Virtualize More: Secure Cloud Scaling  Grow Fast, Stay Nimble, Reduce Risk  Second in a three-part series for IT and Secur...
Overview Speakers What are the key business drivers for the virtualization security  blueprint? What guidance can you s...
Speakers Doug Brown, Founder  DABCC Ken Sigel, Systems Engineer  HyTrust Eric Chiu, President & Co-Founder  HyTrust© 20...
HyTrust Backgrounder Founded: Fall 2007 Headquarters: Mountain View, CA Venture Funding: $16 million Strategic Partner...
What are your virtualization priorities heading into 2012?      (Pick Top Priority)       Maximize performance and availa...
How are you addressing security concerns in your virtualized      environments? (Pick Top One)       Traditional infrastr...
Key Drivers - Business Trends  Virtualize More… Analyst research shows market is now 52% virtualized,  with many organizat...
Key Drivers - Business TrendsNetworkWorld Top Initiatives Survey 09/2011 #1 86% Server Virtualization #2 79% Tier-one Ap...
Virtualization platform effects on security                                 Abstraction and Consolidation                 ...
Virtualization containers effects on security                             Fuzzy Time Boundaries                           ...
Key Drivers - Proactively Protect and Secure Your IP87%                        Percentage of companies that               ...
Best Practices and Guidance – Secure Cloud Infrastructure CIO.com IT Execs Survey of Top 5 Concerns for VI  #1. Managing ...
Best Practices and Guidance – Secure Cloud Infrastructure CIO.com IT Execs Survey of Top 5 Concerns for VI  #3 is Visibil...
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             14
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             15
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             16
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             17
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             18
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             19
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             20
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             21
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             22
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             23
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             24
Policy Automation Increases Admin Speed and Accuracy Fallback is screenshots with audio© 2012, HyTrust, Inc. www.hytrust....
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             26
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             27
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             28
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             29
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             30
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             31
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             32
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             33
Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com             34
Best Practices and Guidance – What Can You Do Today?Give right access to right people in your virtual infrastructure Cut ...
Best Practices and Guidance – What Can You Do Today?Create the business case for change Show costs of Not doing it (i.e. ...
 eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com   37
 eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com   38
 eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com   39
 eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com   40
Upcoming SlideShare
Loading in …5
×

Virtualize More: Secure Cloud Scaling-Grow Fast, Stay Nimble, Reduce Risk

378 views
318 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
378
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Virtualize More: Secure Cloud Scaling-Grow Fast, Stay Nimble, Reduce Risk

