disables DNS servers of ISP, they can block everything the ISP does to users and Internet services. Second, attackers can also amplify DDoS attacks by exploiting DNS servers. Attackers spoof the IP addresses of their real targets, instruct DNS servers to recursively query many DNS servers or send a flood of responses to victims. This allows the DNS server to directly control the victim’s network of DNS traffic. Even if the DNS server is not the ultimate target for attackers, it still causes data center downtime and outages due to DNS reflection attacks.

SSL Blind Spot Exploitation

Many applications support SSL, however, it is surprising that SSL encryption is also a way that attackers can exploit for network intrusion. Although decrypt SSL traffic is decrypted by firewalls, intrusion prevention and threat prevention products, etc., there are some security implications for data vulnerabilities due to these products’ inability to keep up with the growing demand for SSL encryption. For example, the conversion from 1024-bit to 2048-bit SSL keys requires about 6.3 times the processing power to decrypt. This case shows that security applications are gradually breaking down under the decryption requirements of increasing SSL certificate key lengths. For this reason, attackers can easily exploit this defense blind spot for intrusion.

Authentication Attacks

Applications often use authentication to authenticate users, allowing application owners to restrict access to authorized users. But for convenience, many people perform a single authentication. This makes it easy for attackers to use password cracking tools to brute force. Hackers will crack lists of stolen passwords, and even password hashes, and use them to break into other online accounts. As a result, enterprises centrally manage authentication services and prevent users from repeating failed login attempts.
data center

Data Center Virtual Security Solutions

Network security defenses in the data center are imperative. In view of the data vulnerabilities and network security risks caused by the five major data center network security threats, here are some defense solutions.
  • Prevent vulnerabilities: Deploy IPS to protect and patch frequently vulnerable systems and applications. IPS can also detect exploits targeting DNS infrastructure or attempts to use DNS to evade security protections.
  • Network segmentation: Network segmentation implemented effectively enables preventing lateral movement and achieves least privilege access under a zero-trust security model.
  • Deploying application and API protection: The solution to mitigate the OWASP top 10 risks for web applications is to use web and API security applications. Also, data centers can install firewalls and intrusion detection systems (IDS), to help businesses monitor and traffic inspect before it reaches the internal network.
  • Defense against DDoS: Use on-prem and cloud DDoS protections to mitigate DDoS threats.
  • Prevent credential theft: Deploy anti-phishing protection for users to prevent credential theft attacks.
  • Securing supply chains: Detect and prevent sophisticated supply chain attacks using AI and ML-backed threat prevention, as well as EDR and XDR technologies.
data center

Conclusion

Cyberattacks also have a profound impact on data center network security. Enterprises should prepare defense solutions for data centers to ensure data security. The best practices above can also help enterprises gain relevant information about how their data center networks are operating, allowing the IT team to enhance the virtual security of their data centers while maintaining physical security. Article source: Data Center Network Security Threats and Solutions Related Articles: Five Ways to Ensure Data Center Physical Security What Is Data Center Virtualization?

Why Green Data Center Matters

Background

Green data centers appear in the concept of enterprise construction, due to the continuous growth of new data storage requirements and the steady enhancement of green environmental protection awareness. Newly retained data must be protected, cooled, and transferred efficiently. This means that the huge energy demands of data centers present challenges in terms of cost and sustainability, and enterprises are increasingly concerned about the energy demands of their data centers. It can be seen that sustainable and renewable energy resources have become the development trend of green data centers.

Green Data Center Is a Trend

A green data center is a facility similar to a regular data center that hosts servers to store, manage, and disseminate data. It is designed to minimize environmental impact by providing maximum energy efficiency. Green data centers have the same characteristics as typical data centers, but the internal system settings and technologies can effectively reduce energy consumption and carbon footprints for enterprises.

The internal construction of a green data center requires the support of a series of services, such as cloud services, cable TV services, Internet services, colocation services, and data protection security services. Of course, many enterprises or carriers have equipped their data centers with cloud services. Some enterprises may also need to rely on other carriers to provide Internet and related services.

