RSA / EMC: Vision of the Trusted Cloud. Ivan Svoboda RSA, The Security Division of EMC

22 

Loading....

Loading....

Loading....

Loading....

Loading....

Full text

(1)

RSA / EMC: Vision of the Trusted Cloud

Ivan Svoboda

(2)

The Opportunity

Enterprise IT Has Many Challenges

Enterprise IT Simple Low Cost Flexible Dynamic Public Cloud

The Public Cloud Has Broad Appeal

Complex Expensive

Inflexible Siloed

2 © Copyright 2010 EMC Corporation. All rights reserved.

Infrastructure

Dynamic

Over Time, Enterprise IT Will Evolve Towards Public Cloud Ideals

(3)

The Opportunity: The Journey to the

Cloud

The Private Cloud is a Logical First Step

Private Cloud

Enterprise IT Public Cloud

Simple Low Cost Flexible Dynamic Trusted Controlled Reliable Secure 3 © Copyright 2010 EMC Corporation. All rights reserved.

“70% Will Spend More On Private Cloud through 2012”

- Gartner DC Conference 2009 Infrastructure

Dynamic

(4)

The Opportunity: The Journey to the

Cloud

Virtualize Everything, Standardize & Automate

Private Cloud

Enterprise IT Public Cloud

Virtualization Converged Infrastructure Automation Federation GRC Infrastructure as-a-Service

Hybrid Cloud: Utilize Service Provider Infrastructure

4 © Copyright 2010 EMC Corporation. All rights reserved.

Infrastructure

Hybrid Cloud

(5)

Securing the Journey to The Private Cloud 30% 70% 85% 95% IT Production Lower Costs Business Production Improve Quality Of Service

IT-As-A-Service Improve Agility % Virtualized 15% 30% Platinum Platinum Gold Gold • Security Compliance • Information-centric security • Risk-driven policies

• IT and security operations alignment

• Secure multi-tenancy • Verifiable chain of trust • Visibility into virtualization

infrastructure

• privileged user monitoring • access management • network security

(6)

Our Customers Are Asking Themselves

How do I centrally manage compliance across Can I ensure my virtualized business

critical applications are running in a secure and compliant environment?

How do I centrally manage compliance across mixed VMware and physical IT environments?

Can I respond more quickly to security events in my virtual environment?

How do I begin to assess hybrid and public cloud service providers?

(7)

Implications of Challenges

Security and compliance concerns stall the

Missing opportunity for “better than physical” CISOs need to

manage security

and compliance concerns stall the

adoption of virtualization

“better than physical” security

and compliance across virtual and

(8)

RSA / EMC: naše zkušenosti s virtualizací

(9)

RSA / EMC: naše zkušenosti s cloudem

Žijeme cloudem

• Jsme na cestě k privátnímu cloudu (přes 70% virtualizace) • Používáme public cloud aplikace (CRM)

Jsme dodavatelem řešení pro cloud:

• VCE (VMware, Cisco, EMC)

• RSA: řešení bezpečnosti pro VCE (Vblock) • Dodáváme bezpečnost providerům cloudu • Dodáváme bezpečnost providerům cloudu

Poskytujeme řešení „SaaS“

• Adaptivní autentizace

• Transakční monitoring • 3D Secure

Máme vizi bezpečného cloudu

• Jsme členy CSA (Cloud Security Alliance) • Uvedli jsme řešení „Cloud Trust Authority“

(10)

EMC IT’s Journey to the Private Cloud

% Virtualized

IT

IT--asas--aa--ServiceService IT

IT--asas--aa--ServiceService IT Production

IT Production IT Production

IT Production Business ProductionBusiness ProductionBusiness ProductionBusiness Production

Agility Agility Agility Agility Efficiency Efficiency Efficiency

Efficiency Quality of serviceQuality of serviceQuality of serviceQuality of service

75% We are here Development, Development, test and IT

test and IT--ownedowned applications applications

100% 86%

10 © Copyright 2010 EMC Corporation. All rights reserved.

2004-08 2009-10 2011+ 15% 30% 40% Run IT as a Run IT as a business business Mission Mission--criticalcritical applications applications

(11)

VMware

Application

Deliver IT as a Service

Define Service Catalog, Publish to Self-service IT Portal

Policy/SLA-driven Management Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K S e lf -S e rv ic e IT P o rt a l S e lf -S e rv ic e IT P o rt a l 11 © Copyright 2010 EMC Corporation. All rights reserved.

EMC UIM Infrastructure Service Catalogue VMware vCloud Director Application Service Catalogue Platinum Gold Gold Silver Silver Bronze Bronze S e rv ic e IT P o rt a l S e rv ic e IT P o rt a l Service Catalog

(12)

www.EMC.com/emcit

12 © Copyright 2010 EMC Corporation. All rights reserved.

EMC IT Journey to the Private Cloud: A Practitioner's Guide

(13)

Jaká jsou doporučení ostatních?

US Government CIO (Kundra):

25% of Fed IT Spend on Cloud Services NIST:

Guidelines on Security and Privacy in Public Cloud (800-144 Draft)

Cloud Security Alliance:

Cloud Assesment Initiative

„Fraud-as-a-Service“ – running in cloud

Trojans as a Service

(14)

Enterprise IT Public Cloud Simple Low Cost Flexible Dynamic Trusted Controlled Reliable Secure

D

ů

v

ě

ra

Virtualizace

Hlavní změny na cestě ke cloudu

Private Cloud Infrastructure

D

ů

v

ě

ra

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K

(15)

Enterprise IT Public Cloud

D

ů

v

ě

ra

Virtualizace

Hlavní změny na cestě ke cloudu

Private Cloud Infrastructure

D

ů

v

ě

ra

= SLA ?

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K

(16)

Enabling Trust in the Cloud

Enterprises Cloud Service Providers

Security & Compliance Visibility & Reporting

Identities Information Workload

Public Cloud

(17)

Creating the Trusted Cloud

Trust = Visibility + Control

Control:

Availability

Integrity

Confidentiality

Confidentiality Visibility:

Compliance

Governance

Risk Management 17

(18)

Enterprise IT Public Cloud

D

ů

v

ě

ra

Virtualizace

Hlavní změny na cestě ke cloudu

Private Cloud Cloud provider A Cloud provider D Infrastructure

D

ů

v

ě

ra

= SLA ?

Virtualizace

Private Cloud Availabilit y Security Performan ce Cost 99.99% High 0.2ms $500K Cloud provider B Cloud provider C

(19)

RSA Cloud Trust Authority

Identity Services

Compliance profiling …

(20)

RSA SecurBook: Cloud Security and Compliance

A technical guide for deploying and operating RSA Solution for Cloud Security and Compliance

Documents solution architecture

Solution deployment and configuration

guides

Operational guidance for effectively using the solution

Troubleshooting guidance

(21)

Questions/Feedback/Discussion

RSA Contacts:

Ivan Svoboda: Key Account Manager

ivan.svoboda@rsa.com

21

ivan.svoboda@rsa.com

(22)

Thank you!

Figure

Updating...

References

Updating...

Related subjects :