Datacenter 2014: Symantec - Peter Schjøtt

Version2, Datacenter 2014 1

Hvorfor kun sikre Cloud’en halvt- tænk sikkerhed fra starten…

Peter SchjøttPr. Security Presales Engineer

Why Cloud• Cloud characteristics – whether private or public

– Broad network access

– Rapid elasticity

– On-demand self-service

– Shared pool of resources

– Measured service

• Cost reduction through efficiency• Comparable better security through standardisation

• Business focus on core, abstract from the rest


4

Market Dynamics

4

Targeted Attacks & APT’s

CloudPrivate, Cloud, Hybrid

ChangeOrganization, Process, Regulation

Virtualization& Software-Defined “X"

Version2, Datacenter 2014

5

Big Picture

5Version2, Datacenter 2014

Data Center RisksIncreased automation and the virtual layer increases the attack surface, convergence of

infrastructure creates big risk around privileged users.

Traditional Data Centers Private Cloud

Many servers, network and storage systems in separate data centers with separate

admins; slow provisioning

Many servers, network and storage systems in fewer consolidated data centers with high

automation and fewer admins; faster provisioning

Large attack surface, concentration of risk


shifting gears the SDDC

7

Drivers Cost

Speed

Flexibility

Inhibitors Security Tax

Complexity

Compliance

The data center of the future is software-defined. It is dynamic and application-centric. Our mission is to support our customers as they evolve to the SDDC.

Dat

a C

ente

r S

ecur

ity

Compute and Storage Virtualization

Network Virtualization

Software Defined Services

On-Prem/Private/Public Cloud Resources

So

ftwa

re-D

efin

ed

Da

ta C

en

ter

Applications and Policies

Aut

omat

ion

and

Man

agem

ent


Dat

a C

ente

r S

ecur

ity

Compute and Storage Virtualization

Network Virtualization



So

ftwa

re-D

efin

ed

Da

ta C

en

ter

Applications and Policies

Aut

omat

ion

and

Man

agem

ent

The Bets


theCloud Betthe

virtualization Bet

78%

31%25%

Securing private clouds is a good early bet as private clouds will continue to be

strongly preferred over public and hybrid clouds

HybridPublicPrivateSource: IDC CloudTrack Survey, 2012

Security represents a large opportunity as it is the key

obstacle for the virtualization of mission

critical workloads

theSDN Bet

Aligning with e.g. VMware and Cisco to secure SDNs is

key as customers will definitely adopt pure or

mixed SDNs at a rapid pace

the SDDC Bet

DC Automation and orchestration are key to

SDDCs and will mandate a parallel need for security

orchestration.

0%20%40%60%80%

67%47% 57% 52%

41% 35% 40%

Source: VMware Conference 2012

theData Center Bet

As Data Center consolidation in combination with virtualization increases the concentration of risk, we

will see a corresponding demand for security.

Data center consolidation is projected to account for

27% of IT spend (2010-2016)Gartner, 2011

8

Da

ta C

ente

r S

ecu

rity

Compute/StorageVirtualization

NetworkVirtualization



So

ftw

are

-De

fin

ed

Da

ta

Ce

nte

rApplications and Policies

Au

tom

atio

n a

nd

Man

agem

ent

Support for key standards for private

clouds e.g. Openstack and partner with

vendors delivering those standards e.g. Amazon, VMware,

Openstack

Security for leading hypervisors

Security for hybrid networks

Integrated security orchestration

Dynamic, context-based, policy-

centric security

Software Defined Security

“By 2015, 40% of security controls

used in Enterprise data centers will be virtualized, up from less than 5%

in 2010”

– Neil MacDonald

A dynamic, application-centric data center needs dynamic, application-centric security.

SDN and SDDC platforms will be enablers of security

consolidation offering a platform for security

orchestration

the Security Bet



Public Cloud

Cloud Computing Top Threats• Data Breaches• Data Loss• Account or Service hijacking• Insecure Interfaces and APIs• Denial of Service• Malicious Insiders• Abuse of Cloud Services• Insufficient Due Dilligence• Shared Technology Vulnerablities


What are my risks using Cloud

Identify the asset

Evaluate the asset

Map asset to Cloud depl.

modelsEvaluate Cloud service models and providers

Map data flow

Conclusion


How

do

you

get

out

of a

Clo

ud a

gree

men

t?

•C

loud

ven

dor

lock

-in•

Dat

a lo

ck-in


Summing up

Where can Symantec help


Governance Prevention / Protection /Assurace

Monitoring / Reporting / Alerting

Mitigation / Correction

Risk AnalysisPoliciesComplianceVendor RiskRisk modelling

Desktop/laptop/server protectionEncryptionDLPMessagingAuthenticationCertificates/PKIStorage ManagementHypervisor hardening

Managed servicesDeepSight

BackupArchiving

Addressing Security Challenges Today


Public Cloud

Integrated Compliance Views across platforms

2

• Broadest Portfolio of Security for physical & virtual1

Latest Offering – DCS : Server and Advanced3

Best in Class Threat Intelligence Symantec DeepSight / GIN4

• Symantec Protection Engine for Cloud Services 5

Information Security

• Threat Protection • Server Hardening • Hypervisor Hardening • Encryption • Data Protection• Messaging Security

Information Assurance

• Archiving• Backup • Availability

Segmented Physical/Virtual

Next Gen SDDC

15

Thank you!

Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.


Peter Schjø[email protected]

Datacenter 2014: Symantec - Peter Schjøtt

Technology

Transcript of Datacenter 2014: Symantec - Peter Schjøtt