This article is the first of a four-part series published earlier this year, to bring awareness of the security controls and data services built into the Qumulo File Data Platform, as well as security best practices against malware.
Introduction to Qumulo’s Security Architecture and Security Controls
Malware attacks are on the rise in quality and quantity, creating large impacts on businesses around the world. Recent attacks such as WannaCry, CryptoLocker.F, TorrentLockerhave and Petya (to name a few) infected hundreds of thousands of computers and other IT systems and caused millions, if not billions of dollars of damage to all kinds of businesses. Having a well thought through sehttps://www.intego.com/mac-security-blog/wannacry-and-the-state-of-mac-ransomware/curity architecture is critical for all IT infrastructure environments on premises and on the cloud.
The Qumulo File Data Platform includes a broad spectrum of modern technologies and data services to support holistic security architectures. This series of articles covers Qumulo’s security architecture and best practices to counter malware, in four parts:
- Introduction to Qumulo’s Software Architecture
- Preventive Security Controls
- Detective Security Controls
- Corrective Security Controls
The Qumulo Software Architecture
The Qumulo File Data Platform is a scale out, software-only, NAS (Network Attached Storage) architecture. As such, Qumulo presents standard network protocols such as the Windows Server Message Block (SMB) protocol and the Unix/Linux Network File System (NFS) protocol to clients over a standard IPv4 or IPv6 connection. Qumulo provides several data services such as snapshots, replication, quotas, auditing, and role-based access control to protect your data.
As clients connect to the Qumulo cluster they issue requests to specific files for common read/write/modify/delete operations. The file system fulfills the requests and serves the files back to the customer over the protocol used by the client issuing the request (SMB/NFS).
Multiple “nodes” running Qumulo Core are combined to create a scale-out NAS cluster and a single volume (a single name-space). Connections are distributed between nodes to optimize performance and capacity.
Files written into Qumulo are broken into smaller blocks of data, automatically encrypted and distributed across the nodes in the cluster using a modern erasure coding algorithm.
Qumulo Core runs on various industry-standard hardware and cloud infrastructure platforms including AWS, Azure and Google Cloud. On all these platforms, Qumulo runs the very same code and follows the same management practices which makes it easy to use the security features and apply best practices everywhere. There are more security domains such as compliance, governance and process covered in Qumulo Software Architecture Overview. In, this blog series, we’ll focus on the technical features of the relevant IT systems.
Types of Information Security Controls
For IT systems, the technical security controls fall into three categories. For a complete description of these controls, see: Qumulo Security Architecture and Best Practices to Counter Malware.
- Preventive controls are designed to prevent cybersecurity incidents
- Detective controls detect a cybersecurity breach attempt (“event”) or successful breach (“incident”) while it is in progress, and alert cybersecurity personnel
- Corrective controls are used after a cybersecurity incident to minimize data loss and damage to information systems and restore systems as quickly as possible
Qumulo supports all three of these security controls with different techniques, which are described in the next three articles of this series linked below.
- How to Use Qumulo’s Preventive Controls Against Malware
- How to Use Qumulo’s Detective Controls Against Data Breaches
- How to Use Qumulo’s Corrective Controls to Minimize Data Loss