At Cumulus Networks, we take a lot of pride in the fact that web-scale networking using Cumulus Linux can have an immense impact on an organization’s ability to scale, automate and even reduce costs. However, we know that efficiency and growth are not the only things our customers care about.
In fact, many of our customers are interested first and foremost in the security of web-scale networking with Cumulus Linux. Many conclude that a web-scale, open environment can be even more secure than a closed proprietary one. Keep reading to learn more or scroll to the bottom to check out our infographic “The network security debate: Web-scale vs. traditional networking”
Here are some of the ways web-scale networking with Cumulus Linux keeps your data center switches secure:
- Cumulus Linux uses the same standard secure protocols and procedures as a proprietary vendor: For example, Openssh is used by both traditional closed vendors and Cumulus Linux. The standardized MD5 is used for router authentication, and Cumulus supports management VRF.
- Web-scale networking has more “eyes” on the code with community support: Linux has a large community of developers from different backgrounds and interests supporting the integrity of the code. Since an entire community of developers check the code, dependency on specific vendors, employees or specific interests is eliminated.
- Customers are not reliant on a sole vendor to fix a vulnerability: When a vulnerability is found, it is shared with the community and an update with only that fix is provided as quickly as possible, sometimes within hours. Proprietary stacks, which often leverage modified versions of the same software, need to analyze these vulnerabilities and do their own patching and testing. No one is reliant on one sole vendor to fix and supply the update.
- Cumulus Linux hardens the switch by default: For example, the root account is disabled, insecure protocols—like telnet and ftp—are disabled, and control plane policing is enabled.
In short, we believe web-scale networking with Cumulus Linux is just as secure as traditional methods, if not more so. Many more security features than the ones mentioned here are supported to protect the switch against vulnerabilities.
If you would like to learn more about the technical security features offered with Cumulus Linux, we recommend you check out our security whitepaper, “Securing Cumulus Linux: Security Recommendations and Best Practices”. The paper covers the security aspects of Cumulus Linux, along with industry best practices and recommendations.
For a quick visual guide on how web-scale networking security stacks up against traditional methods, check out this infographic:The networking security debate: Web-scale vs Traditional Networking