Overview	  of	  CTE’s	   CloudEnable	  Pla6orm	                     	           Arjun	  Chopra	                  CTO	  Cam...
CloudEnable	  Securing.	  Deploying.	  Managing.	  24/7.	                                                                 ...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
Who	  is	  CloudEnable	   500+	  Trained	  Cloud	  Folks	                                                                 ...
Recent	  Customers                  	                                                                                    5...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
Why the Cloud makes sense•    Pay-as-you-go•    No up-front Capital expenses•    On-demand Provisioning•    Elastic Scale•...
PredicCng	  Infrastructure	  Needs	                                                                           Actual	  Usa...
Cloud	  Goal:	  Flip	  This	  EquaCon	                          30%	                                                      ...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
The Cloud Shared Responsibility Model                                                                                     ...
Design	  Best	  PracCces                                          	  •    Protect	  your	  data	  •    Design	  for	  fail...
OperaCons	  Best	  PracCces                                    	  •  Secure	  the	  systems	  •  Leverage	  Regions	  and	...
Security, Security, Security!•  Deny-all by default, except as mentioned   below•  Web Server Security Group (80 + 443)•  ...
Harden all Stack ComponentsDeliverable: Hardened Gold AMI                                                                 ...
Secure the Database•  Use TDE where available to ease   application development•  Classify data based on importance•  Encr...
SupporCng	  MulCple	  Customers	  •  Hardened OS for   entire stack•    Dedicated Cloudlets     for each Tenant•    Dedica...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
CloudEnable s	  24/7	  SLA-­‐driven	  OperaCons	  1.  Pro-active Management   •    24/7 geographically distributed        ...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
Business	  ConCnuity	  and	  DR	  •  Avoid	  single	  points	  of	  failure  	  •  Design	  and	  test	  failure	  and	   ...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
Case	  Studies                                     	  •    A	  $2B	  India-­‐based	  conglomerate	  •    A	  $1.5B	  ISV	 ...
Agenda	  •    Who	  is	  CloudEnable	  •    Why	  the	  Cloud	  makes	  sense	  •    Building	  a	  Cloud-­‐ready	  App	  ...
Next	  Steps	  •  University	  of	  Cloud	  •  Cloud	  Readiness	     Assessments	  •  Cloud	  On-­‐boarding	  •  CloudEna...
For additional Informationwww.cloudenable.comwww.ctepl.com                                                                ...
Upcoming SlideShare
Loading in …5
×

Overview of CTE's CloudEnable Platform to Develop, Deploy, Secure and Manage - Arjun Chopra

1,294 views
1,174 views

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,294
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Overview of CTE's CloudEnable Platform to Develop, Deploy, Secure and Manage - Arjun Chopra

