Nicklous Combs, EMC Federal Chief Technology Officer Technology Trends Today.
-
Upload
raven-pitt -
Category
Documents
-
view
221 -
download
2
Transcript of Nicklous Combs, EMC Federal Chief Technology Officer Technology Trends Today.
Nicklous Combs, EMC Federal
Chief Technology Officer
Technology Trends Today
Megatrends: Move to the Next Generation Data Center
Deployment of ubiquitous IP networks Expansion of networked consumer electronics Explosion of digital content Movement to unified communications Advancement of highly scalable, low cost compute Convergence of networks, compute and storage Recovery of the economy yields technology refresh Desirability of a IT utility model Appetite for new applications
Mostly unstructured 95%
Mostly unmanaged 85%
Becoming more regulated ▲
Responsibility of organizations 85%
Information
1.8 ZbInformation Growth
Information Today
MiniMainframe Networked/Distributed Computing
PC / Micro-
processor Next
Cloud
Mid-’60s -’70s 70s-80s Late 70s-’90s Mid-’90s-Today
IBMBurroughs
UnivacNCR
Control DataHoneywell
NEC…
DECIBMDG
WangPrimeApollo
…
MicrosoftIntel
AppleIBMSunHP
Compaq…
CiscoNetscapeGoogle
MicrosoftOracleEMC
Salesforce.com. . .
Waves of Information Technology
Source: VMware Fortune 100 Customers
Where IT Energy is Spent Today
42%InfrastructureMaintenance
30%Application
Maintenance
23%ApplicationInvestment
5%Infrastructure
Investment
Mission ExecutionDEPENDS ON
IT Agility
>70%
<30%
IT Budgets:
just maintaining the status quo
goes to innovation andcompetitive advantage
What Cloud Computing Needs to Solve: IT Infrastructure is Too Hard to Manage
Perceived barriers to a new approach• Security• Compliance issues: Transparency, citizenship, data location regulations• Interoperability: Vendor lock in, Integration, Application rewrites
CLOUDCOMPUTING
Market Forces
• The Economy
• Administration priority
• Anytime, anywhere IT
• Tectonic shift in technology
Business Forces
• Information Growth
• Defer and avoid costs
• Fix the IT bottleneck
• Map supply and demand more effectively
• De-capitalize IT
Forces driving change
ThePrivate Cloud
Today’sIT World
THE
Journey
THE
Bridgewherecustomers are
of fully automatedand virtualizeddata centers
Unprecedented levelsof efficiency, control, choice
Increasing complexity,inflexibility, and cost of
traditional IT environments
Build the Bridge to the Private Cloud
It's operated differently
Dynamic pools of virtualized resources
Highly automated low-touch and zero-touch models
1
2
It's built differently
It's consumed differently3 Convenient consumption, sometimes pay-as-you-go
CloudComputing
Data Center
Customers Will Realize Unparalleled Savings
What’s the Promise of Cloud Computing?
Solution Packages Rapid deployment model of
virtualized infrastructure Preintegrated and validated solutions
reduce total cost of ownership (TCO) Service level driven through
predictable performance and operational characteristics
Improved compliance/security and reduced risk
Rich APIs
Security
ResourceManagement
NetworkNetworkComputeCompute
VirtualizationVirtualization StorageStorage
Accelerate Time to Results – Reduce TCO
Converged Infrastructure: A New Way to Deliver IT
Server Provision Cycle
Server Costs
Hardware Deployment Time
Overall Hardware Utilization
Cut from 46 days to 35 minutes
Reduced by 40%
Decreased by 40%
From less than 10% to more than 40%
Impact: Converged Infrastructure Customer Example
Enables business requirements to translate to IT resources» Business owner inputs application, uptime, number of users,
business continuity, backup, and security requirements» Resources are rapidly assigned according to user specification
reducing time to application availability
Define Map DeployTranslate
IT Requirements
# VMs
Disk Capacity (MB)
SynchronousReplication
Fault Tolerant
Security Policy
Etc…
Business Requirements
Application
Operating System
# Users
SLA (Gold, Silver, Bronze)
Etc…
Storage Template
Compute Template
Fabric Template
Application Template
Enable choice and flexibility, retain control
Policy-driven Infrastructure enables Private Cloud
Security Architecture for the Cloud
Media WorkSpace TaskSpace
Integration Services
Media Transformation Services
Case Management Collaboration Content
Security
FTP
Transform Images
ExtractMetadata
Assemble Content
Content Store
SOAP
Populate Virtual Case File with supporting content
Single-INT Application
.KML
Media Delivery Services
Business Process Management
PrivateCloud
MPP Data Warehouse Queries (Big Data)
Multi-INT Fusion in an Agile Operation Center Scenario Overview
Private cloud-enabled infrastructure
Virtualized, proven solutions
Cloud operating system and model
Virtual data center-centric systems management15%
30%
50%
85%95%
Broad adoption of service model
Journey to the Cloud
Architect for the Future
Cloud evolution has launched Adoption will accelerate and last 24-36 months Converged infrastructure is the foundation Innovation will be led by market leaders Cost matters but the need is speed55
4433
11
22
Conclusion
Security challenges in today’s virtualized and cloud environments
Cyber security is major national and economic security issue
Protecting assets and managing access to IT resources has never been more important
Cloud computing is expanding the attack surface and breaking traditional network boundaries.
