virtualize more in 2012 with hytrust-boost data center efficiency and consolidation ratios securely...
DESCRIPTION
TRANSCRIPT
1 Phone: 650-681-8100 / email: [email protected] 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040
Virtualize More in 2012 with HyTrust Boost Data Center Efficiency and Consolidation Ratios Securely and Proactively
First in a three-part series for IT and Security professionals responsible for virtualization and data center architecture, management, and optimization
2
Overview
Speakers
What are the key business drivers for the virtualization security
blueprint ?
What are the pitfalls to avoid as we virtualize more mission-critical
applications, more securely this year?
What guidance and best practices can you share for planning and
undertaking these virtualization initiatives?
Summary
Q&A
3
Speakers
Billy Cox, Cloud strategy - Software and Services Group
Intel
Iben Rodriguez, Cloud Infrastructure Security Architect
eBay
Eric Chiu, President & Co-Founder
HyTrust
4
Desktops Laptops Embedded Smartphones Netbooks Personal Devices
Smart TVs
Federated Share data securely across public and
private clouds
Automated Dynamically Allocate
Resources
Client Aware Optimizing services based
on device capability
Cloud 2015 Vision
Open, Interoperable Solutions Essential
5
From Usage Model to Proven Solution A security example
Define …the strategy to
address IT challenge via usage model
Enable …the usage model in the ecosystem
Prove …the usage model delivers the value
Scale …deployments with
ecosystem
Usage Model
• Trusted Pools • Compliance
Reporting
Pain Points
Enterprise Vulnerabilities
Solution Stacks
Chipset
VMM
Policy Engine
Management
OS
Applications
CPU
Execute End User IT POCs
Prove out in lab Intel® Cloud Builders Reference architecture
Intel® Cloud Builders
Iben Rodriguez
Cloud Information Security Infrastructure Architect
1. Cloud Infrastructure Security Architect who got his start in data networks for military, and now designs and delivers complex projects for international pharmaceutical, semiconductor companies, ecommerce companies, and many government organizations.
2. Has worked closely with RedHat, VMware, and the Center for Internet Security, and kicked off and maintains the Benchmark for vSphere ESX hardening. Has also been selected a vExpert by VMware since 2009.
3. Enterprise Security and virtual infrastructure design leader dealing with ITIL, SOX, PCI-DSS, ISO27000 assessments and remediation.
4. Presents on virtualization security at many conferences including MISTI, AppCon, InfoSec Cloud, Network World, SANs, and Vmworld, and publishes at www.ibenit.com and www.vadapt.com
5. Expert in integration of Virtual Security Infrastructure Components such as Splunk, Nicira NVP, Vyatta, Cisco Nexus 1000v, HyTrust, SilverPeak, NMAP
7
HyTrust Backgrounder
7 © 2011, HyTrust, Inc. www.hytrust.com
Founded: Fall 2007
Headquarters: Mountain View, CA
Venture Funding: $16 million
Strategic Partners:
Awards & Top Ten Lists: VMworld 2009 Best of Show, VMworld 2009 Gold,
VMworld 2010 Finalist, TechTarget 2009 Product of the Year, RSA Innovation Sandbox
2009/2010 Finalist, SC Magazine 2010 Rookie Company of the Year, Network World
Startup to Watch 2010, InfoWorld Tech Company to Know 2010, Forbes “Who’s Who”
in Virtualization, Red Herring 2010 North America winner, Gartner Cool Vendor 2011
8 © 2011, HyTrust, Inc. www.hytrust.com
How are you addressing security concerns in your virtualized
environments? (Pick Top One)
Traditional infrastructure tools with NO specific provisions for virtualization
Traditional infrastructure tools with specific provisions for virtualization
Utilize virtualization-specific security tools provided by virtualization vendor
Utilize third-party security tools designed for VM's
Utilize third-party virtualization-only security tools
No security provisions in place
9 © 2011, HyTrust, Inc. www.hytrust.com
What are your virtualization priorities heading into 2012? (Pick Top Priority)
Maximize performance and availability with sophisticated monitoring
Continue to increase consolidation ratios by virtualizing tier-one applications
Better management of existing virtual environments
Standardization of hypervisors and/or platforms
Become compliant and/or other organizational mandates (i.e. 25% quota for Federal
organizations…)
Only maintain at this point
10
Key Drivers - Business Trends
Virtualize More…
Forrester Research CISO’s Guide to Virtualization Security
Analyst research of CIO top priorities for 2012, 40% picked virtualization as one of top three
Analyst research shows market is now 52% virtualized, with many organizations goaled to be 75% virtualized by 2014. *
11
Key Drivers - Business Trends
Virtualize More Securely…
+ Jeff Burt eWeek 2009
++Forrester Research CISO’s Guide to Virtualization Security
40% of virtualization deployments undertaken WITHOUT information security team input.++
Security and tier-one apps consistently hold down ratios.+
12
Key Drivers - Business Trends
Virtualize More…
More Securely…
With Less!
