EMC - Accelerate Cloud Journey Webinar

1© Copyright 2011 EMC Corporation. All rights reserved.

Accelerate the Journey to Your Cloud with EMC and Intel

Josh MelloTechnical MarketingEnterprise Solutions [email protected]

Mark ChmarnySolution ArchitectCloud Infrastructure Engineeringand Service Provider Solutions [email protected]

Tracie ZentiIntel Server Technology [email protected]

Greg LordIntel CorporationCloud & Data Center Marketing [email protected]

mailto:[email protected]





Agenda

EMC Listens and Responds to Data Center needsCustomers’ Drivers for Cloud Initiatives

Industry Challenges and EMC Solutions

The EMC and Intel Alliance

Introduction to Intel TXT

Secure On-Boarding for Hybrid Cloud EnvironmentsChallenges to On-Boarding and Demo

EMC VPLEX Metro

IT-as-a-Service Solution FrameworkSecure Multitenancy

Demo

Additional Resources


The Disruption of Cloud Computing

CloudComputing

Minicomputer

Mainframe

PC / Microprocessor

Networked / DistributedComputing


Q9: Which of the following are top drivers of cloud computing initiativesat your organization? (Please check all that apply)

Agility Top Driver for Cloud Computing

Business agility (faster time to market, increased user satisfac-tion)

Reducing IT infrastructure investment

Reducing IT management and maintenance resources

Increasing capacity/availability (data center, storage etc.)

Increasing productivity of IT

Disaster recovery/business continuity

Improving IT control

Industry regulatory changes

75%

56%

53%

50%

46%

40%

32%

17%

Drivers of Cloud Computing Initiatives at Organization

Base: 636 Total respondents; 234 US respondents; 202EMEA respondents; 200 APAC respondents

Source: CIO Global Cloud Computing Adoption Survey January 2011


EMC Listens, Responds to Industry Needs

• Open Data Center Alliance (ODCA)– Proxy for customer needs – Review of common usage models– Solution alignment

• EMC Response to biggest hurdles of Cloud adaptation

– Security & Compliance (Federation)• Secure Cloud On-boarding Over Distance

– Standardization & Interoperability (Automation)

• IT-as-a-Service Framework


Virtualization Solutions from EMC

Minimize risk and cost of deployment with a proven, tested methodology

Accelerated time to business impact

Reduce the total cost of ownership

Utilize subject matter experts

Leverage EMC’s deep, strategic relationship with VMware


EMC & Intel Alliance• Engineering

• Extensive, deep, and long-term architectural alliance• EMC is the only Storage company engaged with Senior Intel Architects & Fellows on a

regular basis• Intel has implemented storage related microprocessor features as a result of EMC input

• Products• EMC’s products are standardized on Intel Architecture• Deep collaboration throughout design and QA process• Specific microprocessor features brought to market together

• Time-to-market• Enterprise storage traditionally uses older processor technology…• EMC uses Intel’s latest processor technology, delivering higher performing and more

energy efficient storage solutions

• Go-to-market• Intel & EMC share a common vision for open, standards-based Cloud Computing, Data

Center Infrastructure, and IT Transformation• Intel & EMC’s Sales & Marketing organizations collaborate closely to ensure we are

addressing our customers Data Center Storage needs EMC + Intel = Intelligent Data Center Solutions


Intel® Trusted Execution Technology

•Intel® TXT:• Enables isolation and

tamper detection in boot process

• Complements runtime protections

• Reduces support and remediation costs

• Hardware based trust provides verification useful in compliance

TPM

Intel® TXT Incorporates Multiple Components

Intel® 5500/5520

Chipset

VT

Intel® TXT Hardens and Helps Control the Platform

VMM/OS(MLE)

FlashBIOS

• Trust status usable by security and policy applications to control workloads


Intel® TXT Use Models

Internet

Trusted Launch – Verified platform integrity

Trusted Pools

Compliance Support – enhancing auditability of cloud environment

Leadership Use Models: Hardware Trust as a Control Point

1

2

3

Control VMs based on platform trust (and more) to better protect data

Hardware enforced detection of launch components —reduces malware threat

Hardware support for compliance reporting

1

2

3

*Other names and brands may be claimed as the property of others


Intel® TXT: How it Works

Software measured and verified

Platform trust can be reported

Provisioning:

Known good values for BIOS and Hypervisor provisioned into the TPM

1

At power on, measured launch of BIOS, results match?

