How Can Governments Manage Edge Computing Architecture?
Organizations can apply centralized management solutions that provide a single point of visibility for an entire network. With edge application managers, one administrator can manage application environments across thousands of edge servers and edge devices through a centralized data center.
The same techniques used to set up a switch or wireless access points at the edge can be used to set up software-defined WAN and connectivity between data centers and the cloud, Lunetta says.
“We give the network operator a single interface and a single set of tools to reduce the amount of silos or the need to learn different systems to set everything up,” he says.
Organizations must also pay close attention to how well their wireless networks are operating. According to Chip George, vice president of public sector at Nutanix, one of the hardest challenges any technology stack faces is connectivity at the edge.
“Due to long budget cycles, government agencies have an especially difficult time addressing the rapidly changing demands on connectivity that come with edge computing,” he says.
George suggests that agencies deploy and maintain their own virtual private cloud networks to maintain IP address spaces. He also recommends that edge connectivity frameworks use a workload-centric instead of network-centric approach, which would enable scrutiny of traffic to and from virtual machines no matter how their network configurations change or where they reside in the data center.
Lunetta adds that agencies need the right switching in the edge data center to facilitate the interaction between components and to offload as many of the network functions as possible to a single centralized switch.
LEARN ABOUT: What collective cybersecurity measures do agencies rely on?
How Can Governments Secure Edge Computing?
An organization’s attack surface only grows as more and more connected devices are added to the network. IT leaders need strong visibility across the edge infrastructure to stay on top of threats. Plus, the rise of remote work means individuals within an organization often access sensitive information through potentially unsafe internet connections.
“It used to be that you could set up a network that was all in-house, but now there’s a second branch to that equation,” Lunetta says.
“We call it the Starbucks problem: You’re sitting in Starbucks accessing a website, and you’re not going through the corporate network. How do you propagate the same security and same policies to protect those resources as you do for what’s on a campus network?”
Devices themselves need to be routinely tested for new vulnerabilities and patched accordingly. The practice of endpoint device monitoring is key. It involves achieving complete endpoint visibility by keeping track of every component of an endpoint, including which operating systems it’s running, which applications it’s hosting, and who or what can connect to them. From a networking perspective, organizations must employ zero-trust security practices using multifactor authentication.
For Ramirez, the same basic security best practices — encryption, authentication and access control, network segmentation, intrusion detection and prevention, security monitoring and patch management — still apply.
“Most people would argue from an edge perspective that what the device is doing may be more important. But good security hygiene is going to be critical with these environments, as well as with the regular enterprise environment,” Ramirez says.