• No results found

Hyper-V Optimizations & Security for Private Clouds. from Nutanix & 5nine Software

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Hyper-V Optimizations & Security for Private Clouds. from Nutanix & 5nine Software"

Copied!
46
0
0

Loading.... (view fulltext now)

Download now ( 46 Page )

Full text

(1)

Hyper-V Optimizations &

Security for Private Clouds

from Nutanix & 5nine Software

(2)

• Nutanix

– Invisible Infrastructure & Web-Scale Design Points

– Building Simple & Secure Cloud Environments

• 5nine Cloud Security

– Azure Pack (WAP) Extension

– System Center VMM Plugin

• Summary & Discussion

(3)

Nutanix Enterprise Cloud Infrastructure

Robert Corradini

(4)

4

About Nutanix

2100+

customers

Over

70

countries

6

continents

Making datacenter infrastructure invisible, elevating IT to focus on

applications and services

Founded in 2009

(5)

Gartner Magic Quadrant

Integrated Systems 2015

Strengths

Nutanix is a complete infrastructure solutions

company, providing its customers flexibility in their choice of hypervisors and cloud usage

Nutanix has gained market credibility and established a worldwide presence

The Acropolis scale-out architecture, along with the ability to scale compute and storage independently, enables users to grow Nutanix deployments

(6)

6 TAC Centers NBD Depots Bangalore San Jose Durham Amsterdam Tokyo Sydney

Global Support Overview

24x7x365

50+

Spare Parts Depots

+90

Net Promoter Score

70+

Countries Languages

6

WW Support Centers

“Follow the Sun” support

(7)

Education Services Consulting Services Customer Advocacy

Comprehensive Curriculum Global Delivery

Value-based Services

Highly Skilled Nutanix Experts Strategy and Deployment Assistance Maximize Value from Investment

Innovative

Learning

9.8/10 CSAT

Score

Trusted

Advisor

Nutanix Global Services Offerings

(8)

8

The Best IT

Infrastructure

Is

(9)

Challenges With Existing Datacenter Architecture

1.

Inherent Complexity

(10)

10

You Must Have Infrastructure That…

Invisib

le

(11)

Enterprise-grade

Engineering

Consumer-grade

Design

(12)

12

Web-Scale: Design Point for Invisible Infrastructure

Design Principles

• Unbranded x86 servers: fail-fast systems • No special purpose appliances

• All intelligence and services in software • Extensive automation and rich analytics • Distributed everything

Benefits

• Linear, predictable scale-out • Always-on systems

• Fast innovation in software • Operational simplicity • Lower TCO

(13)

The Solution: Hyperconverged Infrastructure

Integrated, scale-out compute and storage Virtualization App App Virtualization App App Storage Controller Storage Controller Storage Controller Storage Controller Server Server Storage Controller Storage Controller

(14)

14

Nutanix Web-Scale Architecture

Eliminates SAN and NAS

arrays

Tier 1 Workloads

(running on all nodes)

Nutanix Controller VM

(one per node)

Node 2 VM VM VM CVM X86 Node N VM VM VM CVM X86 Node 1 VM VM VM CVM X86 Local + Remote

(Flash + HDD) Distributed Storage Fabric

intelligent tiering, VM-centric management and more…

 Snapshots  Clones  Compression  Deduplication

ESXi

Acropolis App Mobility Fabric

AHV Hyper -V ESXi AHV Hyper -V ESXi AHV Hyper -V Workload Mobility and Hypervisor Choice

(15)

Any Application at Any Scale

VDI

Data Protection & Disaster Big Data

Private & Hybrid Clouds

Enterprise Applications

(16)

16

Today and Tomorrow’s App Can Live on Nutanix

Staging Production DPDR Dev/Test

Hybrid App Lifecycle

On-Premise On-Premise Cloud &

On-Premise

Cloud & On-Premise

(17)

Nutanix’s Holistic Approach to Security

Robert Corradini

(18)

18

Nutanix’s Native Security Features

Ensure security without compromise

*Q2CY16

Custom Security Technical Implementation Guide (STIG)

Nutanix has developed its own comprehensive STIG written in open XCCDF.xml format to support the Security Content Automation Protocol (SCAP) standard.

