Dynamic Cloud Services & IT Security that change the way we use, manage and secure IT
Uni Systems Copyright © 2012 1
Antony Cassano - ITS Department Manager
The Roadmap for The Network as the platform in the Data
Centre
Inter-Cloud
Enterprise-Class Clouds
Unified Computing
Unified Fabric
Data Center Networking
Business Process Freedom
Provisioning Freedom
HW Freedom
Location Freedom
Consolidation Virtualization Automation Utility Market
IT needs to become smarter … about new choices
• Some use the word “Cloud” to describe
new consumption and delivery models.
• Regardless of terminology, it is clear that
these new models are emerging for the
enterprise – even if they were first inspired
by consumer Internet services.
• Self-service, economies-of-scale, and
flexible sourcing options – new choices of
deployment – define these new models.
Unisys uGovern ™
Unisys uOrchestrate ™
Unisys uAdapt ™
Unisys Infrastructure Management Suite
IT Service Governance
Cloud management
Re-purposing
Unisys Infrastructure Management Suite
Element Virtualization Server
Virtualization Network Virtualization Storage Virtualization
Servers Network Storage
Unisys Infrastructure Management Suite Infrastructure Management offering
Pro
visi
on
ing
Res
ou
rce
Uti
lizat
ion
Uni Systems Datacenter Transformation Offering
Building Construction •Raised Floors •Redundant Cabling •BMS •Environmental Control
Redundant Power •N+1 Uninterruptable Power Systems •N+1 Redundant Generator System •N+2 Cooling
Network Infrastructure •Redundant Connectivity •Redundant Routing/Switching Fabric.
Fire Detection / Suppression •Fire Suppression Type FM200 •2 Types of Fire Detection Sensors
Security •Physical Security •CCTV •Access Control System
Personnel •24 X 7 Availability •Certifications & Expertise •Background Clearance Checks
State of the art DC Facilities
Uni Systems Data Center Facilities
• Redundant Power
• N+1 Uninterruptable Power Systems
• N+1 Redundant Generator System
• Ability to handle high density power
requirements
• N+2 Cooling
• Multi-Layer Security
• 24x7 On-Site Staffing to Assist with Remote
Hands or Installation
• Access to Multiple Carriers
• Environmental Control
• File Detection
• Fire Suppression
• Building Management System
• CCTV
• Access Control
• Physical Security
Uni Systems Copyright © 2012 6
•ISO 9001:2008 •ISO/SEC 27001/2005 •Cabling TIA 568B
Data Center & Cloud services for Customers
Managed Services
• Managed Hosting Services
• Disaster Recovery
• Business Continuity
• Shared Desktops
• 3 levels of support services
Flexible Cloud Offering
Copyright © Unisystems 2012
Uni|Cloud
Data Center Managed Services
(Managed Hosting Services)
• Vhosting & Dhosting (Collocation)
• VRack, Rack, Cage, Suite (on-demand)
• Complex, Fully managed, Windows or *nix hosting solutions for application
service providers.
• 3 levels of on-site support services
• 24 X 7 Technical support
• Advanced Monitoring and alerting services
Uni Systems Copyright © 2012 8
Data Center Managed Services
(Disaster Recovery & Business Continuity)
• Customizable Disaster Recovery (DR) programs & services
• Provide best-of-breed solution for information asset protection
• Information recovery and restoration based on specific RTO/RPO
• Various customizable back-up services
• Tape archiving space
• Data Replications services
• Scenario testing
• Compliance testing
• Dark/White operating room, Shared or Dedicated Desktops
Uni Systems Copyright © 2012 9
Flexible Cloud Offerings
IaaS
• Test & Development environment as a
Service (UNI | WORKPLACE)
• Monitoring as a Service (UNI | ROOT)
• Backup & Business Continuity as a
Service (UNI | VAULT)
• Desktop as a Service (UNI | DESKTOP)
• Cloud on demand apps (UNI | APPS)
• Cloud on boarding (UNI | ON-BOARD)
• Unisystems next generation Hybrid
Enterprise Cloud Storage (TBD)
AssS
• Payroll as a Service
• e-Invoicing
• CRM as a Service
• HCM as a Service
PaaS • RDBMS as a Service
• Middleware as a Service
Uni Systems Copyright © 2012 10
• Secure, multi-tenant cloud orchestration platform
• Turnkey platform for delivering IaaS clouds
• Hypervisor agnostic
• Massively scalable, secure and open
• Complete Self-service portal
• Open source, open standards
• Deploys on premise or as a hosted solution
Uni|Cloud powered by Citrix CloudStack
Delivers Market Leading Functionality
Citrix CloudStack Architecture
Opera
tional In
tegra
tion
(OSS/B
SS,
Monit
ori
ng,
Identi
ty M
anagem
ent
, Etc
)
Availability and Security
Servers Network Storage
Virtualization Layer
Service Management (Billing, Metering, Accounts, etc.)