  1. 1. Virtualize More: Secure Cloud Scaling Grow Fast, Stay Nimble, Reduce Risk Second in a three-part series for IT and Security professionals responsible for virtualization and data center security, architecture, and management 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com© 2012, HyTrust, Inc. www.hytrust.com 1
  2. 2. Overview Speakers What are the key business drivers for the virtualization security blueprint? What guidance can you share for planning security policy management and automation initiatives in virtual environments? Can we see a deep dive into logging, policy automation, and access control to help us work faster, smarter, and with less risk? Summary Q&A© 2012, HyTrust, Inc. www.hytrust.com 2
  3. 3. Speakers Doug Brown, Founder DABCC Ken Sigel, Systems Engineer HyTrust Eric Chiu, President & Co-Founder HyTrust© 2012, HyTrust, Inc. www.hytrust.com 3
  4. 4. HyTrust Backgrounder Founded: Fall 2007 Headquarters: Mountain View, CA Venture Funding: $16 million Strategic Partners: Awards & Top Ten Lists: VMworld 2009 Best of Show, VMworld 2009 Gold, VMworld 2010 Finalist, TechTarget 2009 Product of the Year, RSA Innovation Sandbox 2009/2010 Finalist, SC Magazine 2010 Rookie Company of the Year, Network World Startup to Watch 2010, InfoWorld Tech Company to Know 2010, Forbes “Who’s Who” in Virtualization, Red Herring 2010 North America winner, Gartner Cool Vendor 2011© 2012, HyTrust, Inc. www.hytrust.com 44
  5. 5. What are your virtualization priorities heading into 2012? (Pick Top Priority)  Maximize performance and availability with sophisticated monitoring  Continue to increase consolidation ratios by virtualizing tier-one applications  Better management of existing virtual environments  Standardization of hypervisors and/or platforms  Become compliant and/or other organizational mandates (i.e. 25% quota for Federal organizations…)  Only maintain at this point © 2012, HyTrust, Inc. www.hytrust.com© 2011, HyTrust, Inc. www.hytrust.com 5
  6. 6. How are you addressing security concerns in your virtualized environments? (Pick Top One)  Traditional infrastructure tools with NO specific provisions for virtualization  Traditional infrastructure tools with specific provisions for virtualization  Utilize virtualization-specific security tools provided by virtualization vendor  Utilize third-party security tools designed for VMs  Utilize third-party virtualization-only security tools  No security provisions in place © 2012, HyTrust, Inc. www.hytrust.com© 2011, HyTrust, Inc. www.hytrust.com 6
  7. 7. Key Drivers - Business Trends Virtualize More… Analyst research shows market is now 52% virtualized, with many organizations goaled to be 75% virtualized by 2014. * Virtualize More Securely… “Virtualization increases security risk by 60%.”***Forrester Research CISO’s Guide to Virtualization Security**Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 2010 © 2012, HyTrust, Inc. www.hytrust.com 7
  8. 8. Key Drivers - Business TrendsNetworkWorld Top Initiatives Survey 09/2011 #1 86% Server Virtualization #2 79% Tier-one Application Virtualization #4 Cloud Scaling Initiatives #6 Security (mainly ID Mgmt and Next-gen firewalls)© 2012, HyTrust, Inc. www.hytrust.com 8
  9. 9. Virtualization platform effects on security Abstraction and Consolidation Capital and Operational Cost Savings New infrastructure layer to be secured and subject to compliance Greater impact of attack or misconfiguration Collapse of Switches and Faster Deployment in Servers into One Device Shared Environment Flexibility IT responsiveness Cost-savings Inconsistencies in configuration Lack of visibility and control for virtual network and storage Physical change processes ineffective No separation of church and state (network, security, storage Inadequate tenant administration) segmentation© 2012, HyTrust, Inc. www.hytrust.com 9
  10. 10. Virtualization containers effects on security Fuzzy Time Boundaries Great availability / recovery mechanism Security and audit events can be lost Changes in time are not visible from inside the virtual server VM Encapsulation VM Mobility Ease DR Hardware Independence Improved Service Levels Outdated offline systems Identity divorced from Unauthorized copy physical location Reconfiguring virtual hardware Policies may not follow and console access are over the virtual machine network operations 10 © 2012, HyTrust, Inc. www.hytrust.com
  11. 11. Key Drivers - Proactively Protect and Secure Your IP87% Percentage of companies that have experienced a data breach — IT Compliance Institute48% Percent of all breaches that involved privileged user misuse — Verizon report, 201074% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute© 2012, HyTrust, Inc. www.hytrust.com 11
  12. 12. Best Practices and Guidance – Secure Cloud Infrastructure CIO.com IT Execs Survey of Top 5 Concerns for VI  #1. Managing oversight and responsibility The specifics  Host Management  Privileged User Management © 2012, HyTrust, Inc. www.hytrust.com 12
  13. 13. Best Practices and Guidance – Secure Cloud Infrastructure CIO.com IT Execs Survey of Top 5 Concerns for VI  #3 is Visibility and Control The specifics  Audit-quality Logging  Complete Reporting  Policy Engine © 2012, HyTrust, Inc. www.hytrust.com 13
  14. 14. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 14
  15. 15. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 15
  16. 16. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 16
  17. 17. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 17
  18. 18. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 18
  19. 19. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 19
  20. 20. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 20
  21. 21. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 21
  22. 22. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 22
  23. 23. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 23
  24. 24. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 24
  25. 25. Policy Automation Increases Admin Speed and Accuracy Fallback is screenshots with audio© 2012, HyTrust, Inc. www.hytrust.com 25
  26. 26. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 26
  27. 27. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 27
  28. 28. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 28
  29. 29. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 29
  30. 30. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 30
  31. 31. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 31
  32. 32. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 32
  33. 33. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 33
  34. 34. Policy Automation Increases Admin Speed and Accuracy© 2012, HyTrust, Inc. www.hytrust.com 34
  35. 35. Best Practices and Guidance – What Can You Do Today?Give right access to right people in your virtual infrastructure Cut back or eliminate access rights for those not on the projects Manage networks Take full inventoryAutomate to drive scalability Consider management tools to streamline workflow Drive security policy automation to prevent mistakes © 2012, HyTrust, Inc. www.hytrust.com 35
  36. 36. Best Practices and Guidance – What Can You Do Today?Create the business case for change Show costs of Not doing it (i.e. 87%) Be proactive and collaborative with IT, Security to understand and identify the business problem Create a planDon’t be scared! © 2012, HyTrust, Inc. www.hytrust.com 36
  37. 37.  eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com 37
  38. 38.  eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com 38
  39. 39.  eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com 39
  40. 40.  eric@hytrust.com ksigel@hytrust.com dbrown@dabcc.com© 2012, HyTrust, Inc. www.hytrust.com 40

×