High Availability & Security: Hardware and Software Engineered to Work Together

(1)

Impossibile visualizzare l'immagine. La memoria del computer potrebbe essere insufficiente per aprire l'immagine oppure l'immagine potrebbe essere danneggiata. Riavviare il computer e aprire di nuovo il file. Se viene visualizzata di nuovo la x rossa, potrebbe essere necessario eliminare l'immagine e inserirla di nuovo.

High Availability & Security:

Hardware and Software

Engineered to Work Together

Nicola Rauti & Sergio Fiora

Oracle Italia

Impossibile visualizzare l'immagine. La memoria del computer potrebbe essere insufficiente per aprire l'immagine oppure l'immagine potrebbe essere danneggiata. Riavviare il computer e aprire di nuovo il file. Se viene visualizzata di nuovo la x rossa, potrebbe essere necessario eliminare l'immagine e inserirla di nuovo.

(2)

I domini della sicurezza IT

Disponibilità

Riservatezza

Integrità

(3)

Gli ambiti della sicurezza IT

Business

Continuity e

Disaster

Recovery

Gestione

degli Accessi

Protezione

del Dato

(4)

How Much Does Downtime Cost Your Business?

What are the main causes of unplanned system downtime?

Source: Acronis, “The Acronis Global Disaster Recovery Index: 2012”

Studies show disasters cause an average

of 2.2 days of downtime costing $366,363

(5)

Records Date Organizations

5,682 2013-05-29 UF Health Pediatrics ? 2013-05-29 Just Kids

500 2013-05-28 Thunder Bay Regional Health Sciences Centre ? 2013-05-25 Callaway Gardens

1,407 2013-05-24 Jackson Health System 1,350 2013-05-24 Sonoma Valley Hospital

? 2013-05-23 Eurasian Natural Resources Corporation ? 2013-05-22 Vendini, Inc.

852 2013-05-21 SilverScript Insurance Company 27,800 2013-05-20 Sovereign Medical Group, LLC

Source: Rapporto Clusit 2013; Hackmageddon.com; DatalossDB.com

Attacks Are increasing Every Year

Known attacks between

May 1th to May 15°, 2013

Latest Incidents

Incidents by Business Type

15%

16%

52%

18%

Education

Med

Business

Government

(6)

The Data Deluge

** Oracle’s “From Overload to Impact: An Industry Scorecard on Big Data Business Challenges” report surveyed 333 North American C-level

preparedness to manage the data deluge and their ability to extract intelligence

Most companies are unprepared:

• 60% of executives rate their companies

unprepared to leverage the data and cite

significant gaps in people, process, and tools

• 97% say they need to make changes to

improve

• Big data is key to revenue growth:

• 93% of the executives believe they are

losing revenue at an average rate of 14%

annually

(7)

The Data Deluge in Public Sector

preparedness to manage the data deluge and their ability to extract intelligence

Healthcare

Connected Healthcare

Integrating all sources of the medical record

is not only critical to delivering care, but also

to creating the analytics to drive disease

management and prevention.

Public Sector

Revenue Integrity

Correlating data from multiple, unrelated

sources is the key to identifying potential

fraudulent activities that cost government

agencies billions each year.

•

U.S. Healthcare data is

growing by15

Petabytes a day –

currently

•

Up to 80% of

healthcare data is

currently unstructured

•

Typical person’s HER:

~1MB – healthy young,

no images

40MB – middle-aged

with health issues, no

images

3-5GB – with several

health issues + image

(8)

The Data Deluge in Public Sector

preparedness to manage the data deluge and their ability to extract intelligence

Healthcare

Connected Healthcare

Integrating all sources of the medical record

is not only critical to delivering care, but also

to creating the analytics to drive disease

management and prevention.

Public Sector

Revenue Integrity

Correlating data from multiple, unrelated

sources is the key to identifying potential

fraudulent activities that cost government

agencies billions each year.

PUBLIC S.

HEALTH

Estimated

to Grow

50X

(9)

Managing Your Services Increasingly Complex

(10)

•

Soluzioni orientate a risolvere necessità specifiche

dei diffrenti settori dell’organizzazione pubblica

•

Difficoltà di integrazione dei dati e delle

infrastrutture IT

•

Alto costo di manutenzione e compatibilità dei

“Pillar” all’interno di ogni silos applicativo: HW,

Storiage, SO, MDW, DB, Applicatiion

•

Il personale IT sottodimensionato rispetto

alla complessità delle architetture

Architetture

caratterizzate da “Silos

Applicativi

”

Lo stato dell’arte nel PS

I temi “caldi” dell’ICT nel Settore Pubblico

TAX

Σ

%

+

-< >

= |

*

/

+

-< >

= |

Σ

%

*

/

< >

= |

*

/

+

-< >

= |

(11)

Traditional Database Deployments

Server and Software Sprawl

§

In the past, new database services were deployed

using dedicated servers and databases

–

Was the only practical way to ensure good QoS

§

The number of dedicated database systems constantly

grew, creating server and software sprawl

–

High costs for labor, hardware, and software

–

Hundreds of servers, databases, and OS’s to maintain,

backup, patch, upgrade, monitor, optimize

(12)

You need a Strategy

Photo by David King available under CC BY 2.0

(13)

(14)

Forrester Research

Network

Security

SIEM

Endpoint

Security

Web

Application

Firewall

Email Security

Authentication

& User Security

Database

Security

Why are Databases so Vulnerable?

