NetApp CloudOps platform to add security, CloudCheckr

NetApp's CloudOps platform, Spot by NetApp, matures further with new security and cloud oversight from forthcoming Spot Security and CloudCheckr additions.

The Spot by NetApp toolset will expand beyond cloud management and automation for DevOps with new features from Spot Security and CloudCheckr.

NetApp announced the new additions to Spot by NetApp at its Insight 2021 virtual conference this week.

Spot Security, a new product for the Spot by NetApp service, will focus on security for an enterprise's public cloud infrastructure, protecting against potential threats or misconfigurations through infrastructure mapping and user interactions in the cloud.

Spot Security is the first such security-focused service added to Spot by NetApp. Spot by NetApp currently packages a variety of services together to analyze and automate management of hybrid cloud infrastructure.

CloudCheckr technology, according to NetApp, will integrate new cloud financial management features to Spot focused on optimizing cost, security and governance for public cloud services.

The storage vendor signed a definitive agreement to acquire CloudCheckr earlier this October.

CloudCheckr can break down cloud usage and spending all the way down to the department level for enterprises, according to Kevin McGrath, CTO of Spot by NetApp.

"It will give you all the mechanisms you're looking for from a financial perspective to where your cloud costs are going," he said, adding the closing of the acquisition is still ongoing.

Both Spot Security and CloudCheckr mark a push by the storage vendor to further expand its services into cloud-native development and more complex container storage needs, said Steve McDowell, a senior storage analyst at Moor Insights & Strategy.

"They're broadening their footprint [in the cloud]," McDowell said. "Anything they can do to simplify the cloud piece is good."

Anything they can do to simplify the cloud piece is good.
Steve McDowellSenior Storage Analyst, Moor Insight & Strategy

On-the-spot security

Spot Security, by using the software's self-generated logs and following administrator policies, tracks the public cloud APIs, network traffic and user activities to alert administrators of potential security risks, including access, utilization and configuration changes.

The software can then suggest actions to remediate an issue manually or automatically resolve it, if able. Each risk is also assigned a score by Spot Security, with remediation priority escalated for higher scores. Spot Security also provides network topology and event logging to further assist in remediation as well as outline the logic behind each suggestion.

"When we present you a risk, we'll be able to tell you if that risk is linked to other assets so you'll be better informed with whatever remediation steps you take," said Azzedine Benameur, head of cloud security products for NetApp.

Spot Security integrates with the existing Spot client as an additional dashboard and is agentless, requiring limited trust from the customer's infrastructure or an active role if used for remediation.

Administrators can customize specific alerts and notices depending upon specific profiles and cloud regions through the Spot client as well.

Spot Security will be available for private preview soon, according to NetApp, with general availability to follow on AWS and Microsoft Azure.

Few other storage vendors provide cloud services alongside their traditional storage catalog, said Dave McCarthy, research vice president at IDC.

Appito provides similar cloud management tools independently, while VMWare and Pure Storage have made a push into container storage with their product lines, McCarthy said.

"What NetApp is trying to do with Spot is build all the best of these tools in a single suite," he said. "The benefit of cloud is the potential capability, but how do you scale the management of it without just adding bodies? Companies need more automation in how they handle these environments."

Round peg for a square hole?

That push into cloud services, the specialty of Spot by NetApp, feels half-hearted for a company traditionally associated with on-premises hardware, said Marc Staimer, president of Dragon Slayer Consulting.

"I don't see it integrated into anything [NetApp does]," Staimer said. "It seems like a bolt-on… it's not exactly synergistic with any of NetApp's products."

The acquisition of Spot last year provided NetApp technology and a presence in cloud management, but the company hasn't done much with the tools or brand since then, Staimer said. Finding the value of Spot for existing and potential customers is a push the company will need to make quickly or risk having the Spot services viewed as vestigial products, he added.

"I'm unclear of how this fits into their overall strategy," Staimer said. "If you don't have a vision, everything you do feels haphazard and disjointed. … You're making up a lack of inspiration with perspiration."

However, Staimer said the cloud cost insight provided by CloudCheckr can prove useful to enterprises, especially if DevOps pros forget to cancel services they're finished using.

"It's so easy to spin up an instance in the public cloud," he said. "The problem is when you're done developing [a product], are people spinning [instances] down? You have a lot of orphaned services."

In McCarthy's view, the separate branding on Spot by NetApp and the vendor's legacy OnTap help differentiate between cloud-native or hybrid storage needs.

Spot by NetApp can become another set of services enterprises add if they're already NetApp customers, positioning the vendor as an all-encompassing provider for storage needs, McCarthy said.

NetApp has also made strides in partnering with major public clouds such as AWS. The two companies launched Amazon FSx for NetApp OnTap last month.

"[NetApp] has their history in the world, but they're making a push to the new world," McCarthy said.

Next Steps

NetApp BlueXP and the journey to an 'evolved cloud'

Dig Deeper on Storage architecture and strategy