Nicklous Combs, EMC Federal

Chief Technology Officer

Technology Trends Today

Megatrends: Move to the Next Generation Data Center

Deployment of ubiquitous IP networks Expansion of networked consumer electronics Explosion of digital content Movement to unified communications Advancement of highly scalable, low cost compute Convergence of networks, compute and storage Recovery of the economy yields technology refresh Desirability of a IT utility model Appetite for new applications

Mostly unstructured 95%

Mostly unmanaged 85%

Becoming more regulated ▲

Responsibility of organizations 85%

Information

1.8 ZbInformation Growth

Information Today

MiniMainframe Networked/Distributed Computing

PC / Micro-

processor Next

Cloud

Mid-’60s -’70s 70s-80s Late 70s-’90s Mid-’90s-Today

IBMBurroughs

UnivacNCR

Control DataHoneywell

NEC…

DECIBMDG

WangPrimeApollo

…

MicrosoftIntel

AppleIBMSunHP

Compaq…

CiscoNetscapeGoogle

MicrosoftOracleEMC

Salesforce.com. . .

Waves of Information Technology

Source: VMware Fortune 100 Customers

Where IT Energy is Spent Today

42%InfrastructureMaintenance

30%Application

Maintenance

23%ApplicationInvestment

5%Infrastructure

Investment

Mission ExecutionDEPENDS ON

IT Agility

>70%

<30%

IT Budgets:

just maintaining the status quo

goes to innovation andcompetitive advantage

What Cloud Computing Needs to Solve: IT Infrastructure is Too Hard to Manage

Perceived barriers to a new approach• Security• Compliance issues: Transparency, citizenship, data location regulations• Interoperability: Vendor lock in, Integration, Application rewrites

CLOUDCOMPUTING

Market Forces

• The Economy

• Administration priority

• Anytime, anywhere IT

• Tectonic shift in technology

Business Forces

• Information Growth

• Defer and avoid costs

• Fix the IT bottleneck

• Map supply and demand more effectively

• De-capitalize IT

Forces driving change

ThePrivate Cloud

Today’sIT World

THE

Journey

THE

Bridgewherecustomers are

of fully automatedand virtualizeddata centers

Unprecedented levelsof efficiency, control, choice

Increasing complexity,inflexibility, and cost of

traditional IT environments

Build the Bridge to the Private Cloud

It's operated differently

Dynamic pools of virtualized resources

Highly automated low-touch and zero-touch models

1

2

It's built differently

It's consumed differently3 Convenient consumption, sometimes pay-as-you-go

CloudComputing

Data Center

Customers Will Realize Unparalleled Savings

What’s the Promise of Cloud Computing?

Solution Packages Rapid deployment model of

virtualized infrastructure Preintegrated and validated solutions

reduce total cost of ownership (TCO) Service level driven through

predictable performance and operational characteristics

Improved compliance/security and reduced risk

Rich APIs

Security

ResourceManagement

NetworkNetworkComputeCompute

VirtualizationVirtualization StorageStorage

Accelerate Time to Results – Reduce TCO

Converged Infrastructure: A New Way to Deliver IT

Server Provision Cycle

Server Costs

Hardware Deployment Time

Overall Hardware Utilization

Cut from 46 days to 35 minutes

Reduced by 40%

Decreased by 40%

From less than 10% to more than 40%

Impact: Converged Infrastructure Customer Example

Enables business requirements to translate to IT resources» Business owner inputs application, uptime, number of users,

business continuity, backup, and security requirements» Resources are rapidly assigned according to user specification

reducing time to application availability

Define Map DeployTranslate

IT Requirements

# VMs

Disk Capacity (MB)

SynchronousReplication

Fault Tolerant

Security Policy

Etc…

Business Requirements

Application

Operating System

# Users

SLA (Gold, Silver, Bronze)

Etc…

Storage Template

Compute Template

Fabric Template

Application Template

Enable choice and flexibility, retain control

Policy-driven Infrastructure enables Private Cloud

Security Architecture for the Cloud

Media WorkSpace TaskSpace

Integration Services

Media Transformation Services

Case Management Collaboration Content

Security

FTP

Transform Images

ExtractMetadata

Assemble Content

Content Store

SOAP

Populate Virtual Case File with supporting content

Single-INT Application

.KML

Media Delivery Services

Business Process Management

PrivateCloud

MPP Data Warehouse Queries (Big Data)

Multi-INT Fusion in an Agile Operation Center Scenario Overview

Private cloud-enabled infrastructure

Virtualized, proven solutions

Cloud operating system and model

Virtual data center-centric systems management15%

30%

50%

85%95%

Broad adoption of service model

Journey to the Cloud

Architect for the Future

Cloud evolution has launched Adoption will accelerate and last 24-36 months Converged infrastructure is the foundation Innovation will be led by market leaders Cost matters but the need is speed55

4433

11

22

Conclusion

Security challenges in today’s virtualized and cloud environments

Cyber security is major national and economic security issue

Protecting assets and managing access to IT resources has never been more important

Cloud computing is expanding the attack surface and breaking traditional network boundaries.