(19)

Built-in Security + Partner Ecosystem

Nutanix’s holistic approach to security

End-Point

Security

Anti-Virus, Anti-Malware

Built-in

Host Security

STIG Hardening, SecDL Self-Healing, TPM*

Data

Security

Encryption

Network

Security

Micro-Segmentation,

(20)

20

Built-in Security + Security Partner Ecosystem

Nutanix’s holistic approach to security

*Q2CY16 ✓ Improve your Security and Compliance with a

Unified Solution Designed for Hyper-V

✓ Maximize your Performance with the Fastest and Least Disruptive Security Solution

✓ Increase your VM density by up to 30%

✓ Automate Protection for Virtual Machines, Networks and Storage

✓ Hide Security from your Virtual Machines and Users with Agentless Protection

(21)

5nine Cloud Security

A Unified Security and Compliance

Solution Designed for Hyper-V

(22)

5nine Software

• Founded in 2009

• Headquartered in Chicago, with staff in 24 regions worldwide, including 18 Microsoft MVPs

• 80,000 Hyper-V users globally, representing companies and datacenters of all sizes

• The leading solutions provider of security & management applications for Hyper-V

– 5nine Cloud Security – A unified security and compliance solution designed for Hyper-V – 5nine Manager – Easy, centralized and affordable management and monitoring for Hyper-V

– 5nine V2V Easy Converter – Fast and easy migration of VMware virtual machines to Microsoft Hyper-V

• Visit

www.5nine.com

or email

[email protected]

for more info

(23)

5nine’s Global Presence

Headquarters Chicago Americas Buenos Aires Calgary New Jersey Ottawa Seattle

Europe & MEA

Abu Dhabi Athens Basel Brussels Dublin Milan Moscow Munich Nice Stockholm St. Petersburg Zagreb Zurich Asia Pacific

(24)

5nine Cloud Security

A Unified Security and Compliance Solution Designed for Hyper-V

• Address every Hyper-V vulnerability across every virtual resource

– Virtual firewall

– Agentless antivirus & antimalware

– Network intrusion detection (IDS) & analysis

– Security as a Service (SECaaS) with Azure Pack (WAP) – System Center Virtual Machine Manager (SCVMM) Plugin

• Avoid gaps in protection from legacy endpoint security solutions • Automatically and immediately protect every virtual machine • Industry’s leading security and compliance solution

• For Hyper-V users of all sizes without needing to be a security specialist • Agentless design and fastest scans in the industry

• More information: http://www.5nine.com/CloudSecurity

(25)
(26)
(27)

• No security component is required to run inside the VM

– User never sees it

– User never has to update – User can never disable it

– Users will not even notice that they are being protected

• Administrators no longer need access to every VM

– Centralized management of policies and definitions – Increase security and compliance

– Ideal for service providers to ensure tenant privacy – Simplify VDI management

(28)

Multiple Layers of Security

1. Virtual Firewall

2. AV Detection on the Network

3. AV Scan on the Disk

4. Network Intrusion Detection

5. Network Anomaly Analysis

6. Extensible to Analytics Systems

(29)

• Intercept network traffic before it even gets to the VM • Manage traffic at the network protocol level

– TCP, UDP, GRE, ICMP, IGMP, etc.

• Single solution for every guest OS supported by Hyper-V

Security Layer 1 – Virtual Firewall

Server • Windows Server 2016 • Windows Server 2012 R2 • Windows Server 2012 • Windows Server 2008 R2 Client • Windows 10 • Windows 8.1 • Windows 8 • Windows 7

Linux & UNIX

• CentOS • Debian • FreeBSD • Oracle Linux

(30)

Security Layer 2 – AV Detection on the Network

• Protection for all virtual networks

• Active detection for immediate threat notification

– Unencrypted HTTP traffic (more coming soon)

• Automatically alert admins

(31)

Security Layer 3 – AV Security on the Disk

• No more “scanning storms”

– Increase VM performance

– Increase VM density by up to 30%

• 5nine uses a patent-pending

Change Block Tracking (CBT) driver

– Scan only blocks on the disk that have changed

– Scan up to 70x faster

(32)

Security Layer 4 – Network Intrusion Detection

Hyper-V Hosts

Database

5nine Cloud Security Management Server

Public Internet

(33)

Security Layer 5 – Network Anomaly Analysis

5nine Cloud Security Management Server Public Internet 30 40 50 60 70 80 90 100

Normal Traffic

30 40 50 60 70 80 90 100

Unusual Traffic

(34)

Security Layer 6 – Extensible to Analytics Systems

Hyper-V Hosts

Database

5nine Cloud Security Management Server Public Internet On-Premises Analytics Cloud-Based Analytics

(35)

• Virtual environments are dynamic and change regularly

– Legacy “endpoint” security is impractical and unsafe

• Automatically and immediately protect the entire virtualized infrastructure

and software-defined networks (SDNs)

• Guarantee higher levels of business continuity and reliability

• Built-in automation tools

• Script custom security policies with PowerShell

(36)

Hyper-V Hosts & Clusters SQL Server

5nine Cloud Security Management Server

Redundant Management Group

SQL Server SQL Cluster Branch Office SQL Server 5nine Sync 5nine Cloud Security Management

