Upload File

virutalization and the future of datacenter security

  • Home
  • Technology
  • Virutalization and the Future of Datacenter Security
19
The Future Of Datacenter Security Charu Chaubal Senior Architect, Technical Marketing November 2008

Upload: guestb09e16

Post on 16-Jan-2015

1.400 views

Category:

Technology


3 download

Report

DESCRIPTION

Presentation from VMware delivered at "CMA Executive Forum: Securing California - 2009 Technology Challenges", November 2008, Sacramento, CA

TRANSCRIPT

Page 1: Virutalization and the Future of Datacenter Security

The Future Of Datacenter Security

Charu Chaubal

Senior Architect, Technical Marketing

November 2008

Page 2: Virutalization and the Future of Datacenter Security

Operating System

Exchange

Operating System

Virtualization

Operating System

VPN

Operating System

Virtualization

Operating System

File/Print

Operating System

Virtualization

Operating System

CRM

Operating System

Virtualization

Virtual Infrastructure

InterconnectPool

CPUPool

MemoryPool

StoragePool

Hypervisor Virtual Infrastructure

Page 3: Virutalization and the Future of Datacenter Security

Virtual Infrastructure

InterconnectPool

CPUPool

MemoryPool

StoragePool

CRM

Operating System

CRM

Operating System

VPN

Operating System

VPN

Operating System

File/Print

Operating System

File/Print

Operating System

Exchange

Operating System

Exchange

Operating System

CRM

Operating System

CRM

Operating System

VPN

Operating System

VPN

Operating System

File/Print

Operating System

File/Print

Operating System

Exchange

Operating System

Exchange

Operating System

An OS for the Virtual Datacenter

Page 4: Virutalization and the Future of Datacenter Security

Impact #1: Apps decoupled from Infrastructure

VMotion

Page 5: Virutalization and the Future of Datacenter Security

HA

VCB

NIC & HBA Teaming

VMotion

Storage VMotion

Network Redundancy

Application-independent Uptime Mechanisms

PerformancePlanned Downtime Unplanned Downtime

VM Failure Monitoring

Virtual Machines

Server

ESX Server

App

OS

App

OS

App

OS

App

OS

App

OS

Storage

Interconnect

Site Recovery Manager

Page 6: Virutalization and the Future of Datacenter Security

Impact #2: Desktops Look Like Servers

Thin or Stateless Clients

TraditionalDesktops

Page 7: Virutalization and the Future of Datacenter Security

VirtualCenter

VDM

Clients Virtual Desktop

Manager VMware

Infrastructure

Centralized Management

• Physical Security attainable

• Can extend server security and management practices to the local PC

• Isolation contains faults and allows full user experience

Page 8: Virutalization and the Future of Datacenter Security

Impact #3: Servers Act Like Files

Page 9: Virutalization and the Future of Datacenter Security

Servers Can Be Managed Like Documents

Publish or Retract

Audit Usage

Retain

Dispose

Document Lifecycle Management

Request for VM

ProvisioningDelete VM

Archive VM

Virtual Machine Lifecycle Management

Monitor & Adjust

Resources

Power-On or Suspend VM

Route VM for Approval

Deploy VM from

Template

Create Approve

Request Document

Page 10: Virutalization and the Future of Datacenter Security

Master VM

Linked Clone

File Replication, De-duplication, Check-in/out

App

OS

App

OS

App

OS

App

OS

View Manager and View Composer Linked Clone

Client Virtualization

Check-In Check-Out

Google Chrome

Google Chrome

Google Chrome

Google Chrome

Page 11: Virutalization and the Future of Datacenter Security

VirtualCenter

Clients VMware

Infrastructure

Centralized, Efficient File Processing

Offline Ops• Patch• Malware Scan• Configuration• Backup

Page 12: Virutalization and the Future of Datacenter Security

Impact #4: Insight Through Hypervisor APIs

VMsafe API and Partner Program

Protect the VM by inspection of virtual components (CPU, Memory, Network and Storage)

Run outside the VM

Complete integration and awareness of VMotion, Storage VMotion, HA, etc.

Fundamentally changes protection available for VMs running on VMware Infrastructure vs. physical machines

Provides an unprecedented level of security – “Virtual is more secure than Real”

ESX

VMsafe

ESX with VMsafe

http://vmware.com/go/vmsafe

http://vmware.com/go/vmsafe
Page 13: Virutalization and the Future of Datacenter Security

Impact #5: Appliances Go Virtual

Overcomes the limitations of physical topology

Deploy anywhere

Increases the granularity of security within the datacenter

Deploy as many appliances as necessary

Page 14: Virutalization and the Future of Datacenter Security

Auto-Configuration Of App Security

AppApp

AppApp

AppApp

App

Web tier App tier DB tierAvailability = 99.99%

Security = High

Performance = 500 msec

SLA DefinitionsvApp

Web

OS

App

OS

DB

OS

Page 15: Virutalization and the Future of Datacenter Security

Availability = 99.99%

Security = High

Performance = 500 msec

SLA DefinitionsvApp

Web

OS

App

OS

DB

OS

Dynamic Capacity, Mobility Awareness

App

AppApp

App

AppApp

Web tier

App tier

DB tier

App

Page 16: Virutalization and the Future of Datacenter Security

“No free lunch” rule applies to virtualization

The Good The Bad

Easy machine creation “VM sprawl”