Forrester Research CISO’s Guide to Virtualization Security
13
Key Drivers - Virtualization / Cloud Security Situation
2Gartner; “Q&A: Six Misconceptions About Server Virtualization”, Thomas J. Bittman; 29 July 2010
“By 2015, 40% of the security controls used within enterprise data centers will be virtualized, up from less than 5% in 2010.”1
“There will be more virtual machines deployed on servers during 2011 than in 2001 through 2009 combined”2
1Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010 13
“Virtualization increases security risk by 60%.”1
14
Key Drivers - Proactively Protect and Secure Your IP
Average cost of a security breach, per
compromised record (2010), with negligence the
main cause
Percentage of breached companies
who lost customers as a result of the
breach
Percent of all breaches that
involved privileged user misuse
Percentage of companies that
have experienced a data breach
—CA-sponsored survey
— Verizon report, 2010
— IT Compliance
Institute
— IT Compliance
Institute
48%
74%
$124
87%
15
Key Drivers - Proactively Protect and Secure Your IP
Average cost of a security breach, per
compromised record (2010), with negligence the
main cause
Percentage of breached companies
who lost customers as a result of the
breach
Percent of all breaches that
involved privileged user misuse
Percentage of companies that
have experienced a data breach
—CA-sponsored survey
— Verizon report, 2010
— IT Compliance
Institute
— IT Compliance
Institute
48%
74%
$124
87%
16
Best Practices and Guidance - Security
Planning for security in the virtual datacenter
Business drivers including compliance requirements
New role of IT in the cloud
Strategy and Framework (and org expectations)
Planning and discovery into the environment is critical
What are the big wins (ref architecture, single roadmap, global
scalability, single portal…)
17
On the Virtualization side, where are things going?
Managing Talent – separation of duties among experts (or cloud
admin “super generalist”)
Private cloud adoption and IT as a service
Mix mode versus air gaps
Best Practices and Guidance - Virtualization
18
Consolidation & Virtualization
SaaS Application
“Rented” Cloud Infrastructure Self-Service
Ubiquitous Access
Data Center of the Future – 3 year Vision
© 2011, HyTrust, Inc. www.hytrust.com
Access
and
Usage
Identity
Data
IT as a
Service
End result of datacenter transformation: IT is delivered as-a-service;
Role of Corporate IT is transformed from operational to control / governance
Cost
19
How To Get Started with Virtualization Security
Strive for virtual security that is equal to or better than the traditional
security in your environment.
Consider the following:
Apply the “Zero Trust” model of information security to your network
architecture
Consider virtualization-aware security solutions
Implement privileged identity management
Incorporate vulnerability management into the virtual server environment
Best Practices and Guidance - Getting Started
20
Summary – Why You? Why Now?
Why do this now?
Proactive collaborative approach to Security planning and architecture
Lever virtualization ROI, payback periods while advancing security,
compliance…
Align these actionable measures to larger initiatives (from CIO survey)
21 © 2011, HyTrust, Inc. www.hytrust.com