Your SlideShare is downloading. ×
0

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Securing the Cloud Within and Between Data Centers

826

Published on

Looking at data center and cloud trends, security challenges, security solutions and what's new: virtual ASA, vCloud Director Integration

Looking at data center and cloud trends, security challenges, security solutions and what's new: virtual ASA, vCloud Director Integration

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
826
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Source: Cisco Connected World Report, Part 3http://newsroom.cisco.com/dlls/2010/ts_101910.html
  • Overall picture: list of Cisco security solutions with perhaps the architecture as a backdrop.Cisco TrustSec, Cisco AnyConnect Secure Mobility, Cisco Virtual Office, PCI DSS Compliance, Threat Defense (Firewall, IPS), Cisco Content Security (email/web), Cisco Data Center Security, Cisco Virtualization and Cloud Security
  • Transcript

    • 1. Securing the Cloud Within and Between Data CentersPrashant GandhiSr. Director, Server Access & VirtualizationFebruary 2012
    • 2. • Data Center & Cloud Trends• Security Challenges• Security Solutions Nexus 1000V – secure switching for VMs Virtual Security Gateway (VSG) – virtual firewall• What’s New Virtual ASA, vCloud Director Integration• Resources© 2010 Cisco and/or its affiliates. All rights reserved. 2
    • 3. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management© 2010 Cisco and/or its affiliates. All rights reserved. 3
    • 4. Data Center Technology Investment Drivers Incease Security 76% Decrease Downtime 70% Data Storage/Backup 69% Decrease Operating Costs 68% Virtualization 66% Drivers Improve Management Capability 66% Consolidate Data Centers 65% Iimprove Scalability 62% Consolidate Equipment 59% Centralize IT Services 58% Enable a New Application 55% Higher Energy Efficiency/Green Initiatives 50% 0% 10% 20% 30% 40% 50% 60% 70% 80% Percent of Respondents Rating 6 or 7Source: Data Center Deployment Strategies: North American Enterprise Survey, Infonetics, February 2011.© 2010 Cisco and/or its affiliates. All rights reserved. 4
    • 5. Highly Scalable Partner Solution Processes Massive Workloads Elements App App App Desktop O/S Desktop Virtualization Dynamic Hypervisor Delivers On-Demand Services Storage VDI Broker Intelligent Supports Different Unified Unified Unified Applications and Data Types Fabric Network Services Computing Cisco Data Center Security: Business Advantage Framework Requires the Same Demands Consolidation, Virtualization, Automation, and Cloud© 2010 Cisco and/or its affiliates. All rights reserved. 5
    • 6. Network Security Virtualization Security Secure Access • ASA 5585-X with • Nexus® 1000V switch: • Cisco AnyConnect firewall and IPS a distributed virtual • TrustSec switch • ASA Services • Identity Services Module • Virtual Security Engine Gateway (VSG): • Cisco Security Zone-based virtual FW • SaaS gateway Intelligence (cloud security) Operations (SIO) • ASA 1000V: Tenant- edge virtual FW • Cisco Security Single Manager point, integrated, sec urity© 2010 Cisco and/or its affiliates. All rights reserved. 6
    • 7. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 Nexus 7K/5K/3K/2K Nexus 1000V, VM-FEX WAAS, ASA, NAM, ACE Virtual WAAS, VSG, ASA 1000V UCS for Bare Metal UCS for Virtualized Workloads© 2010 Cisco and/or its affiliates. All rights reserved. 7
    • 8. • Policy applied to VM zones Virtual • Dynamic, scale-out operation VSG, Security • VM context based controls ASA 1000V • Segment internal network FWSM Internal • Policy applied to VLANs ASA-SM Security • Application protocol inspection • Virtual Contexts ASA 55xx • Filter external traffic Internet • Extensive app protocol support Edge • VPN access, Threat mitigation ASA 55xx© 2010 Cisco and/or its affiliates. All rights reserved. 8 *Demonstrated at VMWorld 2011
    • 9. click here© © 2010 Cisco and/or its affiliates. All rights reserved. 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

    ×