80% of IT Security Programs Don’t Address Database Security

“Enterprises are taking on risks that

they may not even be aware of.

Especially as more and more

attacks against databases exploit

legitimate access.”

(15)

Database Security – Big Picture

Procurement

HR

Rebates

Audit

consolidation

Procurement

HR

Rebates

Auditing

Authorization

Authentication

Applications

Network

SQL

Monitoring

and

Blocking

Encrypted

Backups

Encrypted

Database

Encrypted

Traffic

Data

Masking

Multi-factor Authorization

DB Consolidation Security

(16)

Oracle Maximum Availability Architecture

Zero Downtime,

High Availability

•

Instance

failure

•

Server failure

•

RAC rolling

maintenance

•

Performance

scale-out

•

Consolidation

•

Continuous

point-in-time

recovery

•

Granular

repair of

logical

corruptions

•

Transaction

•

Table

•

Database

•

Database failure

•

System failure

•

Site failure

•

Zero data loss

•

Automatic

database failover

•

Lost-write

protection

•

Database rolling

upgrade

•

Offload read-only

workload and

backups

•

Some migrations

Oracle RAC

Flashback

Active

Data Guard

Oracle GoldenGate

•

Zero downtime

upgrades and

migrations

•

Online platform and

application upgrades

•

Bi-directional and

multi-master

replication

•

Distribute read-only &

read-write workload

•

An alternative to

physical replication

for site protection

•

Flexible planned

maintenance and

heterogeneous

migrations

•

Storage

failure

•

Data

recovery

•

Backups

ASM,

RMAN,

OSB

(17)

(18)

...or keeping it Simple and Manageable

Photo by Windell Oskay available under CC BY 2.5

(19)

Flexible Adoption – Roadmap to Cloud

Private Cloud

•

Self-service

•

Auto-scaling

•

Metering &

chargeback

•

Capacity planning

Public Cloud

•

Specialized

•

Shared

•

Standardized

Hybrid Cloud

•

Federation across

public & private

clouds

•

Interoperability

•

Cloudbursting

Traditional Silos

Consolidated

•

Physical

•

Dedicated

•

Static

•

Heterogeneous

•

Virtual

•

Shared platform

& shared

infrastructure

•

Dynamic

•

Standardized

platform &

infrastructure

(20)

New

Oracle DB 12

c

Multitenant Architecture

A Transformational Architecture for Database Cloud

§

Operational cost of one database and OS, benefits of many databases

-

One database patch, upgrade, backup, standby, monitoring

§

Dynamically provision or upgrade a database in minutes

§

Completely transparent to Applications

Pluggable Databases (PDB) Share Resources and Administration

Many Databases each in an OS & VM

Sales

DB

Assets

DB

Billing

DB

VM

O/S

Parts

DB

VM

O/S

VM

O/S

VM

O/S

Single O/S, No VMs Needed

Single Multitenant Database

Billing

PDB

Parts

PDB

Sales

PDB

Assets

PDB

(21)

SPARC SuperCluster

Exadata

Exalogic

Big Data

Purpose Built

General Purpose

Oracle Engineered Systems

Best Platforms for Oracle Software

ü

Software Lead Architecture

ü

Faster time to value

ü

Lower TCO

ü

Extreme performance

ü

Reduced risk

ü

Easier to scale &

manage

ü

One-stop support

•

Exadata

10x-50x Faster DB Performance

•

Exalogic

10x Faster Response for Java

4x Faster Oracle Apps

•

Big Data Appliance

Comprehensive Big Data Platform

•

SPARC SuperCluster

Combines database and mid-tier;

Virtualized platform

•

Exalytics

20x faster analysis; In-Memory;

Relational, Multidimensional, Unstructured

•

Database Appliance

Simple, Affordable, Highly Available

Database Appliance

Exalytics In-Memory

Oracle Virtual

Compute Appliance

(22)

Oracle Exadata Database Machine

The Best Machine for OLTP, Data Warehouse, and Consolidation

Exadata

Smart Scan

Improve query

performance

by

10X

Hybrid Columnar

Compression

Reduce the size of database

storage requirements by

up-to 3-5X

Smart Flash

Cache

Improve query

response times

by

40%

(23)

ORACLE DATABASE APPLIANCE

•

Simple to deploy, manage and maintain

•

Best-in-class availability

•

Best-in-class performance

•

Built-in scalability

•

Capacity-on-demand licensing

•

Solution-in-a-Box

(24)

Option 1: Build Your Own

License 32 Cores for Anticipated Growth

Year 2

Year 3

Option 2: Buy Database Appliance

License as You Grow and Save Significantly

Year 1

Year 2

Year 3

Purchase Capacity Up Front

Purchase Capacity-on-Demand

Capacity On Demand Licensing

Add Capacity

When You Need It

4 Cores

8 Cores

32 Cores

12 Cores

24 Cores

16 Cores

OR

(25)

Support Application Workloads Through

Virtualization

• 

Utilization of the full ODA capacity regardless of database core

usage

• 

Efficient sharing of the platform with one or more applications

• 

Capacity-on-demand licensing for both database and

applications

• 

Isolation between database and application workloads

• 

Grow / shrink database and applications capacity

(26)

Privacy , Security e Business Continuity

[email protected]

(27)

(28)