Mobility Breaks static security

Abstraction layer New layer to be secured

Tremendous flexibility Potential for Misconfiguration

Page 17: Virutalization and the Future of Datacenter Security

Summary

Virtualization fundamentally transforms security

Need to have a broader perspective about virtualization – utilize everything that’s different

The “Next Generation” of datacenter is coming – and so are the security products

Page 18: Virutalization and the Future of Datacenter Security

Where to Learn More

Security

Hardening Best Practices

Implementation Guidelines

http://vmware.com/go/security

Compliance

Partner Solutions

Advice and Recommendations

http://vmware.com/go/compliance

http://vmware.com/go/security
http://vmware.com/go/compliance
Page 19: Virutalization and the Future of Datacenter Security

End of Presentation

Charu Chaubal

[email protected]

mailto:[email protected]

Take your datacenter into the future with SMB 3.0

A peek into the future of the datacenter industry

Novel flat datacenter network architecture based on ...purl.tue.nl/696611286628389.pdf · Novel flat datacenter network architecture based ... Optical Interconnects for Future Data

APAC | VMware - 4.5% · 2018-01-16  · security into the datacenter fabric • Granular, unit -level Datacenter security through Micro-segmentation • Faster provisioning, deployment,

Datacenter Security Report 06DP-02 - Montana Legislature · 2006-01-03 · datacenter is to secure the hardware and information systems where data resides. The security of the datacenter

Brazil datacenter market - operating cost and data security policies

Solid State Storage in the Datacenter - Past, Present & Future

The Future of Datacenter Networking

Cisco Secure Datacenter Architecture...Jamey Heary Distinguished Systems Engineer Change the equation with Cisco Security Cisco Secure Datacenter Architecture In the future, computers

Architecting Cloud Infrastructure for the Future - Inteldownload.intel.com/newsroom/kits/datacenter/pdfs/Architecting_the...Architecting Cloud Infrastructure for the Future ... Global

Advancing Security with Software Defined Datacenter€¦ · THE PROBLEM: NETWORK SECURITY . Perimeter-centric network security has proven insufficient . Internet IT Spend. Security

Converging the datacenter for a software-defined future

Future of datacenter STORAGE - SNIA · Future of datacenter STORAGE Carol Wilder, [email protected] Niels Reimers, ... • Allows for use of common NVMe Host software with

From Datacenter to Device: Security in the Enterprise 2012 and Beyond

Trusted Virtual Datacenter – Radically simplified …spar.isi.jhu.edu/semabstracts/sailer_slides.pdf“TVDc – Managing Security in the Trusted Virtual Datacenter” in ACM SIGOPS

The Future of Datacenter Management: A View of an "Apps to Disk"

Datacenter Security and Micro-Segmentation

Using hypervisor and container technology to increase datacenter security posture

Protecting key applications in the Datacenter · Protecting key applications in the Datacenter . 2 Copyright © 2012 Juniper Networks, Inc. SECURITY OUTLOOK Source : Canalys, March

Unique Security Challenges in the Datacenter Demand Innovative Solutions

Future Datacenter Interfaces - Finisar · PDF fileFuture Datacenter Interfaces Based on Existing and Emerging Technologies Summer Topicals IEEE Photonics Society Waikoloa, Hawaii 8-10

Soluciones en la nube, decisiones aterrizadas Gabriel Marcos Datacenter & Security Marketing Specialist

Captaining dataCenter seCurity: putting you at the helm · 8 Captaining datacenter security: putting ou t he m seCuring data storage – Virtualized or not When considering datacenter

CTERA Portal Datacenter Edition Portal Datacenter Edition Installing a Security Certificate on the CTERA Portal 9 In contrast, ... For example, certificate-name.crt. 6

Sing Tel - Designing security into datacenter - Gerald Tang

Photonics and Future DATACENTER NETWORKS

MSSP dal CPE al Datacenter - d3alc7xa4w7z55.cloudfront.net · Data Center Based & Telecom Italia experience: SOC Mercato . 3 MSSP from CPE to the Datacenter ... Security Assessment

Future Ready Networking Solutions for the Datacenter Ready Networking Solutions for the Datacenter Dell EMC Forum, Frankfurt Alexander ... typically done via network automation and/or

Cloud Computing and the Datacenter of the Future

WHITE PAPER Unique Security Challenges in the Datacenter ... › ... › additional-resources › idc-dc-security-wp.… · prevent future attacks. When combined with the effective

VMware VSAN, Hyperconvergence & the Datacenter of the Future

Next-Generation Datacenter Security Implementation Guidelines · Palo Alto Networks: Next-Generation Datacenter Security Implementation Guidelines PA-7050 boundary firewalls to protect

Interconnect Your Future Enabling the Best Datacenter ...€¦ · Interconnect Your Future Enabling the Best Datacenter Return on Investment ... FDR InfiniBand is the most used technology

KASPERSKY SECURITY 10.1.2 ДЛЯ WINDOWS SERVER · 2019. 12. 30. · Microsoft Windows Server 2012 Datacenter x64 at WIN2012C-5000 ..... 20 Microsoft Windows Server 2012 R2 Datacenter

AVG Internet Security Business Edition 2013aa-download.avg.com/filedir/doc/AVG_Internet_Security_Business/avg... · AVG. AVG DataCenter