Intelligent Workload Security
Dynamic Control, Portability and Flexibility with WorkloadIQ—Secure
Written by Ken Baker
Modular, Headless Workloads
One of the main advantages of injecting intelligence into a workload is that it makes it become headless. In other words, that intelligence allows you to easily and dynamically tie additional external services to those workloads. That means at build time you don’t have to embed every service that you might need into that workload. So, instead of having large, heavy-duty pre-built workloads with large memory footprints that lack flexibility and portability, and are hard to maintain, you can build lightweight highly flexible, portable, and manageable workloads that when they come online they simply grab the extra services they need.
For example, you could create a security appliance running the Compliance Management Platform products that listens for new workloads to come online. When a new WorkloadIQ workload comes online it would send out a heartbeat letting your security appliance know that it’s alive. The security appliance could look at the workload’s identity footprint to determine what type of workload it is, and then according to policy it could say this workload needs services from Novell Sentinel and its complete reporting framework. It might determine the workload needs Novell Privileged User Manager, Novell Access Manager or Novell Access Governance Suite. Its ability to dynamically tie new services and policies to that workload virtually become endless.
Additionally, as policy changes, new services can be added, while existing services can be modified, replaced or removed seamlessly. This type of headlessness eliminates inter-dependencies and gives you the flexibility to move workloads from one environment to another, while giving you the ability to dynamically instrument them with the security and controls you need.
The content package manager in Novell Identity Manager allows you to easily create, distribute, consume and control your workload policies through modular packages that act as the building blocks for all your policies.
Dynamic Workload Role Management
As mentioned before, the intelligence injected into these workloads allows you to easily provision them with the appropriate user accesses and entitlements by leveraging the Role Mapping Administrator in Novell Identity Manger. (See Figure 1.) Instead of having to write low-level scripts (that have to been manually maintained and updated) for each of your workloads, as is required by other vendors’ solutions, you can create pre-defined baseline policies for users’ entitlements based on their roles in the organization. These roles can apply to any of the workload services that you might bring online, or you might have a different set of roles defined for different types of workloads. You do this by creating role associations with the Role Mapping Administrator.
For example, using the Role Mapping Administrator’s click-and-drag interface you could specify that a set of profiles on salesforce.com or SAS are equal to certain groups in Active Directory. Once these associations are made they can be automatically applied to certain workloads that come online. If those roles’ entitlements or associations need to be expanded or modified some time in the future, those additions and changes can automatically flow to all of your workloads that use those roles. That ensures consistent access control and compliance across all your workloads, while eliminating the need to manually update each workload whenever changes occur.
Intelligent Event and User Monitoring
The embedded workload intelligence provided by WorkloadIQ augments your ability to monitor and correlate events that occur within your workloads. (See Figure 2.) For example, in your virtual environment you might already have the ability to monitor the status of your different virtual machines in terms of memory usage, CPU usage and other similar metrics. Using the identity activity and correlation capabilities provided by Novell Sentinel you can get correlated details on events occurring within those virtual machines as well. So, instead of just knowing that two or three virtual workloads on a host are struggling because the CPU is being over-used, it can help you determine the cause of that overutilization by correlating the events happening within individual workloads, such as revealing that one of them is performing a significant amount of file copies or other activity that exceeds the norm. That kind of actionable information can trigger remediation efforts that allow you to proactively address potential problems.
That same capability in Novell Sentinel allows you to monitor user activity within your cloud, virtual and physical workloads, correlating or tying that activity together based on identity to give you a single unified picture of what users are really doing throughout your different environments. It can correlate identity on user activity across all your workloads to alert you to suspicious activity. For example, it could correlate a string of events that show that even though logs in your SAP workload indicates that Bill Smith logged in and accessed SAP records from your San Francisco office on a certain date at a certain time, other system event logs show that Bill Smith never even logged into the San Francisco network or even entered the building on that day. Instead, the other logs might even indicate that Bill Smith was actually in New York that entire day.
With the strong integration between identity management and security management inherent to WorkloadIQ, it doesn’t matter whether activity is occurring in your physical, virtual, or cloud environments, you can still track what’s going on and tie that activity back to specific user roles and identities. That type of correlated user activity monitoring not only saves you time, but it enables you to easily identify potential security issues that would otherwise go unnoticed.
The embedded workload intelligence provided by WorkloadIQ augments your ability to monitor and correlate events that occur within your workloads.
Dynamic, Flexible Control
Your security and identity services need to be able to grow and evolve in as dynamic a fashion as the virtual and cloud environments where they run. You also need to be able to control, monitor and secure what’s going on inside those workloads in a dynamic manner. You can do all that by leveraging the intelligent identity footprints that WorkloadIQ lets you embed within your workloads.
Whether in physical, virtual or cloud environments, WorkloadIQ gives you the dynamic flexibility and control over your workloads to keep them secure and your organization safe. To find out more about WorkloadIQ, read the other articles in this issue of Novell Connection and learn what WorkloadIQ can do to help you build, manage and measure your intelligent workloads.
- 01. Novell Identity Manager +
- 02. Novell Sentinel +
- 03. Novell Privileged User Manager +
- 04. Novell Access Manager +
- 05. Novell Compliance Management Platform +
- 06. WorkloadIQ Secure +