SlideShare una empresa de Scribd logo

Securing the Cloud Within and Between Data Centers

Cisco Service Provider
Cisco Service Provider

Looking at data center and cloud trends, security challenges, security solutions and what's new: virtual ASA, vCloud Director Integration

Tecnología
1 de 9
Securing the Cloud Within and Between Data Centers Prashant Gandhi Sr. Director, Server Access & Virtualization February 2012
• Data Center & Cloud Trends • Security Challenges • Security Solutions Nexus 1000V – secure switching for VMs Virtual Security Gateway (VSG) – virtual firewall • What’s New Virtual ASA, vCloud Director Integration • Resources © 2010 Cisco and/or its affiliates. All rights reserved. 2
PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management © 2010 Cisco and/or its affiliates. All rights reserved. 3
Data Center Technology Investment Drivers Incease Security 76% Decrease Downtime 70% Data Storage/Backup 69% Decrease Operating Costs 68% Virtualization 66% Drivers Improve Management Capability 66% Consolidate Data Centers 65% Iimprove Scalability 62% Consolidate Equipment 59% Centralize IT Services 58% Enable a New Application 55% Higher Energy Efficiency/Green Initiatives 50% 0% 10% 20% 30% 40% 50% 60% 70% 80% Percent of Respondents Rating 6 or 7 Source: Data Center Deployment Strategies: North American Enterprise Survey, Infonetics, February 2011. © 2010 Cisco and/or its affiliates. All rights reserved. 4
Highly Scalable Partner Solution Processes Massive Workloads Elements App App App Desktop O/S Desktop Virtualization Dynamic Hypervisor Delivers On-Demand Services Storage VDI Broker Intelligent Supports Different Unified Unified Unified Applications and Data Types Fabric Network Services Computing Cisco Data Center Security: Business Advantage Framework Requires the Same Demands Consolidation, Virtualization, Automation, and Cloud © 2010 Cisco and/or its affiliates. All rights reserved. 5
Network Security Virtualization Security Secure Access • ASA 5585-X with • Nexus® 1000V switch: • Cisco AnyConnect firewall and IPS a distributed virtual • TrustSec switch • ASA Services • Identity Services Module • Virtual Security Engine Gateway (VSG): • Cisco Security Zone-based virtual FW • SaaS gateway Intelligence (cloud security) Operations (SIO) • ASA 1000V: Tenant- edge virtual FW • Cisco Security Single Manager point, integrated, sec urity © 2010 Cisco and/or its affiliates. All rights reserved. 6
PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 Nexus 7K/5K/3K/2K Nexus 1000V, VM-FEX WAAS, ASA, NAM, ACE Virtual WAAS, VSG, ASA 1000V UCS for Bare Metal UCS for Virtualized Workloads © 2010 Cisco and/or its affiliates. All rights reserved. 7
• Policy applied to VM zones Virtual • Dynamic, scale-out operation VSG, Security • VM context based controls ASA 1000V • Segment internal network FWSM Internal • Policy applied to VLANs ASA-SM Security • Application protocol inspection • Virtual Contexts ASA 55xx • Filter external traffic Internet • Extensive app protocol support Edge • VPN access, Threat mitigation ASA 55xx © 2010 Cisco and/or its affiliates. All rights reserved. 8 *Demonstrated at VMWorld 2011
click here © © 2010 Cisco and/or its affiliates. All rights reserved. 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

Recomendados

Securing Your Data In The Cloud
Securing Your Data In The CloudSecuring Your Data In The Cloud
Securing Your Data In The CloudOmer Trajman
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudIOSR Journals
 
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...OneLogin
 
The Trusted Cloud Transfer Protocol (TCTP)
The Trusted Cloud Transfer Protocol (TCTP)The Trusted Cloud Transfer Protocol (TCTP)
The Trusted Cloud Transfer Protocol (TCTP)Mathias Slawik
 
Ensuring secure transfer, access and storage over the cloud storage
Ensuring secure transfer, access and storage over the cloud storageEnsuring secure transfer, access and storage over the cloud storage
Ensuring secure transfer, access and storage over the cloud storageeSAT Journals
 
Is The Cloud Secure Enough For Your Data?
Is The Cloud Secure Enough For Your Data?Is The Cloud Secure Enough For Your Data?
Is The Cloud Secure Enough For Your Data?OSIbeyond
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
AWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAmazon Web Services
 

Recomendados

Securing Your Data In The Cloud
Securing Your Data In The CloudSecuring Your Data In The Cloud
Securing Your Data In The CloudOmer Trajman
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudIOSR Journals
 