According to market trends, the global green data center market is worth around $59.32 billion in 2021 and is expected to grow at a CAGR of 23.5% in the future to 2026. It also shows that the transition to renewable energy sources is accelerating because of the growth of green data centers.

As the growing demand for data storage drives the modernization of data centers, it also places higher demands on power and cooling systems. On the one hand, data centers need to convert non-renewable energy into electricity to generate electricity, resulting in rising electricity costs; on the other hand, some enterprises need to complete the construction of cooling facilities and server cleaning through a lot of water, all of which are ample opportunities for the green data center market. For example, Facebook and Amazon continue to expand their businesses, which has also increased the need for data storage of global companies. These enterprises need a lot of data to complete the analysis of potential customers, but these data processing needs will require a lot of energy. Therefore, the realization of green data centers has become an urgent need for enterprises to solve these problems, and this can also bring more other benefits to enterprises.

Green Data Center Benefits

The green data center concept has grown rapidly in the process of enterprise data center development. Many businesses prefer alternative energy solutions for their data centers, which can bring many benefits to the business. The benefits of green data centers are as follows.

Energy Saving

Green data centers are designed not only to conserve energy, but also to reduce the need for expensive infrastructure to handle cooling and power needs. Sustainable or renewable energy is an abundant and reliable source of energy that can significantly reduce power usage efficiency (PUE). The reduction of PUE enables enterprises to use electricity more efficiently. Green data centers can also use colocation services to decrease server usage, lower water consumption, and reduce the cost of corporate cooling systems.

Cost Reduction

Green data centers use renewable energy to reduce power consumption and business costs through the latest technologies. Shutting down servers that are being upgraded or managed can also help reduce energy consumption at the facility and control operating costs.

Environmental Sustainability

Green data centers can reduce the environmental impact of computing hardware, thereby creating data center sustainability. The ever-increasing technological development requires the use of new equipment and technologies in modern data centers, and the power consumption of these new server devices and virtualization technologies reduces energy consumption, which is environmentally sustainable and brings economic benefits to data center operators.

data center

Enterprise Social Image Enhancement

Today, users are increasingly interested in solving environmental problems. Green data center services help businesses resolve these issues quickly without compromising performance. Many customers already see responsible business conduct as a value proposition. Enterprises, by meeting compliance, regulatory requirements and regulations of the corresponding regions through the construction of green data centers, improve the image of their own social status.

Reasonable Use of Resources

In an environmentally friendly way, green data centers can allow enterprises to make better use of various resources such as electricity, physical space, and heat, integrating the internal facilities of the data center. It promotes the efficient operation of the data center while achieving rational utilization of resources.

5 Ways to Create a Green Data Center

After talking about the benefits of a green data center, then how to build a green data center. Here are a series of green data center solutions.

  • Virtualization extension: Enterprises can build a virtualized computer system with the help of virtualization technology, and run multiple applications and operating systems through fewer servers, thereby realizing the construction of green data centers.
  • Renewable energy utilization: Enterprises can opt for solar panels, wind turbines or hydroelectric plants that can generate energy to power backup generators without any harm to the environment.
  • Enter eco mode: Using an Alternating current USPs is one way to switch eco mode. This setup can significantly improve data center efficiency and PUE. Alternatively, enterprises can reuse equipment, which not only saves money, but also eliminates unnecessary emissions from seeping into the atmosphere.
  • Optimized cooling: Data center infrastructure managers can introduce simple and implementable cooling solutions, such as deploying hot aisle/cold aisle configurations. Data centers can further accelerate cooling output by investing in air handlers and coolers, and installing economizers that draw outside air from the natural environment to build green data center cooling systems.
  • DCIM and BMS systems: DCIM software and BMS software can help data centers managers identify and document ways to use more efficient energy, helping data centers become more efficient and achieve sustainability goals.