  1. 1. Overview  of  CTE’s   CloudEnable  Pla6orm     Arjun  Chopra   CTO  Cambridge  Technology  Enterprises  
  2. 2. CloudEnable  Securing.  Deploying.  Managing.  24/7.   2   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  3. 3. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   3   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  4. 4. Who  is  CloudEnable   500+  Trained  Cloud  Folks   5   $1.5B   CMMi  Level   ISV  Customer         5M   5   Hours  of  upIme   NOCs       24/7  Management,  starCng  at  $9   4   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  5. 5. Recent  Customers   5   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  6. 6. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   6   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  7. 7. Why the Cloud makes sense•  Pay-as-you-go•  No up-front Capital expenses•  On-demand Provisioning•  Elastic Scale•  Pass benefits on to users 7   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  8. 8. PredicCng  Infrastructure  Needs   Actual  Usage   Customer   Dissa.sfac.on  Compute  Power   Predicted  Usage   Waste   Time   8   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  9. 9. Cloud  Goal:  Flip  This  EquaCon   30%   70%  On-­‐Premise   Your   Managing  All  of  the    Infrastructure   Business   UndifferenCated  Heavy  Lifing   Configuring   More  Time  to  Focus  on  Cloud-­‐Based   Your  Cloud   Your  Business  Infrastructure   Assets   70%   30%   9   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  10. 10. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   10   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  11. 11. The Cloud Shared Responsibility Model Development  and   MigraCon  assisted  by  CTE   ApplicaCon   24/7  Managed   Services  delivered  by   CloudEnable  On-­‐demand,  Pay-­‐as-­‐you-­‐go  Infrastructure  provided  by  AWS   11 ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  12. 12. Design  Best  PracCces  •  Protect  your  data  •  Design  for  failure  so  nothing  fails  •  Handle  reboots  gracefully  •  Decouple  and  make  stateless  •  Isolate  Traffic   –  StaCc  vs  Dynamic   –  Read  vs  Write   12   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  13. 13. OperaCons  Best  PracCces  •  Secure  the  systems  •  Leverage  Regions  and  AZs  for  disaster   recovery  •  Create  the  automaCon  roadmap  •  Separate  environments  and  keep  consistent  •  Establish  monitoring  and  management   parameters  and  alarms  •  Document,  Test,  Improve   13   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  14. 14. Security, Security, Security!•  Deny-all by default, except as mentioned below•  Web Server Security Group (80 + 443)•  App Server Security Group (App Server ports; communication from Web Server Group members only)•  DB Security Group (DB ports; Communication with App Server Group members only)•  Admin Security Group (SSH port; Access restricted to corporate subnet only) 14   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  15. 15. Harden all Stack ComponentsDeliverable: Hardened Gold AMI DB  Tasks include:•  Encrypt the file system and swap space•  Configuring the OS firewall (EC2  Instance)  •  Reviewing inittab and boot scripts•  Securing ssh  •  Securing history App  Server    •  Setting up IPS/IDS/AV     (EC2  Instance)   15   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  16. 16. Secure the Database•  Use TDE where available to ease application development•  Classify data based on importance•  Encrypt desired columns, tables and DB   tablespaces•  Ensure separation of duties•  Establish access control and audit (EC2  Instance)   tools•  Run on a hardened AMI•  Use RDS or ensure HA 16   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  17. 17. SupporCng  MulCple  Customers  •  Hardened OS for entire stack•  Dedicated Cloudlets for each Tenant•  Dedicated Cloudlet for Multi-tenant Software•  Managed VPN Tunnel between Customer Site and AWS Cloudlet *•  SGs, In Flight and At Rest data security across stacks * = As Needed 17   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  18. 18. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   18   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  19. 19. CloudEnable s  24/7  SLA-­‐driven  OperaCons  1.  Pro-active Management •  24/7 geographically distributed NOCs •  Integrated App, Infrastructure and Security mgmt and Help Desk systems •  BC/DR set up •  MFA and Privilege-based access •  Vulnerability Assessment and testing •  IAM set up and management2.  Pro-active Monitoring •  Event & Application Logs •  Change Monitoring •  Network interface monitoring •  Host IDS/IPS monitoring •  DB log monitoring3.  Configuration Management •  Gold Image Patching •  Key-Pair Generation, Retrieval, Distribution, Rotation, Destruction •  Security policy tracking and management 19   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  20. 20. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   20   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  21. 21. Business  ConCnuity  and  DR  •  Avoid  single  points  of  failure  •  Design  and  test  failure  and   recovery  scenarios  •  Define  RTOs  and  RPOs  •  Define  and  develop  data   backup  management  •  Account  for  security,   encrypCon,  key  rotaCon  and   account  terminaCon  •  Deliver  automaCon  where   required   21   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  22. 22. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   22   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  23. 23. Case  Studies  •  A  $2B  India-­‐based  conglomerate  •  A  $1.5B  ISV  •  A  Fortune  100  Auto  company  •  A  Financial  Services  Startup   23   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  24. 24. Agenda  •  Who  is  CloudEnable  •  Why  the  Cloud  makes  sense  •  Building  a  Cloud-­‐ready  App  •  24/7,  SLA-­‐driven  OperaCons  •  Business  ConCnuity  and  DR  •  Cloud  Highlights  •  Next  Steps   24   ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  
  25. 25. Next  Steps  •  University  of  Cloud  •  Cloud  Readiness   Assessments  •  Cloud  On-­‐boarding  •  CloudEnable   Management  25   ©  2011:  Cambridge  Technology  Enterprises  (All  Rights   Reserved)  
  26. 26. For additional Informationwww.cloudenable.comwww.ctepl.com 26 ConfidenCal:  ©  2011:  CloudEnable  (All  Rights  Reserved)  

×