2

Measured launch of Hypervisor, results match?3

If matched, Platform indicates trusted status

If mismatched, Policy action enforced, indicates untrusted status

4

Use platform trust status to enforce control and enhance visibility

5

Platform trust status can be provided to security apps

*Other names and brands may be claimed as the property of others


TXT Technology Stack

• Re po rti ng on ov era ll s e c u rity la nd s c ap e an d s p ec ia lty c o m pli an c e re po rtin g

• Re po rt on s ta tu s o f m ea s u red la un c h (g oo d o r n o t)

GRCSIEM

• Set Policies for Hypervisor and VM Management

ManageabilityPolicy Management

• 2nd level of TPM Provisioning – take ownership

• TXT measures Hypervisor launch

Hypervisor

• Support TXT in BIOS and base TPM Provisioning

Servers


Secure Cloud-Bursting Across Distance

Enabled by EMC VPLEX Metro and Intel Trusted Execution Technology (TXT)

EMC Solutions Group


Challenges to Cloud On-Boarding and Cloud Bursting

• Organizations support a wider range of mission-critical applications across their extended enterprise

• Application workload migrations need to happen quickly and securely

• Seamless migrations must occur without application downtime

• Federation must be supported across cloud environments


Service Assurance in Hybrid Cloud Environments• Resource Pools• VMware vSphere

– High Availabilty– Fault Tolerance– Distributed Resource

Scheduler– Fault Domain

Management (FDM) in vSphere 5

• VMware vMotion• EMC VPLEX • SLA Assurance

Service Assurance Enabled by VPLEX

Instant data access across two Data Centers

Enable concurrent read and write access to data by multiple host

across two locations

SYNCHRONOUS


Seamless Cloud On-Boarding with EMC VPLEX

• Accelerate Cloud On-Boarding and Support Cloud-Bursting Operations Transparently

– Support spikes in application workloads with real-time migrations


Demo


EMC VPLEX Metro


Site A Site B

Synchronous/asynchronous replication

Active-passive site

Before VPLEX

Federated Data Access


VPLEX Metro / VPLEX Geo

Site A Site B

Fibre Channel / IP

VPLEX enables active use of resources at

two sites

With VPLEX

Federated Data Access

DISTRIBUTED VIRTUAL VOLUME


Cache

Cache Directory D Cache Directory F Cache Directory HCache Directory B

Distributed Cache Coherency

Cache Directory C Cache Directory E Cache Directory G

Cache

Engine Cache Coherency DirectoryBlock Address 1 2 3 4 5 6 7 8 9 10 11 12 13 …

Cache A

Cache C

Cache E

Cache G

Engine Cache Coherency DirectoryBlock Address 1 2 3 4 5 6 7 8 9 10 11 12 13 …

Cache A

Cache C

Cache E

Cache G

Cache Directory A

New Write:Block 3

Read:Block 3

CacheCache

Directory-based distributed cache coherence efficiently maintains cache state consistency across all VPLEX engines


Compute-as-a-Service


Flexible Support for Your Cloud Stack

vCD (VMware Cloud Director)

vCenter Orchestrator/ Cisco Intelligent Automation

EMC – Unified Storage

Nexus (Converged Net.)

Intel XEON-based Servers

vSphere

vCenter

Unisphere

UCSM

Fabric Manager

UIMR

eplic

ati

on

RSA Security – Auth. Mgr, DLP, enVision

IONIX (Monitoring, CMDB)

SITE A

Avamar / DataDomain / Networker

Replication Manager, DPA

EMC – Symmetrix VMAX

Nexus (Converged Net.)

Cisco UCS

vSphere

vCenter

Unisphere

UCSM

Fabric Manager

UIM

SITE B

Avamar / DataDomain / Networker

Replication Manager, DPA

Hypervisor

Compute/Storage/Network

Data Protection

Security

Provisioning/Element Mgr.

Management

Service Catalog & Orchestrators

http://www.google.com/imgres?imgurl=http://media9.connectedsocialmedia.com/vmware/03/4212/vmware_view_pilot.jpg&imgrefurl=http://vmware.connectedsocialmedia.com/&usg=__4LGJh-5ZJk1uZxg61Pk4yeYGpHc=&h=270&w=480&sz=11&hl=en&start=1&zoom=1&tbnid=ICQjMD4toriegM:&tbnh=73&tbnw=129&prev=/images?q=vmware&um=1&hl=en&sa=N&tbs=isch:1&um=1&itbs=1

http://www.google.com/imgres?imgurl=http://www.sectechno.com/wp-content/uploads/2009/04/cisco_11.jpg&imgrefurl=http://www.sectechno.com/tag/cisco/&usg=__BZEdyCSNgLRZvu7Kw3E3RVN5GdE=&h=400&w=600&sz=17&hl=en&start=1&zoom=1&tbnid=o0Xnk9mJitUWiM:&tbnh=90&tbnw=135&prev=/images?q=cisco&um=1&hl=en&sa=N&tbs=isch:1&um=1&itbs=1

http://www.google.com/imgres?imgurl=http://event.on24.com/event/15/47/26/rt/1/images/thumbnail/rsa_campaign_-_use.jpg&imgrefurl=http://www.insight24.com/webcasts/company/rsa&usg=__KuNXLFIxauqReEjer_zclSqbDno=&h=360&w=480&sz=14&hl=en&start=3&zoom=1&tbnid=VAWUu-9Shv2oEM:&tbnh=97&tbnw=129&prev=/images?q=RSA&um=1&hl=en&sa=N&tbs=isch:1&um=1&itbs=1

http://www.google.com/imgres?imgurl=http://www.thirdsky.com/site/images/partner_logos/newscale.jpg&imgrefurl=http://www.thirdsky.com/site/content/partner_listing.asp&usg=__5lz2Wbx2kUvsHayPUf3D_SiVanE=&h=103&w=226&sz=7&hl=en&start=1&zoom=1&tbnid=NLft-_gZLF0MCM:&tbnh=49&tbnw=108&prev=/images?q=Newscale&um=1&hl=en&sa=N&tbs=isch:1&um=1&itbs=1