Conclusion

Data center sustainability means reducing energy/water consumption and carbon emissions to offset increased computing and mobile device usage to keep business running smoothly. The development of green data centers has become an imperative development trend, and it also caters to the green goals of global environmental protection. As a beneficiary, enterprises can not only save operating costs, but also effectively reduce energy consumption. This is also an important reason for the construction of green data centers.

Article Source: Why Green Data Center Matters

Related Articles:

Data Center Infrastructure Basics and Management Solutions

What Is a Data Center?

Take Cable Management Seriously

In a data center, it is common to see messy cables all over the place. Finding out the right cable becomes a nightmare. However, there are also good examples for well-organized cables that eliminate all the redundant operations due to cable mess. Typically, cable management is a solution used for the installation of equipment in order to secure cables for electrical services. An orderly data center will greatly enhance the working efficiency and ordinary people are more willing to work in a tidy environment. Therefore, cable management is very necessary for data center cabling.

cable management

Bad Cable Management and Good Cable Management

Benefits of Cable Management

With the help of cable management, there are many advantages that facilitate the work in data center:

1) Ease of Cable Connection

A good cable management can not only provide access to cables but also to devices they are connected to. If cables are tangled together, it will increase the difficulty for handling devices. And working hours are extended for a simple task. But if your cables are well-managed, the connection between cables and devices will be clear to see so as to finish work in a shorter time.

2) Avoid the Risk of Fire

If cables are not under maintenance for a long time, sparks will be easily caused in tangled cables. And the worst result will be a fire. In addition, when a person passes by the cable mess, he is more likely to be stumbled by the cables. Thus the risk of fire is also immensely increased. To avoid such situation, cable management takes an important role for fire safety.

3) Convenient Troubleshooting

While doing the routine troubleshooting in data center, cable testing is one of the steps. However, a huge amount of messy cables makes such a simple task into a complicated one and you have no idea how long it will take to finish the job. But thanks to cable management, you can easily maintain and change cables in order. The process is more convenient if cables are organized well.

Suggestions for Good Cable Management
1) Let in Airflow

Enough airflow will reduce the temperature of surroundings and components for lowering the risk of fire. But the tangled cables will block the air from flowing. Therefore, sorting out the cables to leave enough space for air flowing is very essential. Also, fans can be used as a way to create sufficient airflow to cool down the temperature more promptly.

2) Clean the Dust

A good cable management is always along with dust cleaning. If too much dust enters through the components, the efficiency of devices will be influenced. But the best part for a good cable management is that the open surfaces exposed to dust are greatly reduced, so the cleaning process is a lot easier.

3) Neat Appearance

First impression is always important for the judgment of a good cable management, thus keeping a nice appearance is necessary. The basic rule of managing cables is to make them in a neat order. Then a little imagination can be added to make the appearance more creative.

4) Use Proper Tools

Proper tools are needed for cable management because they can improve the efficiency of your work. Tools like cable wrap, screwdriver, wire scissors, pliers, cable ties, rubber band, etc. are recommended. These instruments makes the process more convenient and easier.

Conclusion

You may think of cable management as a tedious and time-consuming task. But as for the long-term benefit, it can prevent the device from damage and save time for routine maintenance. Thus better take it seriously to the best of your work in the data center.

Guide to Multimode Fiber Cabling in 40/100G Migration

Nowadays one and 10 Gbqs data rates are not adequate to meet the continued requirement for expansion and scalability in the data center, thus technology evolves and standards are completed to define higher data rates such as 40/100G Ethernet. In the meanwhile the cabling infrastructures installed today must provide scalability to accommodate the need for more bandwidth in support of future applications. OM3 and OM4 multimode cabling solutions have been proven to be a cost-effective solution for 40G data center. Today’s article will make you familiarize with this new Gigabit Ethernet and OM3/OM4 cabling to help you smoothly upgrade to 40G Ethernet.