Do our current security architectures meet the threats?

The Challenge

19

Trusted

Control

Reliable

Secure

Flexible

Dynamic

On-demand

Efficient PrivateCloud

CloudComputing

Virtualized Data Center

Security

Virtualization

Federation

Internal cloud External cloud

Security: A Core Component of the Cloud

Dark CloudDark Cloud

StolenFiles

Repository

Hacker ForumDiscussion

BotnetHerders

MalwareInfection Point

TrojanMothership

StolenCredentialsDatabase

eFraudNetwork

USER 1

USER 2

USER 3USER 4

Corp 5

Corp 6

Corp 7

GSA

First level of defense: Cybercrime intelligence Second level of defense: Strong authentication Third level of defense: Information rights management

Provide Cybercrime Intelligence Based on Feeds from the Dark Cloud

Physical Infrastructure Physical Infrastructure

APP

OS

APP

OSAPP

OS

APP

OS

APP

OS

APP

OS

APP

OS

APP

OS

Enterprise #1 Enterprise #2

Attackers

IdentityInfor-

mationInfor-

mationIdentity

Traditional Computing: The Network Security Perimeter is Aligned with Policy Boundaries

Adoption of Cloud Computing is Expanding the Enterprise Attack Surface

Internal Employees

BusinessAnalytics

EnterpriseApplications

ReplicaBackup

Disk

Backup Tape

SharePointeRoom, etc.

File Server

DiskArrays

ProductionDatabase

Privileged UsersContractors Privileged Users Privileged Users

Partner Entry Points

Channels

Customers

Partner Entry Points

Partners

Channels

Remote Employees

Channels

VPN

Apps/DB StorageFS/CMSNetworkEndpoint

IP Sent to non trusted user

Stolen IPApp, DB or Encryption

Key HackFraud Stolen

Credentials

Endpoint theft/loss

Network LeakEmail-IM-HTTP-

FTP-etc.

PrivilegedUser Breach

InappropriateAccess

Privileged Users

Tapes lost or stolen

Data LeakVia USB/Print

Public Infrastructure Access Hack

UnintentionalDistribution

(Semi) Trusted User Misuse

Discarded disk exploited

Physical Infrastructure

APP

OS

APP

OS

Physical Infrastructure

Tenant #1

Physical Infrastructure

Tenant #2Cloud Provider

Attackers

APP

OS

APP

OS

APP

OS

APP

OS

Virtual Infrastructure

APP

OS

APP

OS

Virtual Infrastructure

Identity

Information Information

Identity

Private Clouds demand a Policy-aware “Trusted Zone” for Data, VMs, and Identities

Physical Infrastructure

Tenant #2

APP

OS

APP

OS

Virtual Infrastructure

Physical Infrastructure

Cloud Provider

APP

OS

APP

OS

Virtual Infrastructure

Tenant #1

Isolate information from cloud providers’ employees

Isolate information

among tenants

Isolate infrastructure from Malware, Trojans and

cybercriminals

Segregate and control user

access

Control and isolate VM in

the virtual infrastructure

Federate identities

with public clouds

Identity federation

Virtual network security

Access Mgmt

Cybercrime intelligence

Strong authentication

Data loss prevention

Encryption & key mgmt

Tokenization

Enable end to end view of security events and compliance across infrastructures

Security Info. & Event Mgmt GRC

Anti-malware

Trusted Zones Key Capabilities

Pushing information security enforcement in the virtualization and cloud infrastructure ensures consistency, simplifies security management and enables customers to surpass the levels of security possible in today’s physical infrastructures

Physical infrastructure

APP

OS

APP

OS

APP

OS

APP

OS

vApp and VM layer

Virtual and cloudinfrastructure

Virtual and cloudinfrastructure

Today most security is enforced by the OS and application stack making it ineffective, inconsistent and complex

Virtualization Enables More Effective Security by Pushing Enforcement Down the Stack

Across virtual, physical, internal and external infrastructures

Tenant #2

APP

OS

APP

OS

Virtual Infrastructure

Physical Infrastructure

Cloud Provider

APP

OS

APP

OS

Virtual Infrastructure

Tenant #1

Virtual infrastructure

management

GRC

Compliance Dashboard:End-to-end compliance

reporting

Security configuration and vulnerability management

for physical and virtual infrastructures

End-to-end security event management

Monitoring and Managing Corporate Policy Compliance

Adaptive Authentication, FraudNetwork

Delivered by MSSP or other cloud providers

Delivering products as cloud services

Securing the virtual datacenter

Federation between internal and external clouds

Security-aware cloud infrastructuresSecuring the private cloud Strong authentication

Access management

Identity protection

Cybercrime monitoring

Securing the public cloud

Securing the Cloud

Thank you!