Do our current security architectures meet the threats?
The Challenge
19
Trusted
Control
Reliable
Secure
Flexible
Dynamic
On-demand
Efficient PrivateCloud
CloudComputing
Virtualized Data Center
Security
Virtualization
Federation
Internal cloud External cloud
Security: A Core Component of the Cloud
Dark CloudDark Cloud
StolenFiles
Repository
Hacker ForumDiscussion
BotnetHerders
MalwareInfection Point
TrojanMothership
StolenCredentialsDatabase
eFraudNetwork
USER 1
USER 2
USER 3USER 4
Corp 5
Corp 6
Corp 7
GSA
First level of defense: Cybercrime intelligence Second level of defense: Strong authentication Third level of defense: Information rights management
Provide Cybercrime Intelligence Based on Feeds from the Dark Cloud
Physical Infrastructure Physical Infrastructure
APP
OS
APP
OSAPP
OS
APP
OS
APP
OS
APP
OS
APP
OS
APP
OS
Enterprise #1 Enterprise #2
Attackers
IdentityInfor-
mationInfor-
mationIdentity
Traditional Computing: The Network Security Perimeter is Aligned with Policy Boundaries
Adoption of Cloud Computing is Expanding the Enterprise Attack Surface
Internal Employees
BusinessAnalytics
EnterpriseApplications
ReplicaBackup
Disk
Backup Tape
SharePointeRoom, etc.
File Server
DiskArrays
ProductionDatabase
Privileged UsersContractors Privileged Users Privileged Users
Partner Entry Points
Channels
Customers
Partner Entry Points
Partners
Channels
Remote Employees
Channels
VPN
Apps/DB StorageFS/CMSNetworkEndpoint
IP Sent to non trusted user
Stolen IPApp, DB or Encryption
Key HackFraud Stolen
Credentials
Endpoint theft/loss
Network LeakEmail-IM-HTTP-
FTP-etc.
PrivilegedUser Breach
InappropriateAccess
Privileged Users
Tapes lost or stolen
Data LeakVia USB/Print
Public Infrastructure Access Hack
UnintentionalDistribution
(Semi) Trusted User Misuse
Discarded disk exploited
Physical Infrastructure
APP
OS
APP
OS
Physical Infrastructure
Tenant #1
Physical Infrastructure
Tenant #2Cloud Provider
Attackers
APP
OS
APP
OS
APP
OS
APP
OS
Virtual Infrastructure
APP
OS
APP
OS
Virtual Infrastructure
Identity
Information Information
Identity
Private Clouds demand a Policy-aware “Trusted Zone” for Data, VMs, and Identities
Physical Infrastructure
Tenant #2
APP
OS
APP
OS
Virtual Infrastructure
Physical Infrastructure
Cloud Provider
APP
OS
APP
OS
Virtual Infrastructure
Tenant #1
Isolate information from cloud providers’ employees
Isolate information
among tenants
Isolate infrastructure from Malware, Trojans and
cybercriminals
Segregate and control user
access
Control and isolate VM in
the virtual infrastructure
Federate identities
with public clouds
Identity federation
Virtual network security
Access Mgmt
Cybercrime intelligence
Strong authentication
Data loss prevention
Encryption & key mgmt
Tokenization
Enable end to end view of security events and compliance across infrastructures
Security Info. & Event Mgmt GRC
Anti-malware
Trusted Zones Key Capabilities
Pushing information security enforcement in the virtualization and cloud infrastructure ensures consistency, simplifies security management and enables customers to surpass the levels of security possible in today’s physical infrastructures
Physical infrastructure
APP
OS
APP
OS
APP
OS
APP
OS
vApp and VM layer
Virtual and cloudinfrastructure
Virtual and cloudinfrastructure
Today most security is enforced by the OS and application stack making it ineffective, inconsistent and complex
Virtualization Enables More Effective Security by Pushing Enforcement Down the Stack
Across virtual, physical, internal and external infrastructures
Tenant #2
APP
OS
APP
OS
Virtual Infrastructure
Physical Infrastructure
Cloud Provider
APP
OS
APP
OS
Virtual Infrastructure
Tenant #1
Virtual infrastructure
management
GRC
Compliance Dashboard:End-to-end compliance
reporting
Security configuration and vulnerability management
for physical and virtual infrastructures
End-to-end security event management
Monitoring and Managing Corporate Policy Compliance
Adaptive Authentication, FraudNetwork
Delivered by MSSP or other cloud providers
Delivering products as cloud services
Securing the virtual datacenter
Federation between internal and external clouds
Security-aware cloud infrastructuresSecuring the private cloud Strong authentication
Access management
Identity protection
Cybercrime monitoring
Securing the public cloud
Securing the Cloud
Thank you!