Multimode Fibers in Data Center

Multimode fiber is more popular in data centers than singlemode fiber. Many people may know the reason—budget. Because the price of multimode fiber is typically much lower than singlemode fiber. Additionally, multimode fibers utilizes the low cost 850nm optical transceiver for both serial and parallel transmission. While singlemode fiber uses the expensive 1310nm and 1550nm transceiver and duplex fiber wavelength division multiplexing (WDM) serial transmission. Therefore, most data center designers would choose multimode fiber for 40/100G transmission.

OM3 and OM4 cable

There are four common types of multimode fibers available in the market—OM1, OM2, OM3 and OM4. Recently OM3 and OM4 cables are gradually taking place of OM1 and OM2 multimode cable. OM3 and OM4 are laser-optimized multimode fibers with 50/125 core, which are designed to accommodate faster networks such as 10, 40 and 100 Gbps. Compared with OM1 (62.5/125 core) and OM2 (50/125 core), OM3 and OM4 can support high data rate and longer distance. This is why OM3 and OM4 is more popular in data center.

The Ratification of IEEE 802.3ba

The Institute of Electrical and Electronics Engineers (IEEE) 802.3ba 40G/100G Ethernet standard was ratified in June 2010. According to this standard, it includes detailed guidance for 40/100G transmission with multimode and singlemode fibers. But the standard does not have guidance for Category-based unshielded twisted-pair or shielded twisted-pair copper cable.

OM3 and OM4 are the only multimode fibers included in 40/100G standard. Because multimode fiber uses parallel-optics transmission instead of serial transmission due to the 850-nm vertical-cavity surface-emitting laser (VCSEL) modulation limits at the time the guidance was developed. Compared to traditional serial transmission, parallel-optics transmission uses a parallel optical interface where data is simultaneously transmitted and received over multiple fibers. Table 2 shows the IEEE standards for 40 and 100 GbE.

IEEE standards for 40 and 100 GbE

The 40G and 100G Ethernet interfaces are 4x10G channels on four fibers per direction, and 10x10G channels on 10 fibers per direction, respectively. For 40GBASE-SR4 transceivers, it utilizes multimode fiber for a link length of 100m over OM3 and 150m over OM4. QSFP-40G-SR4 is Cisco 40GBASE-SR4 QSFP+ that can both operate over OM3 and OM4 cables to achieve 40G connectivity just as FTL410QE2C.

OM3 or OM4?

As noted before, OM3 and OM4 can meet the requirement for 40G migration cabling performance, that’s why they are being widely utilized in 40/100G migration. But OM3 and OM4, which is better for your infrastructure? There is no exact answer to this question as numerous factors can affect the choice. The working environment and the total costs are always the main factors to be considered when selecting OM3 or OM4 multimode cable.

OM3-and-OM4

OM3 is fully compatible with OM4. They use the same optical connector and termination of connector. The main difference between them is in the construction of fiber cable that makes OM4 cable has better attenuation and can operate higher bandwidth at a longer distance than OM3. On the other hand, the cost for OM4 fiber is higher than OM3. As 90 percent of all data centers have their runs under 100 meters, choosing OM3 comes down to a costing issue. However, in the long term, as the demand increases, the cost will come down. OM4 will become the most viable product in the near future.

Conclusion

No matter choosing OM3 or OM4 for your infrastructure, 40G migration is in the corner. OM3 and OM4 multimode cable featured by the high performance and low cost are the perfect solution for 40/100G migration. Fiberstore is committed to provide the best-service and high-quality products to customers. Our comprehensive range of products in OM3 and OM4 offer customers the ability to create the optimal network. For more information, you are welcome to contact us.

Design Consideration for 40G Ethernet Network

With the speed in the data center now increases from 10G to 40G, different optical technology and cabling are required. But at first we should figure out the design of 40G Ethernet network. There are several key factors that may affect the transition to 40G. This article today will pay special attention to those aspects that influence data center design consideration.

