All posts by Ofir Arkin

About Ofir Arkin

Ofir Arkin is the Vice President of Security at Mellanox Technologies where he is responsible for creating, driving and coordinating the overall vision and product strategy for security across all products. Prior to his tenure at Mellanox Technologies, Ofir served as Vice President and Chief Architect at Intel Security (McAfee) where he was responsible for driving and coordinating the overall architectural vision across Intel Security products. Prior to his role as Chief Architect, Ofir served as CTO for the Security Management Business, and was responsible for driving the vision and product strategy for McAfee’s security management business unit. Joining McAfee as part of the acquisition of Insightix, Ofir pioneered the use of messaging in the field of security to share information in real-time, between different security products and solutions through the use of a single API, to enable an adaptive security infrastructure (also known as the Data Exchange Layer). Ofir led cross-functional teams on the architecture, strategy and execution of this adaptive security infrastructure. His work in this area created the design and accelerated the development of DXL, culminating in the release of McAfee Threat Intelligence Exchange, the first technology fully leveraging DXL. Prior to his tenure at McAfee, he founded Insightix, an innovator of real-time security intelligence and control solutions where he served as CTO. He has also authored numerous research papers, patents, patent applications, advisories and influential articles covering adaptive security, information warfare, network visibility, access control, VoIP security and remote OS fingerprinting.

Don’t Host Security Threats: BlueField SmartNIC Trusted Security Solution – The Only Way to Secure Your Infrastructure

The Meltdown and Spectre microprocessors-based attacks are prime demonstrations for why the attempt to secure data or infrastructure via host-based solutions (i.e. host software or host processor) is destined to fail. When the security controls and the attacker share the same trust domain (the host) it is most likely to result in an undetected security breach. The only trusted way to protect the data center infrastructure is to separate the security controls from the host.

The Mellanox BlueField SmartNIC-based model for data center security solves both the security problems and the performance problems of edge-centric policy models, while allowing for significantly better scaling and cost savings. BlueField completely isolates the security controls from the host, where shared resources can be exploited at both the software level – and now, the hardware level.

In order to deliver networking capabilities in a more scalable, agile, and cost-effective manner, the networking environment in modern datacenters is transforming towards extreme speed and simplicity – pushing functionality that traditionally lived in the network onto host machines themselves.

Only on the edge of the network can granular visibility and security controls be effective on a per-workload basis. Security policy, therefore, is distributed and enforced using host-based SDN models at the server-access layer. The end-result is massive scalability.

However, having a smarter edge brings significant performance and security challenges that must be addressed:

  • The server CPU cannot handle today’s exponential data growth. As more functionality is now implemented at the host, fewer compute resources are dedicated to running applications and tenant workloads.
  • Endpoint protection suffers from an inherent issue as security controls are found on the same trust domain as that of the attacker. As such, a successful attack against the host is most likely to result in the security controls being subverted and the security policy violated.

Therefore we cannot trust the software running on a host – nor can we trust the CPU executing that software. We must provide a way to run infrastructure functionality (such as network, storage, and security) in a way that would not allow the enforced policy to be subverted even if the host is compromised. Cloud providers and enterprises, for example, need to trust their infrastructure functionality even when under attack. The Meltdown and Spectre microprocessors-based attacks are prime demonstrations for why this approach is a must for modern data center security.

Using the BlueField SmartNIC, the control and data planes of infrastructure functions (networking, storage, and security) are fully implemented in, and offloaded by, the smart network adapter in a manner that does not allow the host to interfere with their operation. Infrastructure functionality runs securely as it operates independent of the host in an isolated manner on a separate trust domain (the smart network adapter). A successful attack against the host, or one of the workloads using it, does not warrant the ability to alter the policies applied to infrastructure functions; those are enforced by the smart network adapter.

Additionally, with these key networking, storage, and security functions now being fully offloaded by the SmartNIC with zero host CPU utilization, more capacity is available per server.

This, combined with the ability to isolate and protect each individual workload, allows BlueField to control risk at the edge of the network, and enables distributed security to be built into the DNA of the data center infrastructure.