Technology Trends Today

colorfuleggnogDéveloppement de logiciels

17 févr. 2014 (il y a 3 années et 1 mois)

58 vue(s)

Nicklous Combs, EMC Federal

Chief Technology Officer

Technology Trends Today

Megatrends:


Move to the Next Generation Data Center


Deployment of ubiquitous IP networks


Expansion of networked consumer electronics


Explosion of digital content


Movement to unified communications


Advancement of highly scalable, low cost compute


Convergence of networks, compute and storage


Recovery of the economy yields technology refresh


Desirability of a IT utility model


Appetite for new applications

Mostly unstructured

95%

Mostly unmanaged

85%

Becoming more regulated




Responsibility of organizations

85%

Information

1.8
Zb

Information Growth

Information Today

Mini

Mainframe

Networked/

Distributed

Computing

PC /

Micro
-

processor

Next


Cloud

Mid
-
’60s
-
’70s

70s
-
80s

Late 70s
-
’90s

Mid
-
’90s
-
Today

IBM

Burroughs

Univac

NCR

Control Data

Honeywell

NEC



DEC

IBM

DG

Wang

Prime

Apollo



Microsoft

Intel

Apple

IBM

Sun

HP

Compaq



Cisco

Netscape

Google

Microsoft

Oracle

EMC

Salesforce.com

. . .

Waves of Information Technology

Source: VMware Fortune 100 Customers

Where IT Energy is Spent Today

42%

Infrastructure

Maintenance

30%

Application

Maintenance

23%

Application

Investment

5%

Infrastructure

Investment

Mission Execution

DEPENDS ON

IT Agility

>70%

<30%

IT Budgets:

just maintaining the status quo

goes to innovation and

competitive advantage

What Cloud Computing Needs to Solve:


IT Infrastructure is Too Hard to Manage

Perceived barriers to a new approach


Security


Compliance issues: Transparency, citizenship, data location regulations


Interoperability: Vendor lock in, Integration, Application rewrites

CLOUD

COMPUTING

Market Forces


The Economy


Administration priority


Anytime, anywhere IT


Tectonic shift in
technology

Business Forces


Information Growth


Defer and avoid costs


Fix the IT bottleneck


Map supply and
demand more
effectively


De
-
capitalize IT


Forces driving change

The

Private Cloud


Today’s

IT World

THE

Journey

THE

Bridge

where

customers are

of fully automated

and virtualized

data centers

Unprecedented levels

of efficiency, control, choice

Increasing complexity,

inflexibility, and cost of

traditional IT environments

Build the Bridge to the Private Cloud

It's operated differently

Dynamic pools of virtualized
resources

Highly automated low
-
touch
and zero
-
touch models

1

2

It's built differently

It's consumed differently

3

Convenient consumption,
sometimes pay
-
as
-
you
-
go

Cloud

Computing

Data

Center

Customers Will Realize Unparalleled Savings

What’s the Promise of Cloud Computing?

Solution Packages


Rapid deployment model of
virtualized infrastructure


Preintegrated and validated solutions
reduce total cost of ownership (TCO)


Service level driven through
predictable performance and
operational characteristics


Improved compliance/security and
reduced risk

Rich APIs

Security

Resource

Management

Network

Compute

Virtualization

Storage

Accelerate Time to Results


Reduce TCO

Converged Infrastructure: A New Way to Deliver IT

Server Provision Cycle

Server Costs

Hardware Deployment Time

Overall Hardware Utilization

Cut from 46 days to 35 minutes

Reduced by 40%

Decreased by 40%

From less than 10% to more than 40%

Impact: Converged Infrastructure Customer Example


Enables business requirements to translate to IT resources

»
Business owner inputs application, uptime, number of users,
business continuity, backup, and security requirements

»
Resources are rapidly assigned according to user specification
reducing time to application availability

Define

Map

Deploy

Translate

IT Requirements


# VMs

Disk Capacity (MB)

Synchronous

Replication

Fault Tolerant

Security Policy

Etc…


Business Requirements


Application

Operating System

# Users

SLA

(Gold, Silver, Bronze)

Etc…


Storage Template

Compute Template

Fabric Template

Application Template

Enable choice and flexibility, retain control

Policy
-
driven Infrastructure enables Private Cloud

Security Architecture for the Cloud

Media
WorkSpace

TaskSpace

Integration
Services

Media
Transformation
Services

Case

Management

Collaboration

Content

Security

FTP

Transform

Images

Extract

Metadata

Assemble


Content

Content
Store

SOAP

Populate Virtual Case
File with supporting
content

Single
-
INT Application

.KML

Media Delivery
Services

Business Process
Management

Private

Cloud

MPP Data Warehouse
Queries (Big Data)

Multi
-
INT Fusion in an Agile Operation Center Scenario Overview




Private cloud
-
enabled infrastructure









Virtualized, proven solutions





Cloud operating system and model





Virtual data center
-
centric systems management

15%

30%

50%

85%

95%









Broad adoption of service model

Journey to the Cloud

Architect for the Future


Cloud evolution has launched


Adoption will accelerate and last 24
-
36 months


Converged infrastructure is the foundation


Innovation will be led by market leaders


Cost matters but the need is speed





5

4

3

1

2

Conclusion

Security challenges in
today’s virtualized and
cloud environments



Cyber security is major national and economic security
issue


Protecting assets and managing access to IT resources has
never been more important


Cloud computing is expanding the attack surface and
breaking traditional network boundaries.


