EFFICIENTLY MIGRATE YOUR APPLICATIONS TO THE CLOUD

Edy Almer

GOALS FOR TODAY

• Will my organization’s applications be migrated to the cloud ? Why or why not ?

• What/ How long will it take to move the security portion ?

• How can I expedite and reduce cost of the process ?

2 | Confidential

WHY MOVE ?

• Organizations want to reap the benefits of cloud adoption – cost, agility, elasticity

• Process started by developers for new applications

• Biggest benefit may be for old applications

• The result is a security officer’s nightmare – a “jungle” of assets across multiple environments, some of which are not even known to the officer

3 | Confidential

CONCERNS – WHY NOT ?

• Some organizations need to re-write older non virtualized applications to facilitate the move

• Some applications are sensitive to latency – hard to move them

• Some applications are regulated in ways that will not allow moving them off premises

4 | Confidential

REGULATION

• AWS already has over 15 zones, with the ability to prove data will not leave the zone, including Australia, UK, EU

• Azure is following quickly

• Australian Banks encouraged to use local cloud services by regulator.

5 | Confidential

LATENCY

• AT&T’s Domain 2.0 , supported by additional Telcos aims to provide very low latency data centers than can be dynamically configured –solving even that use case

• Higher performance instances will also help reduce overall latency

• Advanced tools will allow moving parts of an application into the cloud, while the sensitive parts stay on site.

6 | Confidential

MOVING APPLICATIONS TO THE CLOUD

• Average 20,000-50,000 person organization has

applications

7 | Confidential

500

MOVING APPLICATIONS TO THE CLOUD

• Average 20,000-50,000 person organization has

applications

8 | Confidential

800

MOVING APPLICATIONS TO THE CLOUD

• Average 20,000-50,000 person organization has

applications

9 | Confidential

1000

MOVING APPLICATIONS TO THE CLOUD

• Average 20,000-50,000 person organization has

applications

10 | Confidential

1300

MOVING APPLICATIONS TO THE CLOUD

• Average 20,000-50,000 person organization has

applications

• 85% are virtualized

11 | Confidential

1300

HOW LONG TO MAP ?

• A good consultant can do 5 applications a week

• 5 consultants can map over 90% of applications in under a year

• Good CMDBs are over 95% accurate – can validate 2 applications a day

• 6 months ?

12 | Confidential

HOW MANY FLOWS ?

• A simple application has 10 flows

• A medium application has 25 flows

• A complex application has over 100 flows

13 | Confidential

POLL

How many applications do you have ?

14 | Confidential

DO I HAVE TO MAP APPLICATIONS ?

• IF Security is a nice to have – two other methods are used – but they introduce risks

• Map all active flows, without understanding them, and transfer all of them (can’t do a gradual project)

• Move all applications, then open all traffic blocked by firewall in near real time (big impact on organization)

15 | Confidential

IDENTIFYING THE CHALLENGES - SECURITY

• Visibility – what are the assets my organization has in the cloud?• Which cloud? What kind of assets? Where are they located within the cloud?

• What kind of security controls are in place if at all?

• Security Policy Management and Governance• Security policy definition and enforcement

• Monitor the environment for changes and create alerts

• Auditing and Adherence to Regulatory Compliance• Analyze the environment

• Identify risks and gaps

• Remediate

16 | Confidential

SECURITY CHECK – AM I GOOD TO GO ?

• Application Connectivity• Discover and map connectivity requirements of existing and migrated

workloads

• Hybrid environments – distributed architecture

• Troubleshooting connectivity

• Change Management Process – Do I have the same in the cloud?• Define and enforce

• Orchestration

• Automation

• Cloud is set! But…• Multi-cloud environments

• Hybrid environments

17 | Confidential

TACKLING THE CHALLENGES• Manually

• Slow

• Time Consuming

• Error Prone

• Cloud Service Providers’ Native Tools• Minimal, may not suffice

• Address the cloud service provider’s environment only

• Difficult to gain visibility across the entire estate

• Cloud-Born 3rd Party Tools• Maturity

• Encompass the cloud environment only (sometimes only a single cloud provider)

• Do not address all use cases18 | Confidential

SUMMARY

• Single pane of glass for your traditional, hybrid and multi-cloud estate

• The experience gained through years of experience across traditional environments is leveraged and put into practice

• A single suite that addresses the most common, important concerns and use cases rather than a multitude of small tools

• Automated discovery and security connectivity migration

27 | Confidential

MORE RESOURCES

28

Thank you!

Questions can be emailed to marketing@algosec.Com