Compute-as-a-ServiceVMware vCloud Director and Cisco Intelligent Automation for Cloud


Compute-as-a-ServiceVMware vCloud Director and vCenter Orchestrator


Define Multiple Consumption Models• Capacity-As-You-Go

• “Pay-Per-VM” model• No upfront resource allocation• Org VDC allocated resources

only as users create vApps• IT can set compute limits to cap

usage

• Reservation pools• Guaranteed container

• 100% of container guaranteed

• Organization given resource management capabilities (shares and reservations)

• Allocation Pools• Resources allocated, but not

guaranteed

• Similar to the “airline seat” model

• IT can over-provision


Secure Multi-tenancy and VDCs Allow BUs to Share infrastructure

• Secure Multi-tenancy with vShield

• Virtual networking technologies segregate network traffic

• Policy-based management eliminates “noisy neighbor” concerns

• Enables shared infrastructure

• Formerly silo’d infrastructures (either separate clusters or entire datacenters) can be migrated to virtual data centers

• No airgapped pods/silos

• Eliminates the need for physical separation for security or compliance

• Maximizes consolidation ratio

HealthcareOrganizatio

n

AerospaceOrganizatio

n

Consumer Organizatio

n

HealthcareVDC

AerospaceVDC

Consumer VDC

HealthcareInfrastructu

re

Aerospace Infrastructure

Consumer Infrastructure


Secure Separation

• VMware vCloud Director

• vShield for vCloud Director

– Port-level stateful firewall

– Network Address Translation

– DHCP services

• Cisco Nexus 7000– VLAN

Segmentation– Separate VRF’s per

tenant


Defense in Depth for Your Cloud Infrastructure

Virtualizes common network services such as NAT and DHCP

vShield Endpoint protects the individual VM with offloaded anti-virus

vShield App protects the applications with multi-VM trust zones

vShield Edge protects the virtual data centers with port-level stateful firewalls


Assuring Application Performance

Automates movement of hot or cold blocks

Optimizes use of high performance and high capacity drives

Improves cost and performance

Fully Automated Storage Tiering for minimum TCO

LUN 2

LUN 1

Tier 2

Tier 1

Pool

BEFORE AFTER

Tier 0

Most activity Neutral activity Least activity


FAST Cache Approach Page requests satisfied from

DRAM if available

If not, FAST Cache driver checks map to determine where page is located

Page request satisfied from disk drive if not in FAST Cache

Policy Engine promotes a page to FAST Cache if it is being used frequently

Subsequent requests for this page satisfied from FAST Cache

Dirty pages are copied back to disk drives as background activity

MAPPolicyEngine

Driver

Exchange SharePointOracle

DatabaseFileVMwareSAP

DRAM

FAST Cache Disk Drives

FA S T S U I T E


Future Proof Your Existing Storage Investment • Scale out from

your existing environment

• Optimal Service Tiers for all of your applications

• Support for Heterogeneous Storage in existing environments


Provisioning a New Customer Organization

Demo


Design Principles and Considerations for Deployment

• Chargeback/Reporting

• Security and Compliance

• Availability and data protection

• Secure separation • Service assurance


Leverage Proven Practices


Thank You!

• EMC Solutions for VMware Webcasts - Every Thursday at 11:00 AM ET

• EMC Solutions for VMwarehttp://www.emc.com/solutions/application-environment/vmware/index.htm

• Secure Cloud On-Boarding Across Distancehttp://www.intelcloudbuilders.com/docs/Intel%20Cloud%20Builders_EMC_Secure%20Onboarding.pdf

• Intel® TXT Technology home page

http://www.emc.com/solutions/application-environment/vmware/index.htm

http://www.emc.com/solutions/application-environment/vmware/index.htm

http://www.intelcloudbuilders.com/docs/Intel%20Cloud%20Builders_EMC_Secure%20Onboarding.pdf

http://www.intelcloudbuilders.com/docs/Intel%20Cloud%20Builders_EMC_Secure%20Onboarding.pdf

http://www.intel.com/content/www/us/en/architecture-and-technology/trusted-execution-technology/malware-reduction-general-technology.html




Questions?


Accelerate your Journeyto the Cloud with EMC Solutions

Josh MelloTechnical MarketingEnterprise Solutions [email protected]

Mark ChmarnySolution ArchitectCloud Infrastructure Engineeringand Service Provider Solutions [email protected]



EMC - Accelerate Cloud Journey Webinar

Business

Transcript of EMC - Accelerate Cloud Journey Webinar