Scalability

Scalability is a system's ability to adapt to demand.

 Vertically

When a system becomes overwhelmed by requests, we can add more compute resources (CPUs, RAM, faster I/O, networking connections) to the system to enable it to handle the demand. This approach may be more volatile.

 Horizontally

When a system becomes overwhelmed by requests, we can add more systems to enable the service to handle the demand.

Resiliency

 High availability

High availability provides ensures that systems will have limited downtime.

 Diversity/heterogeneity

Relying too heavily on one vendor could impact the security of the environemnt. With the rise of zero-day exploits and supply-chain attacks, one vendor could bring down your environment.

 Course of action orchestration

The creation of automated responses to avoid outages. Having scripts respond to outages or other issues increases reaction time to an incident.

 Distributed allocation

Having distributed systems that share the workload help provide high availability.

 Redundancy

The duplication of systems and data can help with any sort of loss to availability.

 Replication

Data that is held in the primary instance is copied to a standby instance, this helps support high availability, backups, and disaster recovery.

 Clustering

High availability can be provided through clustering the application. Multiple servers host the application and depending on the workload of each server a load balancer assigns requests to servers that have less workload.

Automation

 Autoscaling

When there is a spike in demand additional compute resources can be automatically provisioned to meet the need.

 Security Orchestration, Automation, and Response (SOAR)

Automated responses that a SOC uses to respond to security events using Runbooks.

 Bootstrapping

Creation of configurations for VMs that are automatically provisioned to help meet demand.

Performance

When designing the security of networks, infrastructure, and procedures performance must be taken into account. Part of the CIA triad is Availability, having low performance due to improperly configuring the infrastructure is a security issue.

Containerization

Using containers such as Docker help provide quick and easy provisioning of applications. Ensure that the containers that are being implemented are secure.

Virtualization

Virtualization allows an organization to run virtual equipment on a hypervisor. This allows an organization to run multiple OSes on a single physical server.

Content delivery network

Content delivery networks are dispersed servers that deliver content to end users. This helps speed up delivery of the content and protects against DDOS attackes/

Caching

Data that is commonly or recently accessed can be stored in high-speed storage like RAM, this speeds the delivery of the content to the end user.