Your SlideShare is downloading. ×
0
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Security of the Cloud
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Security of the Cloud

636

Published on

According to Forrester, security is one of the top barriers to cloud computing. While cloud computing increases business agility, scalability, and efficiency, it also introduces new security risks and …

According to Forrester, security is one of the top barriers to cloud computing. While cloud computing increases business agility, scalability, and efficiency, it also introduces new security risks and concerns in areas such as increased attack surface, ownership/responsibilities and shared environments. This presentation will outline the complex challenges and how Cisco cloud security offerings help customers take a strategic and architectural approach to cloud adoption. Also, find out how Cisco cloud security solutions dovetail with Cisco Data Centre and Borderless Networks services to deliver high performance and operational simplicity.

Published in: Technology, Business
0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
636
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
6
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Security of the Cloud John Johnson PSN Solutions Architect Date: 19th October 2011© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
  • 2. Next Steps Problems Solutions© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
  • 3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
  • 4. Cloud Hype Cloud Computing Grid Computing Cluster Computing
  • 5. Visual Model of NIST’s Working Definition Pro’s & Cons of Cloud Computing Essential Characteristics Measured C ommon implies multi- Rapid Elasticity Service tenancy Broad Network On- Resource LSelf Service ocation-independent Demand Access Pooling O nline Service Delivery Models U tility implies pay-for-use Infrastucture pricing Service (PaaS) as a Service Software as a Service (SaaS) Platform as a (IaaS) D emand implies ~infinite, ~immediate, ~invisible Deployment Models scalability Public Private Hybrid Communityhttp://www.csrc.nist.gov/groups/SNS/cloud-computing/index.html Source:http://blogs.zdnet.com/Hinchcliffe © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
  • 6. Internet Cloud Security Services Email Web Secure Mobility© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
  • 7. Cloud Security ServicesPublicCloud Securing Cloud Access Chris Hoff© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
  • 8. Virtualized Private App Servers Cloud Security Services Cloud Securing Cloud Access Security Cloud Infrastructure Chris Hoff© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
  • 9. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
  • 10. CSA: Security Guidance for Critical Areas ofFocus in Cloud Computing Cloud Computing Architectural Framework Governing in the Cloud Operating in the Cloud Governance & Enterprise Traditional Security Risk Management Data Center Operations Legal & eDiscovery Incident Response Compliance and Audit Virtualization Identity & Access Management Data Life Cycle Management Application Security Portability & Interoperability Encryption & Key Management© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
  • 11. Cloud Risk Domains1. Data Security – Ownership2. Identity Access Control3. ! Insider Abuse & Privilege SaaS !4. Internet Threats IaaS PaaS Information IT & Business Security Readiness 5. Compliance ! 7. ! Availability 6. Service Location 8. Monitoring Control & Availability & Compliance Performance© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
  • 12. ApplicationApplication Middleware Database Server Operating System Hypervisor StorageCPU Networking Backup YOUR DATA Datacenter (Power, Cooling, Physical Security) Consumer Providers Responsibility Responsibility
  • 13. ApplicationApplication Middleware Database Server Operating System Hypervisor StorageCPU Networking Backup YOUR DATA Datacenter (Power, Cooling, Physical Security) Consumer Providers Responsibility Responsibility
  • 14. ApplicationApplication Middleware Database Server Operating System Hypervisor StorageCPU Networking Backup YOUR DATA Datacenter (Power, Cooling, Physical Security) Consumer Providers Responsibility Responsibility
  • 15. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
  • 16. Cloud Standards Coordination Compliance Targeted Trust Facilitation Mechanisms© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
  • 17. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
  • 18. 1. Identity and Access Management 2. Data Loss Prevention 3. Web Security 4. Email Security 5. Security Assessments 6. Intrusion Management 7. Security Information and Event Management 8. Encryption 9. Business Continuity and Disaster Recovery 10. Network Security Source: https://cloudsecurityalliance.org/research/working-groups/security-as-a-service/© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
  • 19. 3 Email SaaS Customer Outbound Control: Apply DLP and encryption policies Cisco IronPort Email Security Services Providing industry-leading 2 email security with choice Pass Clean Email Cloud • Hybrid • Managed Key Service Attributes Data Centers Dedicated infrastructure Co-managed access Centralized tracking & reporting 1 Inbound Hygiene: Removes spam and viruses© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
