A flexible DCIM API solves Data Transparency In the Modern CoLo Environment.
Modern CoLo customers, particularly HyperScalers – the biggest of the big want increasing exposure to data directly from your data center hardware. Not just summaries or aggregates but raw values and trends.
HyperScaler contracts now contain requirements for transparency in monitoring – these often have clauses that can terminate a CoLo agreement based on counts per year for point value violation of limits. If the humidity in a given area exceeds a limit value by a given amount five times a year? End of contract. The same is true for temperature values, % utilization of power gear, and other vital metrics. Your livelihood DEPENDS on the transparency of your data center monitoring.
This is not a light request and is inherently difficult to solve while maintaining the security of the monitored equipment. Particularly challenging is that some power gear support writes that can alter the behavior of the gear. In addition, Modbus, the most common communication protocol for this power gear, could be more secure. So the problem is how to expose the data – without exposing your equipment.
A good DCIM solution will solve this problem for you. “Collect once, use many” times for these use cases. As the definitive method of collecting and managing your monitored solution, your DCIM should allow you to meet transparency needs without jumping through hurdles or introducing security risks into your monitored equipment network.
Security risks at the gear level must be minimized. A DCIM solution should NOT increase this risk unduly but rather help reduce risks. Power gear should reside on local private subnets (physical or virtual) with near-zero trust. Edge components of a DCIM should reside in the protected subnet and interact with monitored gear locally, then safely report that data upstream. A good test is monitoring gear in a local subnet with ZERO incoming routes or firewall exceptions. Yes, Zero. The ultimate litmus test. In this configuration, ANY external traffic is a violation and SPI (Stateful Packet Inspection) has a maximum value. It may not be realistic to operate in this mode for day-to-day operations – but if you can monitor in this mode and turn off ALL external access, you have a baseline for security. Then and only then add measured exceptions to the firewall (such as management of the edge component) to facilitate easy day-to-day management.
Once device level monitoring is secured and data is recorded in your DCIM, you can address data transparency at the DCIM level without adding risk to your gear. In addition, a flexible API in your DCIM can expose these values to external applications and customers relatively easily. Sure, you can extract this data from most DCIM solutions through complex DB SQL queries and significant overhead and management – but a DCIM solution that answers this need with an integrated approach is the optimal answer.
A top-of-the-line DCIM solution will provide capabilities for charting, tables, and trends. Exceptional support for transparency that exceeds your CoLo customer’s expectations – and lets you focus on operations and service agreements on power, temperature and humidity.
Of course, securing your DCIM solution itself is complex, and a multi-tier approach provides optimal security and control, but that topic goes beyond today’s blog.
Security in a Data Center network is to be taken seriously, and the security design is not trivial. Your DCIM solution should simplify this effort. The Modius’ OpenData DCIM product line does just this – providing an architecture that simplifies the transparency of your collected data. We can help you build a secure solution for CoLo transparency.
You can reach us at email@example.com or 1-888-323-0066.