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...OneLogin
 
The Trusted Cloud Transfer Protocol (TCTP)
The Trusted Cloud Transfer Protocol (TCTP)The Trusted Cloud Transfer Protocol (TCTP)
The Trusted Cloud Transfer Protocol (TCTP)Mathias Slawik
 
Ensuring secure transfer, access and storage over the cloud storage
Ensuring secure transfer, access and storage over the cloud storageEnsuring secure transfer, access and storage over the cloud storage
Ensuring secure transfer, access and storage over the cloud storageeSAT Journals
 
Is The Cloud Secure Enough For Your Data?
Is The Cloud Secure Enough For Your Data?Is The Cloud Secure Enough For Your Data?
Is The Cloud Secure Enough For Your Data?OSIbeyond
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsCloudMask inc.
 
AWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAmazon Web Services
 
Understanding AWS Security
Understanding AWS Security Understanding AWS Security
Understanding AWS Security Amazon Web Services
 
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
 
Quality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing EnvironmentsQuality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing EnvironmentsSoodeh Farokhi
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...Amazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best PracticesAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Advanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform Cisco Service Provider
 
SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview Cisco Service Provider
 
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORSCisco Service Provider
 
Cisco at OFC 2016
Cisco at OFC 2016Cisco at OFC 2016
Cisco at OFC 2016Cisco Service Provider
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...Cisco Service Provider
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users GrowthCisco Service Provider
 
Cisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation InfographicCisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation InfographicCisco Service Provider
 
Simplify Operations
Simplify OperationsSimplify Operations
Simplify OperationsCisco Service Provider
 

Más contenido relacionado

Destacado

Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
 
Quality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing EnvironmentsQuality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing EnvironmentsSoodeh Farokhi
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...Amazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Advanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAmazon Web Services
 

Destacado (14)

Understanding AWS Security
Understanding AWS Security Understanding AWS Security
Understanding AWS Security
 
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
Building a Cloud Culture at Yelp (BDT305) | AWS re:Invent 2013
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
 
Quality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing EnvironmentsQuality of Service Control Mechanisms in Cloud Computing Environments
Quality of Service Control Mechanisms in Cloud Computing Environments
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the Cloud
 
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
System z Mainframe Data with Amazon S3 and Amazon Glacier (ENT107) | AWS re:I...
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best Practices
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
 
Advanced Security Best Practices Masterclass
Advanced Security Best Practices MasterclassAdvanced Security Best Practices Masterclass
Advanced Security Best Practices Masterclass
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 

Más de Cisco Service Provider

SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview Cisco Service Provider
 
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORSCisco Service Provider
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...Cisco Service Provider
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users GrowthCisco Service Provider
 
Cisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation InfographicCisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation InfographicCisco Service Provider
 
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link Performance
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link PerformanceOperator Drives Bandwidth Efficiency and Optimizes Satellite Link Performance
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link PerformanceCisco Service Provider
 
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...Application Engineered Routing Segment Routing and the Cisco WAN Automation ...
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...Cisco Service Provider
 
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...Research Highlight: Independent Validation of Cisco Service Provider Virtuali...
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...Cisco Service Provider
 
Cisco Policy Suite for Service Providers
Cisco Policy Suite for Service ProvidersCisco Policy Suite for Service Providers
Cisco Policy Suite for Service ProvidersCisco Service Provider
 
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...Cisco Service Provider
 
Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsCisco Service Provider
 
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...Cisco Service Provider
 
Cisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Service Provider
 
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...Cisco Service Provider
 

Más de Cisco Service Provider (20)

SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform
 
SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview
 
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
[Whitepaper] Cisco Vision: 5G - THRIVING INDOORS
 
Cisco at OFC 2016
Cisco at OFC 2016Cisco at OFC 2016
Cisco at OFC 2016
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...
 
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users Growth
 
Cisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation InfographicCisco Cloud-Scale Innovation Infographic
Cisco Cloud-Scale Innovation Infographic
 
Simplify Operations
Simplify OperationsSimplify Operations
Simplify Operations
 
Expand Your Market Opportunities
Expand Your Market OpportunitiesExpand Your Market Opportunities
Expand Your Market Opportunities
 
Orchestrated Assurance
Orchestrated Assurance Orchestrated Assurance
Orchestrated Assurance
 
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link Performance
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link PerformanceOperator Drives Bandwidth Efficiency and Optimizes Satellite Link Performance
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link Performance
 
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...Application Engineered Routing Segment Routing and the Cisco WAN Automation ...
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...
 
