• Share
  • Email
  • Embed
  • Like
  • Private Content
CohesiveFT and IBM joint EMEA Webinar - 20Jun13
 

CohesiveFT and IBM joint EMEA Webinar - 20Jun13

on

  • 290 views

Control and secure your applications on IBM SmartCloud Enterprise with Software Defined Networking from CohesiveFT. ...

Control and secure your applications on IBM SmartCloud Enterprise with Software Defined Networking from CohesiveFT.
An IBM SmartCloud ready partner, CohesiveFT address issues of security and control to allow customers to take full advantage of cloud computing. Cohesive FT’s VNS3 Software Defined Networking is an overlay network which allows you to extend your data centers into the cloud, join clouds together and have control over end to end 256 bit encryption, IP addressing, topology and multicast protocols.

The joint IBM and CohesiveFT webinar aired on June 20

Statistics

Views

Total Views
290
Views on SlideShare
290
Embed Views
0

Actions

Likes
0
Downloads
6
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    CohesiveFT and IBM joint EMEA Webinar - 20Jun13 CohesiveFT and IBM joint EMEA Webinar - 20Jun13 Presentation Transcript

    • @cohesiveft#CFTWebinarsCohesiveFT -Need to control and secure yourapplications in the Cloud?1Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Welcome to the webinar2Sam MitchellSenior Solution ArchitectSam leads the technical elements of the sales cycle. He runs demos,technical qualification, technical account management, proof ofconcepts, technical and competitive positioning, RFI/RFP responses &proposals.Before CohesiveFT, Sam was a Cloud Solution Architect at PlatformComputing, recently acquired by IBM, and Lead Architect at SITA.Your PresentersChris PurringtonGlobal Sales DirectorAs Global Sales Director at CohesiveFT and Managing Director ofCohesiveFT UK, Chris is responsible for worldwide sales. With over20 years in the software industry. Chris has extensive experience inleading ISVs to success in EMEA, this includes 9+ years at ApplicationLifecycle Management company Borland where he was UK MD andVPUK, Ireland and Africa.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Agenda• Cloud and SDN Market Overview• What is cloud networking?• Working with cloud networks• Security & control solutions• Hybrid cloud solutions• Federated cloud solutions• Cloud networking customer use cases• Wrap up & questions3@cohesiveft#CFTWebinarsFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013About CohesiveFT4What We DoWho We Are• Cohesive FlexibleTechnologies Corp.(CohesiveFT)• Founded in 2006 by IT and capital marketsprofessionals with years of experience inoperations, enterprise software and client-facing services• Customers have 50M+ virtual devicehours in public, private, & hybrid cloudssecured byVNS3• First product launched in 2007 withfollowup products in 2008 and 2011• Offices in Chicago, London, Belo Horizonteand Palo Alto• Enable enterprises to run business systemsin the cloud• Our solutions help migrate, transform andextend both customer facing systems andinternal operational platforms• Provide more application-centric SDN forcloud than all competition combined• Only company to promote comprehensivecloud container solution for migration,deployment and control• Cloud, vendor, and standards neutral forgreater customization and controlFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013• 50+M virtual device hours in public, private, &hybrid clouds secured byVNS3• Over 8,000 users built, imported, transformedand delivered 33K+ virtual server templateswith Server3• Numerous enterprises migrated complexapplications to the cloud with Context3• UK government G-Cloud Service Supplier• 18+ Industry and Cloud partnersAchievementsOur ClientsExperience5References Available Upon Request• 500+ Customers• 15+ SI Resellers• 15+ ISV OEMCustomers Include:• Global Mutual Fund Company• Global ERP provider• Global BPMS provider• Global Cloud-basedThreat Detection• Global Fashion Brand• GlobalToy Manufacturer• US National Sports Association• and many more global, transnational and localcustomersFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013UserControlProviderControlCompute Storage NetworkHardwareOwnershipLayerVirtualizationLayerWeb Server RuntimeIaaSPaaSLayer 0Layer 4Layer 3Layer 2Layer 1Layer 5Layer 7Layer 6Limits of access, control, & visibilityDeveloperToolsApplication-layer: above provider control & access6ApplicationLayerFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013PhysicalLayerSDN Market can be divided into 2 segments1. Application Controlled• CohesiveFTVNS3• Cisco Cloud Service Router• Citrix CloudBridge2. Provider Controlled• Nicira/VMware• Open vSwitch• Cisco Nexus 1000v• IBM• Cisco• JuniperSoftware Defined Network - Market Segments7VirtualLayerApplicationLayerCloud InstanceOSApp StackProviderControlledHypervisorHardwareComputeStorageNetworkMultiplexed access to:AppControlled} OpenFlowLayer 0Layer 4Layer 3Layer 2Layer 1Layer 5Layer 7Layer 6Perimeter of