virutalization and the future of datacenter security

Report

Post on 16-Jan-2015

1.400 Views

Category:

Technology

3 Downloads

Preview:

Click to see full reader

DESCRIPTION

Presentation from VMware delivered at "CMA Executive Forum: Securing California - 2009 Technology Challenges", November 2008, Sacramento, CA

TRANSCRIPT

The Future Of Datacenter Security

Charu Chaubal

Senior Architect, Technical Marketing

November 2008

Operating System

Exchange

Operating System

Virtualization

Operating System

VPN

Operating System

Virtualization

Operating System

File/Print

Operating System

Virtualization

Operating System

CRM

Operating System

Virtualization

Virtual Infrastructure

InterconnectPool

CPUPool

MemoryPool

StoragePool

Hypervisor Virtual Infrastructure

Virtual Infrastructure

InterconnectPool

CPUPool

MemoryPool

StoragePool

CRM

Operating System

CRM

Operating System

VPN

Operating System

VPN

Operating System

File/Print

Operating System

File/Print

Operating System

Exchange

Operating System

Exchange

Operating System

CRM

Operating System

CRM

Operating System

VPN

Operating System

VPN

Operating System

File/Print

Operating System

File/Print

Operating System

Exchange

Operating System

Exchange

Operating System

An OS for the Virtual Datacenter

Impact #1: Apps decoupled from Infrastructure

VMotion

HA

VCB

NIC & HBA Teaming

VMotion

Storage VMotion

Network Redundancy

Application-independent Uptime Mechanisms

PerformancePlanned Downtime Unplanned Downtime

VM Failure Monitoring

Virtual Machines

Server

ESX Server

App

OS

App

OS

App

OS

App

OS

App

OS

Storage

Interconnect

Site Recovery Manager

Impact #2: Desktops Look Like Servers

Thin or Stateless Clients

TraditionalDesktops

VirtualCenter

VDM

Clients Virtual Desktop

Manager VMware

Infrastructure

Centralized Management

• Physical Security attainable

• Can extend server security and management practices to the local PC

• Isolation contains faults and allows full user experience

Impact #3: Servers Act Like Files

Servers Can Be Managed Like Documents

Publish or Retract

Audit Usage

Retain

Dispose

Document Lifecycle Management

Request for VM

ProvisioningDelete VM

Archive VM

Virtual Machine Lifecycle Management

Monitor & Adjust

Resources

Power-On or Suspend VM

Route VM for Approval

Deploy VM from

Template

Create Approve

Request Document

Master VM

Linked Clone

File Replication, De-duplication, Check-in/out

App

OS

App

OS

App

OS

App

OS

View Manager and View Composer Linked Clone

Client Virtualization

Check-In Check-Out

Google Chrome

Google Chrome

Google Chrome

Google Chrome

VirtualCenter

Clients VMware

Infrastructure

Centralized, Efficient File Processing

Offline Ops• Patch• Malware Scan• Configuration• Backup

Impact #4: Insight Through Hypervisor APIs

VMsafe API and Partner Program

Protect the VM by inspection of virtual components (CPU, Memory, Network and Storage)

Run outside the VM

Complete integration and awareness of VMotion, Storage VMotion, HA, etc.

Fundamentally changes protection available for VMs running on VMware Infrastructure vs. physical machines

Provides an unprecedented level of security – “Virtual is more secure than Real”

ESX

VMsafe

ESX with VMsafe

http://vmware.com/go/vmsafe

http://vmware.com/go/vmsafe

Impact #5: Appliances Go Virtual

Overcomes the limitations of physical topology

Deploy anywhere

Increases the granularity of security within the datacenter

Deploy as many appliances as necessary

Auto-Configuration Of App Security

AppApp

AppApp

AppApp

App

Web tier App tier DB tierAvailability = 99.99%

Security = High

Performance = 500 msec

SLA DefinitionsvApp

Web

OS

App

OS

DB

OS

Availability = 99.99%

Security = High

Performance = 500 msec

SLA DefinitionsvApp

Web

OS

App

OS

DB

OS

Dynamic Capacity, Mobility Awareness

App

AppApp

App

AppApp

Web tier

App tier

DB tier

App

“No free lunch” rule applies to virtualization

The Good The Bad

Easy machine creation “VM sprawl”

Mobility Breaks static security

Abstraction layer New layer to be secured

Tremendous flexibility Potential for Misconfiguration

Summary

Virtualization fundamentally transforms security

Need to have a broader perspective about virtualization – utilize everything that’s different

The “Next Generation” of datacenter is coming – and so are the security products

Where to Learn More

Security

Hardening Best Practices

Implementation Guidelines

http://vmware.com/go/security

Compliance

Partner Solutions

Advice and Recommendations

http://vmware.com/go/compliance

http://vmware.com/go/security
http://vmware.com/go/compliance

End of Presentation

Charu Chaubal

charu@vmware.com

mailto:charu@vmware.com

top related

mediadaten - datacenter insider...healthcare computing,...
Documents
using hypervisor and container technology to increase...
Technology
trusted virtual datacenter – radically simplified...
Documents
cisco secure datacenter architecture...jamey heary...
Documents
advancing security with software defined datacenter€¦ ·...
Documents
datacenter security report 06dp-02 - montana legislature ·...
Documents
future defined datacenter - evry€¦ · future defined...
Documents
interconnect your future enabling the best datacenter...
Documents
future datacenter interfaces - finisar · pdf filefuture...
Documents
unique security challenges in the datacenter demand...
Technology
ibm® pureflex™ system: the future of datacenter...
Technology
a peek into the future of the datacenter industry
Documents
soluciones en la nube, decisiones aterrizadas gabriel marcos...
Documents
vmware vsan, hyperconvergence & the datacenter of the future
Technology
novel flat datacenter network architecture based on...
Documents
datacenter security and micro-segmentation
Internet
brazil datacenter market - operating cost and data security...
Business
white paper unique security challenges in the datacenter ......
Documents
datacenter security automation - nanjgel solutions ·...
Documents
delivering the datacenter of the future - home » open ......
Documents