  • 20. Web SaaS Malware Protection: Content analysis to detect and block all malware 3 Cisco ScanSafe Web 2 Policy Security Services Enforcement: - All outbound Delivering market-leading traffic is web security & visibility passed Anti-Malware Web Filters Application through Key Service Attributes Controls defined policy Zero day malware protection Multi-tenant infrastructure Cloud redirection: On-demand capacity 1 Web traffic is forwarded directly to the cloud© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
  • 21. Corporate User ScanSafe IronPort WSA Transparent Redirect AnyConnect ISR or ASA Form Factor Choice Common functionality Split Services DLP, SIEM integration Simplified Deployment Easily leverage the cloud Roaming User© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
  • 22. Always On Always Secure Always Simple Mobile User Internet Café Mobile Internet© 2010 Cisco and/or its affiliates. All rights reserved. User Café Cisco Confidential 22
  • 23. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
  • 24. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
  • 25. Deep Structural Virtualized Content Content Script Analysis Investigation Emulation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
  • 26. Deep Structural Virtualized Content Content Script Analysis Investigation Emulation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
  • 27. Identified: Malicious Malware Content: redirect Obfuscated Javascript Content: PDF Scanning Tower: 133b 22d Requests Server: 93a2 421h6 Action: Blocked Deep Structural Virtualized Content Content Script Analysis Investigation Emulation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
  • 28. Detailed visibility Complete flexibility Real-time data Results in seconds Attributes All data stored in the cloud User Business Forensic Behavior Intelligence Report Analysis Insight Generation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
  • 29. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
  • 30. Number of SaaS Services Rendered Early 2000s 2010 Year© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
  • 31. Corporate Office Cisco IronPort Web Security Appliance/ SaaS Gateway Branch Office Home Office AnyConnect Secure Mobility User Directory Client No Direct Access Visibility | Centralized Enforcement | Single Source Revocation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
  • 32. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
  • 33. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
  • 34. Virtualized Multi-Tenant Data Center Smart Business Architecture (SBA) SecureX architecture Small Business Pro Foundation (SBPF) Solution 2.x (VMDC) Secure Network Foundation (SNF) • Next-Generation, Context-aware Security Architecture • Focus on end-to-end secure network, / SP)upon Enterprise class portfolio • Builds cloud providers (Enterprise built • Recommends Enterprise/SP class security • Basic Network Security (Firewall, IPS, VPN) Offering services in the network Client Recommended Security Solutions • TrustSec / Anyconnect Secure Mobility can be done TODAY and solutions Nexus 1000V, Virtual Security Gateway, • • • Cisco:ASA Firewall independent would be OS with SecureX module • FWSM, ACE, ASA, Nexus 1000v • SA 500 / SR 520 (SBPF) • 3rd party: vShield, NetApp vFiler • ISR / ASA (SNF)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
  • 35. Cloud Services / Applications (including the software to automate / orchestrate the software / application)Cloud Infrastructure Orchestration SoftwareOrchestration /Management Infrastructure Abstraction / Management Software Assurance SoftwareDCI / Hybrid Data Center Interconnect Scalable, Multi-Tenant Scalable, Multi-Tenant L2/3 DC Networking L2/3 DC Networking Security Features L4-7 Security Features L4-7Cloud Services ServicesInfrastructure Integrated Integrated(aka VMDC) Integrated Compute Stack Integrated Compute Stack Integrated –Compute Stack Vblock, Integrated Integrated –Compute Stack Vblock, Integrated FlexPod, etc. Stack –Compute Vblock, FlexPod, etc. Stack –Compute Vblock, FlexPod, etc. Stack –Compute Vblock, FlexPod, etc. Stack –Compute Vblock, – Vblock, FlexPod, etc. – Vblock, FlexPod, etc. FlexPod, etc. FlexPod, etc. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
  • 36. VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Nexus 1000V vPath vPath Distributed VirtualVirtual Switch Distributed Switch Ready for upgrade VSG© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
  • 37. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
  • 38. Enabling Providers to offer trusted Cloud solutions & services Tailored Solutions Rich Ecosystem with Accelerate the Use for Building Clouds Integrated Solutions of Cloud Services Research In Motion SAMSUNG Enable customers to Enable customers to Enable customers to deploy cloud services build and operate deploy tested, best to collaborate and public or private clouds of breed solutions secure their business© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
  • 39. Thank you.© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
  • 40. YOUR YEAR-ROUND IT RESOURCE – access to everything you’ll need to know
  • 41. THE WHOLETECHNOLOGY STACKfrom start to finish
  • 42. COMMENT & ANALYSISInsights, interviews and the latest thinking on technology solutions
  • 43. VIDEOYour source of live information – all the presentations from our live events
  • 44. TECHNOLOGY LIBRARY Over 3,000 whitepapers,case studies, product overviews and press releases from all the leading IT vendors
  • 45. EVENTS, WEBINARS & PRESENTATIONS Missed the event? Download the presentations thatinterest you. Catch up with convenient webinars. Plan your next visit.
  • 46. DirectoryA comprehensive A-Z listing providing in-depth company overviews
  • 47. ALL FREE TO ACCESS 24/7
  • 48. online.ipexpo.co.uk

×