• Like
  • Save

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Data Center Security Now and into the Future

  • 919 views
Published

Understand all the latest Data Center trends and Data Center security requirements. Take a deep dive on Cisco’s value-added integrated approach on Data Center Security Strategy.

Understand all the latest Data Center trends and Data Center security requirements. Take a deep dive on Cisco’s value-added integrated approach on Data Center Security Strategy.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
919
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Evelyn de SouzaData Center SecurityDecember 5, 2012© 2012 Cisco and/or its affiliates. All rights reserved. 1
  • 2. Data Center Business Drivers Data center Evolution New Security Approaches Cisco’s Data Center Security Strategy Focus on Value-Ad Integrated Approach© 2012 Cisco and/or its affiliates. All rights reserved. 2
  • 3. BUSINESS CHALLENGES Business Security and Budget 24x7 Business Agility Compliance Constraints Proliferation Energy Cloud Data Deluge of Devices Efficiency© 2012 Cisco and/or its affiliates. All rights reserved. TECHNOLOGY TRENDS 3
  • 4. NEARLY MORE THAN AVERAGE OF 2000% 50% 3.x increase in application of workloads in the Mobile devices are used traffic and network data center will be on enterprise networks connections per second virtualized by 2013 by employees by 2015 NEARLY MORE THAN AVERAGE OF 3.x 50% 90% The number of devices Have at least one of data center electricity pulled connected to IP networks application or portion of off the grid is wasted in 2012 will be nearly three times their infrastructure in the as high as the global cloud in 2012 population in 2016.© 2012 Cisco and/or its affiliates. All rights reserved. 4
  • 5. WHERE WHERE DO ARE YOU Traditional Virtualized DataYOU Virtualized Internal, Private Virtual Private PublicWANT Data Center Center (VDC) ? Desktops Clouds Clouds (VPC) CloudsTO BE ? Consolidate Virtualize the Standardize Automate Assets Environment Operations Service Delivery Virtualization Cloud© 2012 Cisco and/or its affiliates. All rights reserved. 5
  • 6. DRIVING NEW SECURITY REQUIREMENTSOFTEN CITED CUSTOMER PROBLEMS PHYSICAL VIRTUAL CLOUD One app per server Many apps per server Multi-tenant per server HYPERVISOR VDC-1 VDC-2 1. Different architectures for physical, virtual and cloud result in fragmented security policies and visibility 2. Conventional security toolsets don’t scale to meet today’s high throughput requirements 3. “Bolted on” security approaches require that architectures be retrofitted to accommodate security rather than enable the business© 2012 Cisco and/or its affiliates. All rights reserved. 6
  • 7. © 2012 Cisco and/or its affiliates. All rights reserved. 7
  • 8. CONSISTENT Delivers and orchestrates consistent security and policy enforcement across virtual and physical boundaries to SECURITY protect the infrastructure, and control application access APPLICATION Protects against internal and external attacks in highly PROTECTION transacted, high-performance application environments Aligns security policies with business requirements through BUSINESS network-based identity, device awareness, and application CONTEXT visibility and control© 2012 Cisco and/or its affiliates. All rights reserved. 8
  • 9. "Context-aware and adaptive security will be the onlyway to securely support the dynamic business and ITinfrastructures emerging during the next 10 years”Source: Gartner, Neil MacDonald, Vice President, Distinguished Analyst TheFuture of Information Security Is Context Aware and Adaptive, September 2012© 2012 Cisco and/or its affiliates. All rights reserved. 9
  • 10. Consistent SecurityEmbedding Security into Hybrid Infrastructures – Physical, Virtual, Cloud Global and Local Threat Intelligence Common Policy and Management Enforcement Information Handles All Devices Sources All Data Routes All Requests Controls All Flows Shapes All Streams Sees All Traffic Touches All Users© 2012 Cisco and/or its affiliates. All rights reserved. 10
  • 11. Consistent SecurityEmbedding Security into Hybrid Infrastructures – Physical, Virtual, Cloud Global and Local Threat Intelligence Common Policy and Management Enforcement Network Enforcement Policy Information Access Control Identity Awareness Encryption Threat Defense Device Visibility Behavioral Analysis Policy Enforcement© 2012 Cisco and/or its affiliates. All rights reserved. 11
  • 12. Application ProtectionProtecting Businesses from Internal and External Threat Vectors hackers organized crime Protection - IPS 4500 Security Appliance cyber criminals disgruntled employee© 2012 Cisco and/or its affiliates. All rights reserved. 12
  • 13. Business ContextMaintaining Compliance and Providing Insightinto Data Center Operations Management and Reporting Cisco Security Manager (SM) Cisco Virtual Network Management Center (VNMC) Insights Cisco NetFlow Policy Orchestration Cisco Identity Services Engine (ISE) Cisco TrustSec Security Group Tagging (SGT)© 2012 Cisco and/or its affiliates. All rights reserved. 13
  • 14. An Integrated Solutions Based ApproachLab Tested. and Architect Approved. Internet Edge CORE Physical Data Center DISTRIBUTION Nexus 7018 VDC Nexus 7018 Security, SAN ASA 5585-X ASA 5585-X Cisco Validated Designs (CVDs) VPC VPC VPC VPC VPC VPC VPC VPC VSS VSS Nexus 5000 Catalyst Nexus Series Nexus Unified Computing 6500 SERVICES Virtual 7000 Series 2100 Series Nexus System Firewall ACE Data Center VSG Zone 1000V Multizone NAM IPS Virtualized Multi-Service Data Center (VMDC) Proven. Compatibility | Scalability | Reliability© 2012 Cisco and/or its affiliates. All rights reserved. 14
  • 15. “59% of organizations lack the lab resources or test environments to validate vendor claims for themselves.” —SANS Institute “Organizations clearly lack well-defined standards, processes, and resources for determining the resiliency of their critical network devices and systems.... Need methodical resiliency validation using a combo of real traffic, heavy load and security attacks.” —SANS and TOGAG Cisco validated designs deliver RESULTS© 2012 Cisco and/or its affiliates. All rights reserved. 15
  • 16. Business Context C o UNIFIED DATA Compute Network Storage Management m p u t e N CENTER e t w o r k S t o MANAGEMENT r a g e Consistent Security Application Protection Business Context SECURITY Data Center Virtual Multi-Service VALIDATED Security CVD Data Center DESIGNS Physical | Virtual | Cloud© 2012 Cisco and/or its affiliates. All rights reserved. 16
  • 17. • Always-on, security that is integrated into the network fabric • End-to-end security solutions for physical and virtual environments Physical • Mobility-optimized network application protection Cloud • Centrally orchestrated network policies from the application to the network to the user • Context-aware security to Virtual differentiate risk from random • Services to enable pervasive security across the infrastructure, within, and between clouds© 2012 Cisco and/or its affiliates. All rights reserved. 17
  • 18. Thank you.© 2012 Cisco and/or its affiliates. All rights reserved. 18