For many companies who rely on the cloud, security is hard to manage. Companies that choose to outsource their data center requirements often lack the tools and talent to manage security in a multitenant environment.
Engineers are needed to establish and monitor security practices; analysts who can understand the output from security tools are required; and architects need to be able to build security into the infrastructure from the outset. That all adds up, and leaves many businesses exposed because they can't afford to invest in acquiring the expertise they need. Many smaller businesses, especially, don't have the resources to be confident they're doing all they can to enhance their data security.
Security: The Opportunity
Where some see a challenge, PhoenixNAP saw an opportunity: offering security as a service. The company is a cloud service provider (CSP) that offers cloud and data center services globally. Its customers typically have a turnover between USD1 million and USD1 billion and host their back office applications with PhoenixNAP, including Microsoft SharePoint*, enterprise resource planning (ERP) solutions, and financial applications. New customers typically migrate from an on-premises VMware environment into PhoenixNAP's Infrastructure as a Service.
Co-developed with Intel and VMware, PhoenixNAP's Data Security Cloud offers customers a single interface for managing the infrastructure, with simplified firewall, storage, and server set-up. A range of security tools is included, including a security information and event management (SIEM) system and antivirus in the operating systems for the virtual machines. Threat management, logging and alerting tools are applied across the multitenant cloud environment.
One of the differentiators is that PhoenixNAP provides not only the infrastructure and tools, but can also intervene on the customer's behalf if an alert is raised, or if reports suggest that action is required. As such, the solution solves not only the technical issues but also the staffing challenges associated with protecting data in the multitenant cloud environment.
The Data Security Cloud is based on a software defined data center (SDDC) architecture, built using the VMware NXS* Network Virtualization and Security Platform. This helps to increase the virtual machine density—potentially lowering costs.
From a hardware point of view, the solution is based on Supermicro servers including the Intel® Xeon® Gold 6142 processor. A member of the new Intel® Xeon® processor Scalable family, the Intel® Xeon® Gold 6142 processor represents the latest evolutionary leap forward in disruptive data center design for CSPs, with significant platform innovations across compute, storage, and network infrastructure to accelerate service delivery and efficiency.
Security has been enhanced and accelerated because Intel and VMware have worked together to incorporate optimizations for Intel® architecture in VMware's software. For example, VMware vSphere* automatically passes encryption algorithms to Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) which enables some of the compute-intensive steps of AES encryption to be accelerated in hardware. Intel® Trusted Execution Technology (Intel® TXT) and trusted platform module (TPM) are used to enable PhoenixNAP's customers to run more secure environments with Zero Trust policies.
Growing with Security
As more and more sensitive data is entrusted to the cloud, security is becoming a key driver for customers in the hotly contested CSP market. With the launch of the Data Security Cloud, PhoenixNAP has created a powerful differentiator, and opened up new opportunities to win new customers and grow its business with existing clients.
To find out more about the architecture of the SDDC and the development of the Data Security Cloud, download the case study PhoenixNAP Works with Intel to Launch New Cloud Services, which is available in the Intel® Cloud Insider Program (Intel® CIP).
Registering for the Intel® Cloud Insider Program gives you access to cloud industry reports, marketing tools, and a sandbox environment for experimenting with the latest hardware.