Resource Management
Servers Storage Network
Dynamic Workload Management
Backup
LB HA Monitor
User Interface Developer API
Amazon Open Stack
Image Libraries
Application Catalog
Custom Templates
Operating System ISOs
Inte
grat
ion
AP
I
Administer End User Console
Citrix technologies power large production clouds
13
Telco and Service
Providers
Enlightened
Enterprise
Web 2.0 and
Media
Dashboard & Management
Network Infrastructure & Remote Access
Provisioning Virtual Provisioning
Window Based DaaS & SaaS V
irtu
aliz
atio
n F
arm
1
Dat
a St
ore
Ap
pC
ente
r
Vir
tual
izat
ion
Far
m N
Dat
a St
ore
Ap
pC
ente
r
IaaS & PaaS Solutions
Test & Dev aaS
Desktop aaS
On Demand Apps
Cloud Backup
Monitoring aaS
WEB SaaA
CRM aaS
HCM aaS
E-invoicing
Payroll aaS
Back Office Servers
ERP V1
ERP V2
ERP V3
CRM V1
Messaging Platform
RDBMS Farm
White Label SaaA
CITRIX go-to-meeting
CITRIX go-to-training
CITRIX go-to-webinar
Microsoft Office 365
3rd part CSP
Citrix Delivery Services Console
Smart Auditor Console
User Experience Monitoring
Applications Performance Monitoring
Cloud Backup & Storage
Management
Virtualization Manager
Bandwidth Management
Security Management
SLA Management
Provisioning Services
Server Virtulization
Power & Capacity mgnt.
Uni Systems Cloud Portal
Application Provisioning
Storage Provisioning
Physical Provisioning Unattended Installations
Physical Installations and Updates
CITRIX NetScaler
CITRIX Branch Repeater
CITRIX Access Gateway
Uni Systems Cloud Portal
Vyatta Virtual Firewalling
Cloud Backup
Active Directory Parent Forest
DNS VLAN
DHCP
MULTI-TENANT SaaA / DaaS End-Points & Offices
Desktop
Laptop
Tablet / PDA
Cell Phone
Kiosk
HQ / Enterprise
Remote Office
Home Office
Government
Uni Systems Cloud Architecture
Messaging & Collaboration
Web & Data Hosting
Application Delivery
Virtualization Integration
Automation Delegation User Account Management
Simplifying Cloud Services Management
Uni|Cloud Portal Services Manager Single, self-service interface for provisioning apps, desktops and services from the cloud
Uni Systems Copyright © 2012 16
UNI | CLOUD Enterprise Hybrid cloud Services Portfolio
Uni Systems Cloud Architecture Advantages
• Open and Modular
• Several Multi-tenant options
• Several Multi-tier storage options
• High user density per server
• Massive horizontal scale
• Autonomic provisioning
• End-to-end visibility
• Elasticity
• High Definition Experience over Internet
• Device independence (Any, Any, Any)
• Provides a personal, secure, scalable and high
performance solution for Multi-tenant SaaS and DaaS
Uni Systems Copyright © 2012 17
What about Security?
• Cloud computing is a huge topic. It encompasses diverse models and
technologies, even though users and the trade press tend to lump them
under a common name
• For that matter, please note that we're still discovering many of the
security issues which will challenge cloud computing!
• Why? In part, that's because cloud computing is still a work-in-progress.
Because it is rapidly evolving.
• Nonetheless, we simply don't have the option of sitting back and waiting
to understand address cloud computing security issues.
Uni Systems Copyright © 2012 18
Cloud Security
• Cloud computing has become a common practice in business,
government, education, and entertainment leveraging 50 millions
of servers globally installed at thousands of datacenters today.
• Private clouds will become widespread in addition to using a few
public clouds, that are under heavy competition.
• Effective trust management, guaranteed security, user privacy,
data integrity, mobility support, and copyright protection are crucial to
the universal acceptance of cloud as a ubiquitous service.
Uni Systems Copyright © 2012 19
Cloud Computing – Service Provider Priorities
• Ensure confidentiality, integrity, and availability in a multi-tenant
environment.
• Effectively meet the advertised SLA, while optimizing cloud resource
utilization.
• Offer tenants capabilities for self-service, and achieve scaling through
automation and simplification.