access, control, & visibilityFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Overlay networks can solve common pain points:8@cohesiveft#CFTWebinarsAttest to data in motion encryptionCapacity expansion into public cloudCloud WAN / connect to customer &partner networksFederate common, shared infrastructureLegacy Migration and IntegrationDisaster recovery / readinessFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Overlay SDN (Software Defined Network)gives control in the cloud of:• IP Addressing• Protocols• NetworkTopology• Security• Separate network identity from location•Configure in a mesh for high availability•Overlay across multiple clouds for geographicdistribution, & cloud federation•Rest API or UIExtendYour Network Across the Clouds withVNS39Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013VNS3 is a combination of 6 device types:FirewallDynamic & ScriptableSDNProtocol RedistributorIPsec/SSLVPNconcentratorRouter SwitchVNS3Hybrid virtualdevice able toextend tomultiple sites10Leading Overlay SDN (Software Defined Network) Appliance•Allows control, mobility & agility by separating network location and network identity•Control over IP addressing and topologyFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Security lattice: layers of control & access11Cloud networks combine with user & provider firewalls andisolation features to create a “security lattice” with layers ofsecurity.Some key security elements must becontrolled by the customer butseparate from the provider.Provider Owned/Provider ControlledProvider Owned/User ControlledVNS3 - User Owned/User ControlledUser Owned/User ControlledFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013 12Technical Use CasesFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013A technical use case preview13@cohesiveft#CFTWebinarsOther Cloud 2SingaporeOther Cloud 1New Jersey, USAOther CloudsFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Security & control: customer networking setup14@cohesiveft#CFTWebinarsApp-layer security: Firewalls& IPsec devicesControl: usersalready control andmanage everythingbelow this layerFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Security & control: IPsec connections15@cohesiveft#CFTWebinarsSecurity: IPsec tunnelswith encrypted data-in-motionControl: only provide accessto certain endpoints; separatecustomers and partnersFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Security & control: connection into cloudVMs16@cohesiveft#CFTWebinarsControl: peering andfailover for disasterrecovery / readinessSecurity: Points ofpresence &backup, withoutvendor lock-inOther Cloud 2SingaporeOther Cloud 1New Jersey, USAOther CloudsFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Cloud Address Control17VNS3 Solution:• Control static addressing of your cloud servers• Local Area Network (LAN) address extension to the cloud• Servers andTopologies behave as though the are running locally• Application centric network is portableProblem: Public Cloud addressing schemes don’t match your data centeraddressing.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Cloud Protocol Control: Multicast18Problem:• Enterprise software uses multicast protocols forservice election and service discovery.• Many public cloud providers block multicast protocolsat the user layer.VNS3 Solution:• Send multicast traffic viaVNS3 overlay networkbefore it is rejected by underlying networkinfrastructure.• Control all your protocols withVNS3.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Cloud Security Control: IPsecTunneling19VNS3 Solution:• Extend your network with industry standard IPsec.• Use your existing network security appliances (Cisco, Juniper, Netscreen, SonicWall).• Use your existing secure communication methods/practices the same as you currentlyconnect offices, data centers or partners/customers.Problem: Public cloud is accessed via public internet.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Cloud Security Control: Multiple IPsec20Problem: Cloud providers limit the number ofIPsec connections.VNS3 Solution:• VNS3 Manager enables multiple IPsec connections to acloud-based overlay network segment.• Serves as user-controlled, virtualized switch/router(uSwitch) inside the provider cloud.• Cloud deployed servers can communicate with multipleIPsec gateways via endpoint-to-endpoint encryptedconnections.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Regional Cloud Federation21VNS3 Solution:• Leverage cloud points of presence without sacrificing security and control.• Link multiple clouds for one logical group of resources.• Extend connectivity between multiple public and private cloud environments.Problem: Production cloud deployments require geo distribution for DRand points of presence.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Use Existing MonitoringTools22VNS3 Solution:• Use your existing monitoring tools for cloud deployments.• VNS3 allows you to use your existing NOC to monitor and manage devices in thedata center and the cloud.Problem: Cloud deployments cannot be connected to existing networkoperations center.