General Data Center Design
The principal goals in data center design are flexibility and scalability, which involve site location, building selection, floor layout, electrical system design, mechanical design and modularity. Furthermore the key to a successful data center facility: one that is sustainable in the long term; the other is to consider it as a receptacle for equipment and operations, as well as an integrated system, in which each component must be considered to be flexible and scalable. Figure 1 shows a typical data center infrastructure design utilizing preterminated optical solutions.

data center design

What Does MPO Connector Means for 40G Data Center?
While speeds have increased to 40G, optical connectivity has remained in a duplex format, whether SC or LC. With the advent of 40G/100G Ethernet, multi-fiber push-on (MPO) connector technology are now used at the electronics interface and further into the data center infrastructure design. MPO technology has displayed proven value in cassette-based data center physical layer installations.

The MPO is defined by TIA-604-5-C, Fiber Optic Connector Intermateability Standard. Type MPO (FOCIS-5) as an array connector that can support up to 72 optical fiber connections in a single connection and ferrule. While the MPO is versatile in the fiber count supported, the 12-fiber MPO is the version widely deployed. Many data center designs today use cassette-based duplex LC connectivity or MPO to duplex LC harnesses at the electronics interface, while 12-fiber MPO-based connectivity is used to connect the trunk cabling to each cassette or harness.

40G Standard Provision
The Habtoor STFA Soil Group (HSSG) has designated 40G to support high-performance computing clusters, blade servers, SANs and network-attached storage. For 40G deployment, the QSFP transceiver will utilize a 12-fiber MPO. Deployment of 40G over multi-mode fiber will be achieved with 4-Tx and 4-Rx fibers from the 12-fiber MPO (see in Figure 2). Each of these four “channels” will transmit 10G for the combined 40G transmission. Single-mode fiber transmission will remain duplex connectivity using course wavelength division multiplexing. The HSSG has also defined the transmission media for 40G to include:

MPO connector

  • 40GBASE-SR4 (parallel optics)

100m on OM3/125m on OM4—10G on four fibers per direction

  • 40GBASE-LR4(cWDM)

10km on single-mode fiber—4x10G 1300nm wavelength region

  • 40GBASE-CR4

7m over copper—4x10G (twinax copper)

  • 40GBASE-FR(Serial)

2km on single-mode—4x10G 1550nm

As noted above, the QSFP+ module is specified for use with different standard. The 40GBASE-SR4 is terminated with the MPO connector. For example, Cisco QSFP-40G-SR4 QSFP+ transceiver enables high-bandwidth 40G optical links over 12-fiber parallel fiber terminated with MPO/MTP multifiber female connectors.

For 12-fiber MPO cassette-based optical systems already installed, 40G migration is as simple as removing the existing cassette from the patch panel housings at the equipment and cross connects and replacing the cassette with an MPO adapter panel. Next, an appropriate 12-fiber MPO jumper would be used to cross-connect the trunk cabling as well as interconnect into the QSFP. Though not widely available currently, future preterminated system trunks may utilize 24-fiber MPO connections, both on the trunks and on the cassette. In this case, 40G deployment would require an interconnect harness terminated with two 12-fiber MPO connectors at the QSFP end, and one 24-fiber MPO at the trunk end. This would provide the needed interface with the 24-fiber MPO-based trunk and the 40G QSFP. A 24-fiber MPO jumper would be needed at the system cross connects to ensure polarity was maintained and that skew was within requirements.

Conclusion
The data center infrastructure must be reliable, manageable, flexible and scalable no matter who you are asking for requirements of data center design. It is the responsibility of the network designers to insure best compatibility of data center. As migrating to 40G, we have 40G QSFP and cables within MPO connectivity. Fiberstore supplies a variety of 40G QSFP modules and cables for you to choose from. Besides QSFP-40G-SR4, QSFP-40G-SR4-S and Cisco QSFP-40G-CSR4 are also available. If you are interested in our products, please contact us directly.