As you delve into the realm of cybersecurity, you quickly realize that it is vast, deep, and full of pitfalls and hungry adversaries. It’s hard to know where to start, but you must take that first step. With FlexPod® as an infrastructure solution, NetApp and Cisco have highlighted those first steps, guiding you on a path to security you can count on. And, more importantly, a secure infrastructure that you can use as the foundation for all your workloads.
Both NetApp and Cisco take security seriously at all stages, including product design, hardware implementation, and software development. Both organizations are committed to security by design from the very beginning to offer the most robust security for every one of their products.
NetApp employs an in-depth Secure Development Lifecycle (SDL) process that builds on training internal teams. The process operates from a product security baseline to build in security from day 0, source code analysis and scanning, and vulnerability and third-party software scanning. With this SDL process, NetApp® products have built-in security from the beginning so that they ship secure. In production, the security of NetApp products is bolstered with top-tier patch management and vulnerability handling processes so that they stay secure for their lifetime. Read all about NetApp’s commitment to security and more at the NetApp Trust Center.
Cisco also embraces a Secure Development Lifecycle process and complements development with protections for their products at every stage in the product lifecycle through their Value Chain Security. These processes enable Cisco to design, build, ship, and support products with security built in and maintained throughout the product’s life. For details and links to more information, check out Cisco’s Trustworthy Solutions.
To further commit to their SDL mission, both NetApp and Cisco have recently signed the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure By Design pledge. CISA works with enterprises to implement, build on, and complement existing industry security best practices, including those developed by CISA and NIST.
As the saying goes, “Trust but verify,” and with security you might not even want to trust. Trust or not, verification is crucial to backing up the claims made about product security. NetApp and Cisco are committed to building in security from inception, and also to certifying that security, so you know exactly what each product offers from a security standpoint. Many of these certifications are required to do business with government agencies worldwide, and they also offer a method of comparing security for all products.
Here’s a quick introduction to common certifications.
FIPS 140-2/140-3. The Federal Information Processing Standard (FIPS) 140 family of certifications define and validate cryptographic modules. Note: FIPS 140-2 is being phased out and is being replaced by FIPS 140-3.
The Common Criteria. An international standard for evaluating and validating the security features and capabilities of products.
ISO 27001. An international standard that gives guidance on how to establish, implement, maintain, and improve information security management systems.
US DoDIN APL. U.S. Department of Defense Information Network Approved Product List (DoDIN APL) provides purchasing guidance for DoD organizations looking to purchase equipment for use on the Defense Information Systems Network.
CSfC. Commercial Systems for Classified is a program run by the U.S. National Security Agency (NSA) that provides a framework and guidelines for configuring and deploying layered security solutions using commercial off the shelf (COTS) components.
That’s a ton of acronyms to remember, but the good news is that both NetApp and Cisco collect their certifications centrally for quick reference.
What does all of this mean for the security of FlexPod as an infrastructure solution? FlexPod was launched 13 years ago, built on the secure foundations of NetApp and Cisco. Following that tradition, FlexPod remains focused on full-stack security.
Read more about FlexPod security solutions in these documents.
FlexPod workload solutions run the gamut from virtualization to databases, AI to healthcare, containers to enterprise applications, and beyond. But no matter the workload you’re running on your FlexPod solution, you can count on security being built in from the moment the product was developed and years into the future. FlexPod workload solutions are designed to layer directly on top of the security features, certifications, solutions, and hardening practices discussed in this blog post. The singular goal of these solutions is to give every customer peace of mind that their environment is secure from the foundation up.
Solution briefs from NetApp and Cisco
Consolidated links
Further reading
Reese Lloyd is a NetApp product manager focused on FlexPod solutions. He brings a broad base of experience with storage and infrastructure systems, service providers, FedGov, security, and enterprise operations. Before NetApp, Reese held product management, technical delivery, and management positions in the areas of storage and networking focused on architecture, engineering, and operations.