Upload File

hybrid is here. is security - sigs · hybrid is here. is security ? edy almer, vp product, algosec...

  • Home
  • Documents
  • Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends
13
Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential

Upload: vodien

Post on 15-Jul-2018

216 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Hybrid is here. Is Security ?

Edy Almer, VP Product, AlgoSec

Confidential

Page 2: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• Private Software Defined Cloud

• Open Stack

• Public Cloud

Trends in the market

2

Page 3: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Why Yes ?

• Cost

• Agility

• Pay only for what you use

• Cloud availability (Global, Pan-European)

Confidential 3

Page 4: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Why Not ?

• Access Control

• Data Protection

• Infrastructure Protection and Segmentation

Confidential 4

Page 5: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Security Controls for IaaS

• Host based Firewalls

• Commercial cloud-ready Firewalls (Firewalls running on cloud provided instances)

• Cloud/Platform provided controls

Confidential 5

Page 6: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Host-based Firewalls

• Servers come with open-source, basic firewall (E.g. Linux IP Tables, Windows Host Firewall)

• Set a policy on each image

• Difficult to manage

• Limited functionality

• This method works across cloud providers

Confidential 6

Page 7: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Commercial Products

• E.g. Cisco ASA 5500V, Check Point VE, PAN, Fortinet, Juniper, IBM, HP etc.

• Pay by the hour or Bring-Your-Own-Licenses

Confidential 7

Page 8: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• E.g. AWS Security Groups

• Define what is allowed to/from an instance (similar to firewall rules)

• Assign instances to security groups

• “Magical” (abstracted) enforcement(I.e. no box with blinking lights,no software you can point to)

Platform Provided Security Controls

8

Page 9: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• Virtual Private Circuit –VPN access and private fixed IP addresses

• Most common enterprise configuration

• Similar pricing to EC2

Amazon VPC

9

Page 10: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• Simplifying – no groups, no hierarchy

• Complicating – not IP address based – need to collect all instances to make sense of each IP address, complex dynamic hierarchy

Amazon Security Groups

10

Page 11: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• Rely on 3rd party tools – Sophos & Barracuda

• More partners soon

Azure Firewalling

11

Page 12: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

• Support internal users early, and support business

• Only use tools that manage entire deployment E2E

• Ask for support of both Cloud and Legacy devices and topologies

• New applications are easy. Migration is HARD

• Ask for migration tools !

How to deal with different environment ?

12

Page 13: Hybrid is here. Is Security - SIGS · Hybrid is here. Is Security ? Edy Almer, VP Product, AlgoSec Confidential •Private Software Defined Cloud •Open Stack •Public Cloud Trends

Questions ?

[email protected]

Confidential


Hybrid Sterility and Hybrid Breakdown in an ...Hybrid sterility and hybrid breakdown often coincide in indica/japonica crosses, but hybrid breakdown is sometimes found in advanced-generation

HHolden hybrid doubtolden hybrid doubt · BioPower models in Australia, there is still only one commercial outlet here – United’s Rozelle service station in Sydney opened two

Hybrid and Multi Cloud Posters · The Hybrid / Multi Cloud Integration use cases illustrated here, coupled with the various platform deployment options (cloud, on-premises, hybrid,

OYOTA ORTH MERICA E NVIRONMENTAL EPORT T OYOTA · Front and Back Cover: Shown here from front to back is our hybrid fl eet: Toyota Camry Hybrid, Lexus GS 450h, Toyota Highlander

Hybrid Poplar and Hybrid Willow - MSU Extensionmsue.anr.msu.edu/...of_Michigan-Hybrid_Poplar_and_Hybrid_Willow...5 Hybrid poplar and hybrid willow research is ongoing. The most recent

The future is hybrid

A+T - This is hybrid

Ansible and CloudForms Hybrid cloud management … › files › summit › session-assets › 2018 › ...Hybrid cloud management with Ansible and CloudForms Subheading goes here

hybrid halogen: redesign of the incandescent Technology...Hybrid Halogen Commercialization ADLT: ‘Hybrid Halogen inside’ ADLT is supporting brand partners: 1. Advancing Hybrid

Toyota Hybrid Presentation - Start Here · 2016-03-25Toyota Hybrid Presentation - Start Here

Hybrid Connectivity - AWS Whitepaper...refer to AWS re:Invent session here). Because it is a logical object, AWS Transit Gateway provides Because it is a logical object, AWS Transit

Is the Major Genetic Basis of Heterosis in Rice as ... · which the planted acreage of hybrid rice accounted for ... and Vietnam have launched hybrid rice ... here was to use the

HYBRID EDUCATION AND TRAING Hybrid education is a combination of traditional classroom and online instruction. Hybrid instruction, or hybrid courses, refer

Hybrid Hazelnut Consortium · Hybrid Hazelnut Consortium What is the Hybrid Hazelnut Consortium? The Hybrid Hazelnut Consortium is a group of scientists from Rutgers University, Oregon

hybrid is toyota

Exadata Database Machine - mydba.co.za · Exadata Shattering I/O Bottlenecks And here is how continued: 3. Exadata Hybrid Columnar Compression Column based organization and compression

What is hybrid cloud?

Hybrid working here to stay - query.prod.cms.rt.microsoft.com

L’ELETTRIFICAZIONE SECONDO TOYOTA€¦ · Hybrid e Toyota Auris Hybrid Touring Sports. Lancio Lexus IS Hybrid e nuova Lexus GS Hybrid. 2013 Lancio nuova Toyota Yaris Hybrid. Lancio

Don t wait, go hybrid! Hybrid Sourcing Beyond Shared … respect to the maturity of sourcing implementations, companies that combine sourcing approaches – focus here on Hybrid Sourcing

- Oracle · Exadata Hybrid Columnar Compression: The Next-Generation Compression Technology. Program

Existing Xpage On IBM Bluemix / Hybrid Application Getting ... · II. Hybrid XPages Applications on Bluemix A hybrid application here refers to one that combines a front-end Bluemix

He is here, hallelujah! He is here, amen! He is here, holy, holy; I will bless His name again

“Woman, here is your son” “Here is your mother.”storage.cloversites.com/stphilipsyorkstreetanglican/documents/zine... · “Woman, here is your son” ... “Here is your

- Oracle · Exadata Hybrid Columnar Compression (typically 10-15 X compression) 8 Agenda Best Practices Disk Based Backup &

Why is Hybrid Cloud important?

Arcserve®UnifiedDataPro- tectionCloudHybridUser Guidedocumentation.arcserve.com/Arcserve-Cloud-Hybrid/... · LegalNotice ThisDocumentation,whichincludesembeddedhelpsystemsandelectronicallydistributedmaterials,(here

Why hybrid-is-important

armah Kindergarten 2019 Here is the woka, (land) Here is ... · Here is the woka, (land) Here is the yurratha, (sky) Here are my anganya, (friends) Here am ngain (I) We thank the

WHAT IS A HYBRID VEHICLE?

Multilink English Hybrid Abutment Hybrid abutment …...Hybrid abutment Hybrid abutment crown Description Multilink ®Hybrid Abutment is a self-curing luting composite for the permanent

Hybrid Value Creation - GWDGwebdoc.sub.gwdg.de/.../integration_von_produkt...hybrid_value_creation.pdf · successful design of hybrid offerings is suggested: When implementing hybrid

This is Hybrid

- Oracle · Integrating your On-Premise Applications with Cloud Applications. 2 Agenda Hybrid IT Infrastructure –An Emerging

The transition is here - CD2E · The transition is here The transition is here The transition is here Northern France . Publishing Director: Christian TRAISNEL, cd2e Designer: Alice