Securing the public sector’s edge in a new era of cloud computing
The federal cloud migration is well underway. Additionally, our federal customers are requesting increasing levels of automation via system-to-system interactions. Because of this, our portals and products are becoming increasingly application programming interface (API) driven. These modernizations bring flexibility, cost savings and a host of other benefits that are well documented. At Lumen, we are working with a variety of government agencies to help them navigate through the new complexities of these transformations to achieve benefits and meet their missions.
The first thing most government IT pros recognize is that moving to the cloud is really moving to the clouds – plural. Spreading workloads across multiple cloud providers is standard practice today. This multi-cloud approach needs to be designed into your IT architecture and built into how you manage all those workloads. Our Cloud Application Manager can play a key role in putting the right workload in the right cloud.
But, we bring another perspective to any cloud discussion. When we hear “cloud,” we also hear “edge computing” or what’s often called “edge cloud.” This is an important component of any enterprise IT architecture today, and it is particularly relevant to the strict security needs of the federal government. A secure cloud and edge infrastructure as a service (IaaS) helps Lumen to accelerate development and reduce the time to market for our customers and partners.
Multiply assets, reduce risk
In recent years, Lumen has made large investments in expanding our fiber network and in positioning the edge of that network near data center facilities. Most of the major cloud providers have data centers on our network. So, we can leverage that combination into an edge cloud service.
A simple way to think about it is that if you had your software stack only in the cloud, it might be in 15 facilities across the country. With the edge cloud, we can put your stack in 200 facilities. That expansion will moves applications closer to users, reducing latency. Coordination with the cloud is also maintained, passing only key data across the network to control transmission costs.
This edge cloud approach improves security in two ways. First, we can move security procedures such as authentication and access control closer to where the users actually are. That helps you know who is logging onto the network before they get access to resources, without having to backhaul security to a centralized data center somewhere.
The second security improvement extends from our architectural approach to building and replicating these stacks across sites. It’s automated to help eliminate human error and it employs containerization and orchestration technologies such as Kubernetes so that we can easily tailor application development to governmental needs.
Using tools like Kubernetes allows our DevOps teams to deploy services in a consistent way no matter the underlying hardware, and services. We are now able to represent entire systems as code that can be controlled, audited, secured and deployed to any cloud.
Enhanced container image scanning allows us to quickly detect new vulnerabilities, patch, test and deploy updates, keeping our environments as secure as possible while achieving 100% automated deployment and configuration updates.
To achieve zero-touch deployments, we leverage tools like Flux. Flux detects changes to our configuration code and synchronizes the Kubernetes cluster to achieve the desired state. With Flux we can push our environment configuration to a GitHub repository, greatly simplifying the management of multiple clouds and edge locations.
In addition to Flux, Lumen leverages Helm. Helm allows us to templatize all our deployment specifications and maintain virtually every aspect about our environment as code.
The Kubernetes ecosystem is aggressively expanding to include automation that was previously entirely manual within the Lumen public sector organization. Automated certificate provisioning, fully integrated API gateways (https://konghq.com), intra-cluster service mesh (https://kuma.io) are all defined as code.
The use of the Kubernetes platform allows Lumen to take advantage of all this new automation to help create consistent and secure operating environments.
That’s a lot of technology information for one blog. The bottom line is that all this is represented as code in a git repository. It’s all versioned, tested and secured.
With edge computing, we can expand the public sector’s capabilities, and secure it in new ways. Let’s talk.
This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. ©2021 Lumen Technologies. All Rights Reserved.