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...Research Highlight: Independent Validation of Cisco Service Provider Virtuali...
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...
 
Cisco Policy Suite for Service Providers
Cisco Policy Suite for Service ProvidersCisco Policy Suite for Service Providers
Cisco Policy Suite for Service Providers
 
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...
 
Segment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business ModelsSegment Routing: Prepare Your Network For New Business Models
Segment Routing: Prepare Your Network For New Business Models
 
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...
 
Cisco Virtual Managed Services Solution
Cisco Virtual Managed Services SolutionCisco Virtual Managed Services Solution
Cisco Virtual Managed Services Solution
 
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...
 
IPv6: Unleashing The Power
IPv6: Unleashing The PowerIPv6: Unleashing The Power
IPv6: Unleashing The Power
 

Último

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 

Último (20)

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 

Securing the Cloud Within and Between Data Centers

  • 1. Securing the Cloud Within and Between Data Centers Prashant Gandhi Sr. Director, Server Access & Virtualization February 2012
  • 2. • Data Center & Cloud Trends • Security Challenges • Security Solutions Nexus 1000V – secure switching for VMs Virtual Security Gateway (VSG) – virtual firewall • What’s New Virtual ASA, vCloud Director Integration • Resources © 2010 Cisco and/or its affiliates. All rights reserved. 2
  • 3. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management © 2010 Cisco and/or its affiliates. All rights reserved. 3
  • 4. Data Center Technology Investment Drivers Incease Security 76% Decrease Downtime 70% Data Storage/Backup 69% Decrease Operating Costs 68% Virtualization 66% Drivers Improve Management Capability 66% Consolidate Data Centers 65% Iimprove Scalability 62% Consolidate Equipment 59% Centralize IT Services 58% Enable a New Application 55% Higher Energy Efficiency/Green Initiatives 50% 0% 10% 20% 30% 40% 50% 60% 70% 80% Percent of Respondents Rating 6 or 7 Source: Data Center Deployment Strategies: North American Enterprise Survey, Infonetics, February 2011. © 2010 Cisco and/or its affiliates. All rights reserved. 4
  • 5. Highly Scalable Partner Solution Processes Massive Workloads Elements App App App Desktop O/S Desktop Virtualization Dynamic Hypervisor Delivers On-Demand Services Storage VDI Broker Intelligent Supports Different Unified Unified Unified Applications and Data Types Fabric Network Services Computing Cisco Data Center Security: Business Advantage Framework Requires the Same Demands Consolidation, Virtualization, Automation, and Cloud © 2010 Cisco and/or its affiliates. All rights reserved. 5
  • 6. Network Security Virtualization Security Secure Access • ASA 5585-X with • Nexus® 1000V switch: • Cisco AnyConnect firewall and IPS a distributed virtual • TrustSec switch • ASA Services • Identity Services Module • Virtual Security Engine Gateway (VSG): • Cisco Security Zone-based virtual FW • SaaS gateway Intelligence (cloud security) Operations (SIO) • ASA 1000V: Tenant- edge virtual FW • Cisco Security Single Manager point, integrated, sec urity © 2010 Cisco and/or its affiliates. All rights reserved. 6
  • 7. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 Nexus 7K/5K/3K/2K Nexus 1000V, VM-FEX WAAS, ASA, NAM, ACE Virtual WAAS, VSG, ASA 1000V UCS for Bare Metal UCS for Virtualized Workloads © 2010 Cisco and/or its affiliates. All rights reserved. 7
  • 8. • Policy applied to VM zones Virtual • Dynamic, scale-out operation VSG, Security • VM context based controls ASA 1000V • Segment internal network FWSM Internal • Policy applied to VLANs ASA-SM Security • Application protocol inspection • Virtual Contexts ASA 55xx • Filter external traffic Internet • Extensive app protocol support Edge • VPN access, Threat mitigation ASA 55xx © 2010 Cisco and/or its affiliates. All rights reserved. 8 *Demonstrated at VMWorld 2011
  • 9. click here © © 2010 Cisco and/or its affiliates. All rights reserved. 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

Notas del editor

  1. Source: Cisco Connected World Report, Part 3http://newsroom.cisco.com/dlls/2010/ts_101910.html
  2. Overall picture: list of Cisco security solutions with perhaps the architecture as a backdrop.Cisco TrustSec, Cisco AnyConnect Secure Mobility, Cisco Virtual Office, PCI DSS Compliance, Threat Defense (Firewall, IPS), Cisco Content Security (email/web), Cisco Data Center Security, Cisco Virtualization and Cloud Security