Uni Systems Copyright © 2012 20
Trust Management for Protecting Cloud Resources
and Safeguard Datacenter Operations
Uni Systems Copyright © 2012 21
Cloud Service Models & Security Demands
Uni Systems Copyright © 2012 22
Trusted Zones for VM Insulation
23
Physical Infrastructure
Tenant
#2
APP
OS
APP
OS
Virtual Infrastructure
Physical Infrastructure
Cloud Provider
APP
OS
APP
OS
Virtual Infrastructure
Tenant
#1
Insulate
information from
cloud providers’
employees
Insulate
information
from other
tenants
Insulate infrastructure
from Malware, Trojans
and cybercriminals
Segregate and
control user
access
Control and
isolate VM in the
virtual
infrastructure
Federate
identities with
public clouds
Identity
federation
Virtual
network
security
Access
Mgmt
Cybercrime
intelligence
Strong
authentication
Data loss
prevention
Encryption &
key mgmt
Tokenization
Enable end to end view of security events and compliance
across infrastructures
Security Info. &
Event Mgmt GRC
Anti-malware
Enterprise customers want to leverage low-
cost compute in the cloud, while keeping
their data and directory services in a secure,
on-premise location.
UNI | ONBOARD Cloud on boarding
UNI | ONBOARD Cloud on boarding
Uni Systems Copyright © 2012 25
• Define an application workload
• Establish a transparent bridge and access between the cloud and premise
datacenter
• Migrate application workloads to the cloud
• Support virtualization heterogeneity
• Enable seamless access to resources remaining in the enterprise data
center
!
Page!5!
A comprehensive on-boarding solution will address these issues as application workloads are
migrated to public and private clouds, enabling the enterprise to:
1. Define an application workload.
When migrating applications to the cloud, moving one virtual machine to the cloud may not suffice
and sometimes more than one virtual machine will need to migrate to the cloud thus defining the
whole application. As an example, an application could consist of a virtual machine containing the
core application stack and a virtual machine containing a web stack the application may leverage.
An application workload can be defined as of one or more virtual machines needed to define a
whole application stack and are migrated to the cloud as one entity.
2. Establish a transparent bridge and access between the cloud and premise datacenter.
Migrating application workloads to the cloud is only a minor part of the equation when considering
cloud computing. Considerations like: network transparency, accessibility to key components back
in the datacenter, content management, application firewalling, WAN optimization and secured
communication between the cloud and the premise datacenter. By creating a “bridge” between the
premise datacenter and the cloud, the network will become transparent and applications will
function with no re-
architecting needed.
Streamlining the
connection to things
like LDAP, data and
storage with WAN
and delivery
optimization in the
mix will enable
seamless migration of
application workloads
to the cloud.
!
Page!6!
3. Migrate application workloads to the cloud.
Migrating an application workload to a target cloud can present challenges. Virtual to virtual will be
the likely use-case, but physical to virtual may also arise in other use-cases. Citrixâ XenConvertâ
will seamlessly on-
board application
workloads to any of
the key Citrix Cloud
Partners. Supporting
the Open Virtual
Machine Format
(OVF) will allow
virtual machines to be
packaged into
applications
workloads.
4. Support virtualization heterogeneity.
The on-boarding of application workloads from a premise datacenter that may be running on a
different virtualization platform than the key Citrix Cloud Partners is possible with the Citrix Cloud
On-boarding Solution. Examples include virtual to virtual application workload migrations
conversions from .xva, .vmdk, .vhd, and .ovf to a private or public cloud.
5. Enable seamless access to resources remaining in the enterprise data center.
With a secured bridge in place and access back the premise datacenter, application workloads will
seamlessly migrate to the cloud with minimal changes needed to the application stack, the network
stack and the
operating system
stack. Key features
such as a management
portal for
provisioning, billing
and metering
information,
monitoring
capabilities and basic
lifecycle management
will allow for tight
integration of the
premise datacenter
and cloud.
What about Integration?
• In order to make the most of your existing IT provision, the cloud
computing should be able to integrate easily with your current
infrastructure
• Key to Uni Systems's enterprise cloud offerings is being able to
easily integrate with customers' existing networks, so that our
services become a seamless extension of those already provided by
in-house IT departments
• Cloud computing infrastructure should allow enterprises to achieve
more efficient use of their existing IT hardware and software
investments.
Uni Systems Copyright © 2012 26
References
Uni Systems Copyright © 2012 27
Customer Type of Services
Major Financial Institution
Disaster Site Hosting, Operations room
Major Financial Institution
Disaster site Hosting, Operations room
Major Telecom Operator Disaster site for specific business applications
Energy SAP aaS
Media Web aaS
Governmental Institution
Mail aaS
Manufacturing Hosting, Remote Desktop
More than 6 Financial Institutes
PAYroll as a Service
Thank You!
Uni Systems Copyright © 2012 28
www.unisystems.com