VMware vCloud Air: Security Infrastructure and Process Overview
13
© 2014 VMware Inc. All rights reserved. VMware vCloud Air: Security Infrastructure and Process Overview Formerly known as vCloud Hybrid Service
Transcript of VMware vCloud Air: Security Infrastructure and Process Overview
© 2014 VMware Inc. All rights reserved.
VMware vCloud Air: Security Infrastructure and Process Overview Formerly known as vCloud Hybrid Service
Cloud Provider vs. Customer Responsibilities
Service Provider
Customer
Responsibility of Security
2
Threat Model for Cloud Services
3
Our Mantra - Bring Your Own Security
Options for our customers
Bring your existing security along with your workloads Work with our security
Extend your security with the same solutions that work for you today INTEGRATE Common security controls that span private and public clouds, linking them seamlessly.
OR
4
Seamless Networking: VMware vCloud® Air™ Is Just Another Remote Site
vCloud Air
Same Networking & Management Constructs
Same Security Policies
Your Data Center
BYO security policies and IPV4 layer 3 address spaces
Highly available edge gateways
Configure networking at granular levels
Flexibility Freedom Resiliency
Software-Defined Data Center
5
vCloud Air Is Just Another Site – Security
The Same Security Policies
Integrated L4-7 services for
Firewall/NAT, IPSec VPN, Load Balancers, VXLAN
gateways
Your Data Center vCloud Air
Data Center Extensions that Integrate Seamlessly
Primary
Regional Office
Regional Office
US Data Centers
EMEA Data Centers
6
vCloud Air Shared Responsibility– Security
7
vCloud Air Security Operations – Cycle of Security
Intrusion Detection
Geo/Political, Disasters
(Natural and Man Made)
Insider Threats
Public Reports/Exploits Internal Reports
Incident Response
OSINT (Intelligence)
8
Confidential 8
Complete Cloud Security
• vCloud Network and Security • IPSec VPN tunnel • Firewall, switching, routing • DHCP, NAT
• MyVMware integration • Secure SSO • Multiple levels of authentication
• Role Based Access Control
• Shared responsibility • App traffic encrypted in VPN
tunnels
• Completed Certifications: • SSAE16 SOC1/2 Type 2 • ISO27001:2005 • HIPAA
Infrastructure Application
Network User
9
vCloud Air Certifications and Examinations
10
Compliance Examinations and Security Certifications
ISO 27001:2005 SOC 1 Type 2 (SSAE 16) SOC 2 Type 2
HIPAA/HITECH
AT101 Reports available with a Signed NDA
11
For the latest certifications, go to: http://vcloud.vmware.com/service-offering/security-compliance
Go To VMware Cloud Academy
• See a video of this presentation and others to learn more about vCloud Air
• Condensed VMworld jump start presentations delivered by technical subject-matter experts
• Free and ungated to learn at your own pace
• All videos under 15 mins!
• Test your knowledge by taking a quiz
• Download vCloud Air eBook and other assets and tools
12
http://vcloud.vmware.com/cloud-academy
Thank You