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Customer-Partner and Branch Networks in Public Cloud23VNS3 Solution:• Industry standard secure connectivity to isolated servers in public cloud• Data in motion in the public cloud is encrypted.Problem: Securely connect customers, partners or branches to specificservers in shared infrastructure.Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013VNS3 Summary24FirewallDynamic & ScriptableSDNProtocol RedistributorIPsec/SSLVPNconcentratorRouter SwitchVNS3Hybrid virtualdevice able toextend tomultiple sitesLeading Overlay SDN (Software Defined Network) Appliance• Allows control, mobility & agility by separating network location and network identity• Control over end to end encryption, IP addressing and network topologyFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013CohesiveFT EuropeLondon, UKContactMe@cohesiveft.com  +44 208 144 0156CohesiveFT AmericasChicago, IL USAContactMe@cohesiveft.com+1 888.444.3962Contact Details25Follow us for news and updates:blog.cohesiveft.com @cohesiveftGet in touch:Chris Purrington, Global Sales Director- chris.purrington@cohesiveft.com +44 7962 452661Sam Mitchell, Senior Solution Architect- sam.mitchell@cohesiveft.com +44 7917 630020Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013 26Appendix 1 -VNS3 LicensesSKU License Parameters CostVNS3 Free 1 VNS3 Manager, 1 IPsecEndpoint, 5 Client PacksFree (no time limit)VNS3 Lite Edition CloudOnly1 VNS3 Manager, 0 IPsecEndpoint, 25 Client Packs$150 per monthVNS3 Lite Edition DataCenter Connect1 VNS3 Manager, 2 IPsecEndpoint, 10 Client Packs$150 per monthVNS3 SME Edition 1 VNS3 Manager, 1 IPsecEndpoint, 5 Client Packs$350 per monthVNS3 Enterprise 1 VNS3 Manager, 1 IPsecEndpoint, 5 Client Packs$750 per monthLarger Licenses additional Managers,IPsec endpoints and clientpacks can be added tothe SME and EnterpriseEditionsContact CohesiveFT Salessales@cohesiveft.comFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013 27Appendix 2Business Use CasesFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Large mutual fundsecurely bursts intopublic cloud to extendtheir HPC gridHighlightsAutomatically flex existing HPC solutionup and down by bursting into public cloud.Configure and contextualize nodesbetween data center and cloud.Used existing workload manager / gridengine software / vendor to extend theirgrid.Significantly reduced infrastructure costs,while increasing flexibility andresponsiveness.Challenge:Fund needed to extend their existinggrid on the same IP network withsecurity.Traditional high performancecomputing (HPC) environments areexpensive to own and to operate.Growing demand for faster results andequally strong push to reduce costspointed to public cloud, but could notprovide security and control.Security & Compliance ChallengesCloud IaaS and multi-tenant solutionsstill cannot provide the security of aphysical grid.SolutionSeamlessly extended the grid with anoverlay network.The fund’s cloud grid compute nodesconnected securely with a pair of highlyavailableVNS3 managers.Fund bursts into public cloud to extend HPC28Public CloudNodePrivate Data CenterNodeNodeNodeIPsecconnectionFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Scalable, pay as you gosolution to connectcloud-based apps topartner networks.HighlightsHad to connect to telco partners withpartners’ exact IP addressesConcerns over keeping customer andpartner traffic separate and secureNeeded to quickly scale up and down,with a price package to matchOverlay network segmented partnersto take control of security, addressing,and connectionThe Situation:Telco with mobile app needed toconnect cloud-based app servers toAPAC partners on the partners’ exactIP addresses.Developed a segmented overlaynetwork capable of running in multiplegeographic regions and separatingcustomer and partner data withencrypted connections.Solution used:• Overlay network• Instance-based solution using pay-as-you-go virtual appliances• Customer-defined address pools• Guarantee encryption for all data inmotion, including customer sessiontokens and payment informationMobile app developer connects on overlay29Public CloudVirtualNetworkIPsec connectionCustomer SitePartnerSiteCustomer SiteIPsecconnectionIPsecconnectionFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013European clothingdesigner wantedcreativity and capacitywithout the hardware.HighlightsCreated a fashion social networking sitewith security and cloud-based capacityWanted to scale and control capacity.Access and reliability will remain to bekey aspects of the infrastructure.Secure, encrypted data in motion andaccess to data center withVNS3The Situation:European fashion designer andwholesaler wanted to extend fashionbrand by:• Creating first ever fashion-focusedsocial site• Scaling up and down with demand• Keeping security standards highThe industry, enterprise andinfrastructure created hurdles fortraditional physical