• Save
Three data center security innovations to accelerate your business

Like this? Share it with your network

Share

Three data center security innovations to accelerate your business

  • 4,487 views
Uploaded on

At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and......

At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.

More in: Technology , Education
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
4,487
On Slideshare
1,899
From Embeds
2,588
Number of Embeds
4

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 2,588

http://blogs.cisco.com 2,575
https://twitter.com 10
http://translate.googleusercontent.com 2
https://tweetdeck.twitter.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Three Data Center SecurityInnovations to Accelerate YourBusinessEvelyn de Souza, Sr Cloud & Data Center Security Strategist, CiscoCo-chair Cloud Security Alliance Cloud Controls Matrix
  • 2. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2From Months to Days to Hours and MinutesData center provisioning times have decreased from 8 weeks to 15 minutesSecurity must do the same to realize the full benefits of data center automation
  • 3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3Data Center EvolutionVirtualization CloudTraditionalData CenterVirtualized DataCenter (VDC)VirtualizedDesktopsInternal,Private CloudsVirtual PrivateClouds (VPC) Public CloudsConsolidateAssetsVirtualize theEnvironmentAutomate ServiceDeliveryStandardizeOperationsWHEREARE YOUNOW?WHERE DOYOU WANTTO BE?3
  • 4. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4Erodes efficiencygains and delays newservices implementationby months“Bolted on” Security Inhibits Data Center AccelerationCannot scale to today’sdata center networkperformance andavailability requirementsCannot proactively defendagainst emerging threats
  • 5. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5Cisco Data Center Security Accelerates Your BusinessTakes deployment of new,secure services from weeks tohoursReduces policy management by80%Ease of ProvisioningExtends a chain of trust fromthe user to the applicationBlock threats before theydisrupt servicesPervasive Protection8x performance versuscompetitive firewallsEnhanced availability andresilienceMaximized Performance
  • 6. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6Cisco Innovations PoweringData Center SecuritySecurity Group Tags (SGT)automate security policyShared policy extends fromrouters and switches tofirewall and IPSEase of ProvisioningTrustSec’s context-aware policiesand strong encryption ensuretrusted linksCorrelated SIO analysis of100TB threat data daily and5,500+ IPS signaturesproactively block advanced threatsPervasive ProtectionVirtual Port Channel (vPC) andFabricPath optimize traffic linksNext-generation firewalls scale tomeet increased performancerequirementsMaximized Performance
  • 7. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7Ease of ProvisioningTakes provisioning of new services from weeks to hoursAutomatedNew workload is provisionedFirewalls must be manually updatedCisco ASA Firewall and TrustSecASA firewall learns when new a workload isprovisioned and automatic applies security policyManual
  • 8. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8Alignment by business function with 80% reduction in manual firewall rulesEase of ProvisioningNY VPN UK CADC-MTV (SRV1)DC-MTV (SAP1)DC-RTP (SCM2)DC-RTP (ESXix)Security GroupFilteringCustomer managed >500,000 firewall rules with 24 peopleCisco Security Group Tags (TrustSec and ASA) reduced that to 50 server production rules,10 firewall rules and 6 people12312233441UsersMUC BUH MEL NZ5 6 7 8Locations Now = 120 rules/ personTrustSec -> 15 rules5Resources
  • 9. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9Maximized PerformanceHigher Availability•  Uptime of all available traffic links through vPCIncreased Network Resilience•  Asymmetric traffic flows ensures no networkanomalies or traffic lossMassive Scalability•  Unlimited bandwidth for East-West trafficvia FabricPathVirtual Port Channel (vPC) and Fabric Path innovations extendnetwork performance
  • 10. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10Maximized PerformanceHigher Performance Density700%Less Power Consumption84%Less Rack Space87%Next-generation firewall for high performance data centers•  Up to 1.9 million new connectionsper second•  Up to 80 million maximum connectionsper second
  • 11. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Pervasive Protection•  Blocks threats before they disrupt services•  Forms a chain of trust from user to applicationCisco SIOReal-time threat feeds fromover 100TB data analysis5,500+ IPS signaturesReputation-based protectionIdentity and context-basedpolicyLatest encryption algorithmsFor robust and continued service delivery
  • 12. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 122. MaximizedPerformance2. MaximizedPerformance1.Ease ofProvisioning3. PervasiveProtection1. Ease ofProvisioningSpeedsadoption ofnew servicesfrom weeks tohoursSecurity GroupTags form a chainof trust from userto app80% reductionin manualfirewall rules3. PervasiveProtectionData Center Innovations in SummaryCisco Data Center Security Accelerates Your BusinessvPC andFabricPathoptimizetraffic flow8xperformancedensity overcompetitivefirewalls100TB globalthreat dataanalyzed daily
  • 13. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13Your Call to Action: Learn More about Data Center Security thatAccelerates Your BusinessLeverage Cisco’s blueprints for an end-to-end security architecturehttp://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns743/ns1050/landing_vmdc.htmlFollow Cisco’s Ask the Data Center Security Blogshttp://blogs.cisco.com/author/evelyndesouza/Contact me at evdesouz@cisco.com to learn more
  • 14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14