What is a Data Center?
A data center is a facility that centralizes an organization’s IT operations and equipment for the purposes of storing, processing and disseminating data and applications. Because they house an organization's most critical and proprietary assets, data centers are vital to the continuity of daily operations. Consequently, security and reliability are among any organization’s top priorities.
In the past, data center infrastructures were highly controlled, physical environments, but the public cloud has since changed that model. Most modern infrastructures have evolved from on-premises physical servers to virtualized infrastructure that supports applications and workloads across multicloud environments. Application workloads are moving across multiple data centers and private, public and hybrid clouds.
The Role of the Data Center
Data centers are an integral part of the enterprise, designed to support business applications and provide services such as:
- Data storage, management, backup and recovery
- Productivity applications, such as email
- High-volume e-commerce transactions
- Powering online gaming communities
- Big data, machine learning and artificial intelligence
Today, there are reportedly more than 7 million data centers worldwide. Practically every business and government entity builds and maintains its own or has access to someone else's, if not both models.
Types of Data Centers
- Enterprise data centers
These are constructed, owned and utilized by companies for their own internal computing needs. Enterprise data centers are custom-built to meet the requirements of the organizations who own them and are housed on-premises. - Managed services data centers
Managed data centers are deployed, managed and monitored by third-party service providers. Companies opt for a leasing model and can access data center features and functions using a managed service platform. This eliminates the need to purchase equipment and infrastructure. - Colocation data centers
Colocation data centers allow businesses to rent space within an off-premises physical facility which hosts the infrastructure, including power supplies, cooling and security. The business provides and manages its own components, such as computing hardware and servers. - Cloud data centers
This is an off-premises variation of a data center. Cloud-based data centers offer businesses leased, hosted infrastructure, which is managed by a third-party service provider, allowing customers to access resources via the internet.
Core Components of a Data Center
Data center architectures and requirements can differ significantly. For example, a data center built for a cloud service provider like Amazon will have very different infrastructure requirements than a government facility dedicated to securing classified data.
Regardless of classification, an effective operation is achieved through a balanced investment in the facility and its equipment. Since data centers often house business-critical data and applications, data center security is important. It's essential that facilities and equipment are secured against intruders and cyberattacks.
The primary elements of a data center break down as follows:
- Facility – the usable space available for IT equipment. Providing round-the-clock access to information makes data centers some of the world’s most energy-consuming facilities. Design to optimize space and environmental control to keep equipment within specific temperature and humidity ranges are both emphasized.
- Core components – equipment and software for IT operations and storage of data and applications. These may include storage systems; servers; network infrastructure, such as switches and routers; and various information security elements, such as next-generation firewalls.
- Support infrastructure – equipment contributing to securely sustaining the highest availability possible. The Uptime Institute has defined four tiers of data centers, with availability ranging from 99.671% to 99.995%. Some components for supporting infrastructure include:
- Uninterruptible power sources (UPS) – battery banks, generators and redundant power sources are some uninterruptible power supplies
- Environmental control – computer room air conditioners (CRAC); heating, ventilation and air conditioning (HVAC) systems; and exhaust systems.
- Physical security systems – biometrics and video surveillance systems.
- Data center operations staff – personnel available to monitor operations and maintain IT and infrastructure equipment around the clock.
Defining the Modern Data Center
Data centers have evolved significantly in recent years as enterprise IT needs continue to move toward on-demand services. There is an expression these days: The modern data center is where your workloads are.
To support this level of application elasticity and mobility, enterprises are transforming their data centers with a modern architecture. A modern data center relies on virtualization, cloud and software-defined networking to deliver application workloads everywhere; this includes physical data centers and both multicloud and hybrid environments.
A modern infrastructure allows your organization to extend into cloud services. This evolution enables flexible scaling for network, storage and compute demand surges.
Data Center Security Considerations
The data center is no longer a closed environment with static, hardware-based computing resources but an environment with a mix of traditional and cloud computing technologies. The hybrid cloud data center helps IT organizations deliver greater business opportunities but also introduces new risks.
Data centers that span multicloud environments offer a larger attack surface, which can translate into increased complexity in networking and cybersecurity. It is critical to maintain full visibility and precise control of your data center regardless of the architecture. It is also important to implement a best practice methodology for data center security independent of the individual environments you’re running.
Legacy security infrastructures are generally flat network architectures that rely on a perimeter firewall as their only point of traffic inspection and control. Since network boundaries don’t exist as they used to, and most data center traffic is east-west, traditional port-based firewalls provide limited value in a cloud and mobile world.
For security to be effective, it must deliver perimeter security as well as build trust zones within an organization’s internal network. This ensures that traffic between apps and services of different trust levels is filtered in real time, using security services such as intrusion prevention and Domain Name System (DNS) security. The same level of protection must extend to public clouds to ensure consistent network security and segmentation in hybrid environments as well.
Security must be enforced at multiple places to follow workloads everywhere — on the perimeter, network fabric and host. Implementing best practices will help better protect dynamic data and application workloads.
The following steps can be used to roll out an updated strategy:
- Set goals by defining the ideal future state of your data center network. Be sure to include data center infrastructure management and IT service management considerations.
- Develop an access strategy by working with stakeholders in IT/Support and Security. Include all groups that require data center access, like Engineering and Legal.
- Assess your data center to understand its current state so you can create a plan to reach your desired future state.
- Create a data center segmentation strategy to help reduce risk and business impact. The goal should be to prevent hackers from stealing data and stop malware from infecting other systems.
- Plan to use a best practice methodology to inspect all traffic, gain complete visibility, reduce the attack surface, and prevent known and unknown threats everywhere.
- Phase in best practices over time.
Read Three Use Cases for Securing a Hybrid Data Center to learn more about the evolution of the data center as well as how to secure modern data centers and hybrid clouds.