computing.VNS3 overlay network offered controlover addressing and topology forcustomer-controlled hybrid device.Solution included:• Overlay network to public cloud• Encryption for all data in motion• End-to-end encryption from datacenter to apps• Easy internal approvals for thecorporate “network police”• Perpetual license to accommodatescaling needsCapacity expansion: fashion brand grows in cloud30Public CloudPrivate DataCenterHybridCloudFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Customer SiteBPMS-as-a-SaaS without traditional complexity31Business process SaaSvendor reachescustomers withouton-site data centersor physical networks.HighlightsLarge independent logistics firmwanted to provide SaaS as subscriptionmodel without burdening clients.Hoped to scale cloud containers formore customized solutions.Removed complexity of migrating andneed to change the business model,operations.Solved end client’s issues with on-sitedata centers and large software clients.The international BPM and CRMsoftware vendor wanted to provide aSaaS offering to move customers tosubscription revenue model.Challenges:• Limited multi-tenant environments forcustomers that pass industry tests• Required connectivity without thehurdles of traditional networks, datacenters and enterprise rules• Connecting apps across differentpublic and private clouds• End customer security concernsSolution created:• Access as if it is a subnet on theirnetwork• Guaranteed encryption for all data inmotion and at rest• Overlay network that can deploy toany public cloud provider• Firm can connect their clients’software to cloud-based data centerswithout up-front, capital intenseprocessesPublic CloudCustomer SaaSdeployment 2IPsecconnectionCustomer SiteIPsecconnectionCustomer SaaSdeployment 1Friday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Threat protectionfirm extendedofferings with globalcloud points ofpresence.HighlightsGlobal reach for products and globalredundancy for security.Needed secure connections to existingdata centers and networks.Access critical infrastructure “in region”without delays or capital of physicalresources.Offered global redundancy atdramatically lower cost than traditionalinfrastructure.A global end point threat preventioncompany wanted to have global reachfor their cloud-based threat protectionand virus scanning system.Additionally, they wanted to ensureglobal redundancy using multiple clouddata centers with the potential forconnected multiple cloud providers.Challenges:• Working with multiple cloudproviders and cloud regions• Connections across clouds and downto existing physical data centers andnetworksSolution featured:• Guaranteed encryption for all data inmotion and at rest• Overlay network to federate acrossany public cloud providerEnd customers can access criticalresources without waiting for inter-continental lag times, at much lowercosts.Data Center 2Cloud WAN for global reach and redundancy32EU PublicCloudIPsecconnectionExisting Data CenterIPsecconnectionUS Public CloudFederated Multi-Cloud NetworkFailoverFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Cloud WANconnectivity withoutthe expensive assetsor contracts.HighlightsGlobal reach for products and globalredundancy for security.Needed secure connections to existingdata centers and networks.Access critical infrastructure “in region”without phsyical resources.Offered global redundancy atdramatically lower cost.A pharmaceutical information systemsfirm wanted to integrate US-basedoffices together and to integrate officesto their cloud infrastructure.Challenges:Offices had different hardware andsoftware, networks and data needs.Thefirm did not want to invest in assets orlong term contracts with vendors.Solution featured:• Guaranteed encryption for all data inmotion and at rest• Overlay network to federate acrossany public cloud provider• IPsec and data in motion encryptionCustomer created a true Cloud WANwith overlays and cloud provider.Each office connected to the cloud-based systems and also connected toeach other usingVNS3 and the cloudas the network backbone. Medical DataCenterPharmaceutical system federates infrastructure33Hospital OfficesMedicalOfficePublic CloudRegion 2IPsecconnectionPublic CloudRegion 1WANNetworkIPsecconnectionIPsecconnectionFriday, June 21, 13
    • Copyright CohesiveFT - Jun 21, 2013Coalescence: Services for the Cloud Container• Cloud migration framework•Automate your application migration to save time and money•No need to re-instal servers if cloud provider infrastructure fails or upgrades• Proven methodologies to take planned topologies to thecloud through a set of logical steps• Experience-informed services:•Cloud strategy / advisory•HPC in the cloud•Cloud training•Cloud / virtualization support•VNS3 design and implementation•Cloud deployment and security audit•Cloud active directory34AnalyzeRequestedTopologyPackaging &BundlingUnit ImplementationCluster Definition &ContextualizationCluster MasteringMulti ClusterLaunchFriday, June 21, 13