Acknowledgement to co-creators: Sandeep Patil, Prayas Gupta, Chetan Kulkarni, Prashant Sodhiya, Carl Zetie and Wayne Sawdon.
IBM Spectrum Scale is a high performance file and object storage with security features covering from authentication of data to authorization of data to secure data at rest to secure data in motion available across different data interface protocols like POSIX, NFS, SMB, HDFS & Object. IBM Spectrum Scale is also very flexible where one have multiple filesystems within a single cluster and one may configure different security features for different filesystems or protocols or exports.
In this new era where data is the new oil, security of data is of paramount importance to both CISO as well as infrastructure teams. Having an ability to view the entire security posture of data is not desirable but required for many regulatory related audits. When data resides on IBM Spectrum Scale, administrator as well as CISO team needs a “single pane of glass” that shows all security aspects of the clusters present in the data center. This not only enables the administrators and CISO team from audit perspective but also understand if they need to take any measures.
The IBM Spectrum Scale Security posture is an opensource project for IBM Spectrum Scale solves this problem of collating the required security attributes and showing single page view of all aspects of security related configurations for:
1. Data in motion – covers protocol based security: Samba, NFS, Object and remote Scale Cluster (remote mount)
2. Data at rest – data at rest encryption, ACLs for filesystems and filesets.
3. Status of File Audit logging, etc
This project integrates with Apache Kafka for visualization, but can be extended to any other visualization. It is open sourced on GitHub under Apache License and it can work with all IBM Spectrum Scale releases above version 5.0.
Details on how to configure and setup security posture can be found on GitHub at: https://github.com/IBM/IBM-Spectrum-Scale-Security-Posture
It is Open Source and can be integrated into your data center dashboard managed via Kibana or other visualization tools