how to migrate to cloud with complete confidence and trust
Post on 23-Jan-2017
437 Views
Preview:
TRANSCRIPT
How to Migrate to Cloud with Complete Confidence and Trust
Henry Stapp, Director of Product Management, Apcera
March, 2016
ADA Conference
What We’re Hearing From Customers
2
๏ Drive Revenue ๏ Decrease Costs ๏ Reduce Risk ๏ Improve the Customer Experience
3
Softw
are
Laye
rIn
frast
ruct
ure
Laye
r
Containers and Microservices
Traditional and Legacy Applications
Cloud Native Applications
Mid
dlew
are
Laye
r
Orchestration Tools
Configuration Tools
Container Management Tools
Auditing Tools
Logging Tools
Application PlatformsPlatforms-as-a-Service
Your Cloud Stack
4
Complexity
Leads to
RISKSiloed
Your Cloud StackSo
ftwar
e La
yer
Infra
stru
ctur
e La
yer
Containers and Microservices
Traditional and Legacy Applications
Cloud Native Applications
Mid
dlew
are
Laye
r
Orchestration Tools
Configuration Tools
Container Management Tools
Auditing Tools
Logging Tools
Application PlatformsPlatforms-as-a-Service
Unique
Dependencies
The Importance of Policy
6
๏ Policy refers to the rules and best practices that set up guard rails for your system. Policy can help: ‣ Governance ‣ Risk ‣ Compliance
๏ Most policies are loosely crafted and live on a sticky note, whiteboard, email or in the heads of your ITOps team.
๏ Declaring consistent, effective policy across your organization generally looks like this…
7
Implementing Policy Across Your Organization Today
Meeting Meeting Meeting Meeting Meeting!
Meeting Meeting Meeting Meeting Meeting
Meeting Meeting Meeting Meeting Meeting
Meeting Meeting Meeting Meeting Meeting
!
!
!
Packaging System enables fine grained policy for versions, workload manifests and what can be used in an un-opinionated system.Service Composition01
Infuse Your System with Policy: Five Key Pillars
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource Management
01
02Container Management System enables isolation and enforced security granular policy for memory/cpu/disk/network quotas.
Infuse Your System with Policy: Five Key Pillars
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource
Scheduling and Placement
01
02
03
Container Management System security granular policy for memory/cpu/disk/network quotas.
Policy Aware Scheduler enables granular control for workloads placement: geographical, affinity-based tagging for service access, compute and infra elasticity.
Infuse Your System with Policy: Five Key Pillars
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource
Schedulingand
Policy Aware Networking enables a truly programmable network at workload abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal.
Connectivity and Communication
01
02
03
04
Container Management System security granular policy for memory/cpu/disk/network quotas.
Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and
Infuse Your System with Policy: Five Key Pillars
Packaging System manifests and what can be used in an un-opinionated system.Service
Resource
Schedulingand
Policy Aware Networking abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal.
Connectivity and Communication
01
02
03
04
Container Management System security granular policy for memory/cpu/disk/network quotas.
Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and
What good are rules if they aren’t followed? Effective policy provides visibility within your system so automated enforcement is possible. Automated enforcement removes humans from the equation and greatly reduces the chance of errors.
Automated Enforcement of Your Policy
05
Infuse Your System with Policy: Five Key Pillars
Trust Model for Cloud-Native Applications
MULTI-WORKLOAD
MULTI-CLOUD
POLICYSECURITYENFORCEMENT
DEPLOYORCHESTRATEGOVERN
• Cloud-resident Policy Engine at the core
• Service level evaluation and enforced for GRC
• Every service resource is closed by default
• Every service resource is assumed compromised
• All components are isolated by default
Permissions need to be explicit and granted in all directions
Secure separation of control, management and data planes
Secure message bus to connect all resources
Cloud Native service behavior exception monitoring, alerting and audit logging
•
•
•
•
Request
Policy Agent
Policy Engine (Cloud-Native GRC)
Policy Centric Monitoring, Evaluation & Enforcement
RequestRequest
Policy Agent Policy Agent Legacy Agents SaaS Agents
DB2
Delivering Secure Cloud-Native Services for Governance, Risk and Compliance
SalesforceService
VMware
Service
AWS
Service
OpenStack
How Apcera Handles Trust
The Apcera VisionDeliver platform technology that unlocks the full power of massive amounts of compute resources and data. All in a trusted and unified way.
Derek Collison Founder and CEO at Apcera
๏ CTO, Chief Architect at VMware ๏ Architected CloudFoundry ๏ Technical Director at Google ๏ SVP and Chief Architect at TIBCO
Apcera Value Proposition
Customers
Innovate at speed — with full confidence and trust
Business Benefits: - Risk Mitigation and Full
Compliance - Reduce CapEx and OpEx
- Simplify Operations - Faster Time to Market - Full integration with
“modern” IT tools in use
top related