Baseline tooling to secure a small environment with SECaaS

SECaaS experience from the PALANTIR R&D project. The article briefly introduces part of the associated cloud-native tooling to provide a security baseline to a small environment.


3 min de lectura
Baseline tooling to secure a small environment with SECaaS

The sustained digitalisation of any businesses is a must, yet it also makes them more vulnerable towards cyber attacks. However, and unlike larger enterprises, micro- and small-sized businesses often lack the resources or expertise to implement digital security measures. Solutions on this front must deliver as easy and pre-configured as possible security measures to guide the inexperienced protecting their environment.

One option to this is provided by the PALANTIR R&D project, focusing on cyber-resilience of SMEs and compliance with the relevant data privacy and protection regulations.

It proposes a cybersecurity framework combining data protection, incident detection and recovery aspects under the same platform. The platform tailors its deployment to the requirements and capacity of the business, and thus offers lightweight (built-in), cloud (e.g. public or self-hosted, private) and edge security solutions to that end. Coupled with its risk assessment framework, the platform identifies weaknesses and provides the services to address them via a Security Capability catalogue and a Service Matcher, interacting to identify, bill and maintain SLA for the best suited curated security service. This significantly simplifies the processes of selection, configuration, deployment, and lifecycle management that otherwise would be required by the operator.

In this regard, the underlying infrastructure uses common hardware, feasible for small organisations or particulars. It also leverages open-source tools to provide an automated identification of threats and close guidance on which security measures apply.

The most prominent open-source tool in use is Kubernetes, which OSM requires to be tailored; i.e. extended with two tools for easier management: OpenEBS and MetalLB.

OpenEBS is devoted to simplifying complex volume management, using available storage on the Kubernetes worker nodes as local or distributed (i.e. replicated) Persistent Volumes.

Image source: https://openebs.io/docs

MetalLB is a network load balancer for bare-metal clusters, using the LoadBalancer services and working both at L2 and BGP modes. With MetalLB, a given node advertises the security service to the local network, so it can reach the same segments where other appliances run.

Image source: https://devopstales.github.io/kubernetes/k8s-metallb/

Tightly coupled with this is the OSM service orchestrator, another tool that lies at the core; which abstracts the security services as generic packages and allow automated clients to automatically operate them over time.

Adapted. Image source: https://osm.etsi.org/gitlab/vnf-onboarding/vnf-onboarding-guidelines/-/blob/master/00-introduction.md

For instance, it can deploy them, configure during instantiation (day 0), boot (day 1) or runtime (day 2) through the usage of Canonical’s Juju charms (a mechanism to operate resources at heterogeneous clouds in an abstract manner), scale the services based on monitoring conditions and alerting or, given these are no longer used or were tampered with (as identified internally by an internal integrity assessment within the platform).

Adapted. Image source: https://juju.is/

More information on these tools can be find as follows:

  • OpenEBS: K8s storage management for simplified volume management.
  • MetalLB: load-balancer for bare metal Kubernetes clusters.
  • OSM: network service orchestrator, following ETSI NFV standards.
  • Juju: life-cycle management for cloud-native applications.

Artículos Relacionados

CSIRT-KIT.org: Cyberops stacktool
1 min de lectura
Open RPA's: N8N para SRE (Zabbix Usecase)
4 min de lectura

Algunas cosas de AWS que quizás no conoces

Aunque los competidores están empezando a coger carrerilla, decir hoy en día que Amazon Web Services es el proveedor de

4 min de lectura

Battle Cloud Providers

Almacenamiento y computación son los recursos que más consumimos habitualmente en nuestros proveedores IaaS. Otros servicios como balanceo de carga,

1 min de lectura

Ansible, automatización de tareas y despliegues de forma simple

Hoy en día el número de servidores, virtuales o físicos, sigue creciendo a un ritmo muy alto y a los

4 min de lectura
Homebrew -  Servicio Cloud SSH
7 min de lectura

SUBIR

🎉 Te has suscrito con éxito a CloudAdmins!
OK