5nine Console | 5nine PowerShell Azure Pack (WAP) Extension

System Center Virtual Machine Manager (SCVMM) Plugin

(37)

System Center Virtual Machine Manager Plugin

Centralized Security Management through System Center to Protect your Hyper-V Infrastructure and VMs

• Easy-to-use extension of 5nine Cloud Security

• Integrate into your existing management system

• Protect all Windows Server, Windows and Linux VMs

• Agentless design for easy management

• Fastest security scans in the industry

• Meet industry compliance & regulation requirements

• Scales to protect the largest enterprises running

(38)

Windows Azure Pack & Microsoft Azure Stack

(39)

Azure Pack (WAP) Extension

Security as a Service (SECaaS) to Protect your Datacenter, your Customers, and their Clouds

• The only Security as a Service (SECaaS) solution for Azure Pack • Free add-on to 5nine Cloud Security

• Enable tenants to easily manage their own Windows and Linux security policies through self-service • Hosting and service providers can secure multi-tenant environments and VMs

• Users can easily configure firewalls, intrusion detection, and more • Generate revenue by offering Security as a Service (SECaaS)

• Differentiate yourself through achieving increased security and compliance

(40)

Administrator Portal

• Add SECaaS to plans

• Protect hosts, VMs & tenants

• Global firewall templates

• View user action logs

• Notifications

• Billing & chargeback

– Via Cloud Cruiser or Cloud Assert

Tenant Portal

• Protect a VM through self-service

– Virtual Firewall

– Antivirus & Antimalware

– Intrusion Detection

– Network Traffic Scanner

– Network Anomaly Scanner

• VM Groups

• Firewall templates

• View user action logs

• Notifications

(41)

Generate New Revenue through SECaaS

• Only Security as a Service solution for Azure Pack

• Make premium security the default offering

• Provide tenants with simple SECaaS features

– Virtual firewall, intrusion detection, security templates

• Stand out from your competition and public clouds

• Attract new customers

(42)

Meet Compliance & Regulation Requirements

• Virtualization infrastructure is being targeted by hackers

• Meet expected compliance and regulation standards

• Meet customer’s guidelines to operate in new markets

• Support more regulation requirements

(43)

5nine Cloud Security

(44)
(45)

• Nutanix

– Nutanix website: http://www.nutanix.com

– Nutanix security page: http://www.nutanix.com/products/features/security/

– Nutanix security certifications: http://www.nutanix.com/products/features/security/certifications/ – Robert Corradini, contact: [email protected]

– Request a Nutanix Demo: http://www.nutanix.com/demo)

• 5nine Software

– 5nine website: http://www.5nine.com

– 5nine videos: https://www.youtube.com/user/5NineSoftware – 5nine Cloud Security: http://www.5nine.com/Security

http://www.5nine.com/WAP

(46)

Q&A

[email protected]

[email protected]

References

Download now ( PDF - 46 Page - 5.30 MB )

Related documents

5nine Virtual Firewall 2.1 for Microsoft Hyper-V

5NINE Virtual Firewall (v-Firewall) allows you to programmatically manage the network security of your Hyper-V virtual infrastructure on per-VM basis, defining network traffic

Hyper-V Protection. User guide

BackupAssist’s Restore tab displays two restore options for Hyper-V: Hyper-V Host Files and Hyper-V Granular Restore. This section explains how to perform an Hyper-V

User's Guide - Beta 1 Draft

Virtual Memory Virtual Machine Name Local Hyper-V Dashboard Microsoft Hyper-V Server Enterprise Dashboard Enterprise Hyper-V Details Local Hyper-V Dashboard Node Name Local

Symantec Backup Exec 3600 Appliance

Hyper-V Virtual Machine Communication Security For Hyper-V environments, the Agent for Windows is installed to each Hyper-V host and once again the communication path between

Advanced virtualization management for Hyper-V and System Center environments

Citrix Essentials for Microsoft Hyper-V extends the management capabilities of Hyper-V and System Center Virtual Machine Manager giving Microsoft customers a scalable, advanced

5nine Security for Hyper-V Datacenter Edition. Version 3.0 Plugin for Microsoft System Center 2012 Virtual Machine Manager

5nine Security 3.0 for Hyper-V Datacenter Edition Plugin for Microsoft System Center 2012 Virtual Machine Manager is a program module designed to allow managing Security Manager

5nine Cloud Monitor for Hyper-V

If you want to overview the current alert settings click Alert Settings button in right-upper corner of the 5nine Cloud Monitor for Hyper-V main window:.. If you want to change

5nine Cloud Security for Hyper-V. Version 6.0

To start Host Management Service remote installation click Remote install in the 5nine Cloud Security Setup dialog of the single setup application.. The remote installation