Do our current security architectures meet the threats?

The Challenge

19

Trusted

Control

Reliable

Secure

Flexible

Dynamic

On
-
demand

Efficient

Private

Cloud

Cloud

Computing

Virtualized

Data Center

Security

Virtualization

Information

Federation

Internal cloud

External cloud

Security: A Core Component of the Cloud

Dark Cloud

Dark Cloud

Stolen

Files

Repository

Hacker Forum

Discussion

Botnet

Herders

Malware

Infection Point

Trojan

Mothership

Stolen

Credentials

Database

eFraudNetwork

USER 1

USER 2

USER 3

USER 4

Corp 5

Corp 6

Corp 7

GSA


First level of defense: Cybercrime intelligence


Second level of defense: Strong authentication


Third level of defense: Information rights management

Provide Cybercrime Intelligence Based on Feeds

from the

Dark

Cloud

Physical Infrastructure

Physical Infrastructure

APP

OS

APP

OS

APP

OS

APP

OS

APP

OS

APP

OS

APP

OS

APP

OS

Enterprise #1

Enterprise #2

Attackers

Identity

Infor
-

mation

Infor
-

mation

Identity

Traditional Computing: The Network Security
Perimeter is Aligned with Policy Boundaries

Adoption of Cloud Computing is Expanding the
Enterprise Attack Surface

Internal Employees

Business

Analytics

Enterprise

Applications

Replica

Backup

Disk

Backup

Tape

SharePoint

eRoom, etc.

File Server

Disk

Arrays

Production

Database

Privileged Users

Contractors

Privileged Users

Privileged Users

Partner Entry Points

Channels

Customers

Partner Entry Points

Partners

Channels

Remote Employees

Channels

VPN

Apps/DB

Storage

FS/CMS

Network

Endpoint

IP Sent to

non trusted user

Stolen IP

App, DB or Encryption
Key Hack

Fraud

Stolen
Credentials

Endpoint
theft/loss

Network Leak

Email
-
IM
-
HTTP
-
FTP
-
etc.

Privileged

User Breach

Inappropriate

Access

Privileged Users

Tapes lost or
stolen

Data Leak

Via USB/Print

Public Infrastructure
Access Hack

Unintentional

Distribution

(Semi) Trusted
User Misuse

Discarded disk
exploited

Physical Infrastructure

APP

OS

APP

OS

Physical Infrastructure

Tenant #1

Physical Infrastructure

Tenant #2

Cloud Provider
Attackers

APP

OS

APP

OS

APP

OS

APP

OS

Virtual
Infrastructure

APP

OS

APP

OS

Virtual
Infrastructure

Identity

Information

Information

Identity

Private Clouds demand a Policy
-
aware

“Trusted Zone” for Data, VMs, and Identities

Physical Infrastructure

Tenant
#2

APP

OS

APP

OS

Virtual Infrastructure

Physical Infrastructure

Cloud Provider

APP

OS

APP

OS

Virtual Infrastructure

Tenant
#1

Isolate
information
from cloud
providers’
employees

Isolate
information
among
tenants

Isolate
infrastructure
from Malware,
Trojans and
cybercriminals

Segregate and
control user
access

Control and
isolate VM in
the virtual
infrastructure

Federate
identities
with public
clouds

Identity
federation

Virtual
network
security

Access
Mgmt

Cybercrime
intelligence

Strong
authentication

Data loss
prevention

Encryption &
key mgmt

Tokenization

Enable end to end view of security events
and compliance across infrastructures

Security Info. &
Event Mgmt

GRC

Anti
-
malware

Trusted Zones Key Capabilities

Pushing information security
enforcement in the virtualization
and cloud infrastructure ensures
consistency, simplifies security
management and enables
customers to surpass the levels of
security possible in today’s
physical infrastructures

Physical
i
nfrastructure

APP

OS

APP

OS

APP

OS

APP

OS





vApp and VM layer

Virtual and cloud

infrastructure

Today most security is enforced by the
OS and application stack making it
ineffective, inconsistent and complex

Virtualization Enables More Effective Security

by Pushing Enforcement

Down the Stack

Across virtual, physical, internal and

external infrastructures

Tenant
#2

APP

OS

APP

OS

Virtual Infrastructure

Physical Infrastructure

Cloud Provider

APP

OS

APP

OS

Virtual Infrastructure

Tenant
#1







Virtual infrastructure
management

GRC

Compliance
Dashboard:

End
-
to
-
end
compliance
reporting

Security configuration and
vulnerability management
for physical and virtual
infrastructures





End
-
to
-
end
security event
management

Monitoring and Managing Corporate

Policy Compliance

Adaptive Authentication, FraudNetwork

Delivered by MSSP or other cloud providers

Delivering products
as cloud services

Securing the virtual datacenter

Federation between internal and external clouds

Security
-
aware cloud infrastructures

Securing the
private cloud

Strong authentication

Access management

Identity protection

Cybercrime
monitoring

Securing the
public cloud

Securing the Cloud

Thank you!