• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
How To Move Your Data Center To The Cloud - Chris Brenton of Dyn
 

How To Move Your Data Center To The Cloud - Chris Brenton of Dyn

on

  • 304 views

Dyn Director of Security Chris Brenton prepared these slides as part of a webinar on how to move your data center to the cloud.

Dyn Director of Security Chris Brenton prepared these slides as part of a webinar on how to move your data center to the cloud.

Statistics

Views

Total Views
304
Views on SlideShare
264
Embed Views
40

Actions

Likes
0
Downloads
4
Comments
0

3 Embeds 40

http://dyn.com 38
http://de.dyn.com 1
http://es.dyn.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    How To Move Your Data Center To The Cloud - Chris Brenton of Dyn How To Move Your Data Center To The Cloud - Chris Brenton of Dyn Presentation Transcript

    • How to Move Your Data Center To A Cloud Infrastructure January 22, 2014 Chris Brenton Director of Security
    • Your Presenter Chris Brenton - Director of Security @Chris_Brenton cbrenton@dyn.com Pg. 2 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What We’ll Cover • Background on industry trends • Strengths and weaknesses of each cloud service and deployment model • Security options Pg. 3 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • New Era of Computing • Mainframe/mini = Generation 1 • PC client/server = Generation 2 • Hybrid cloud = Generation 3 – No single deployment model – Hit its stride in 2010 Pg. 4 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • An Automotive Analogy • The 1960s: o Easy to work on o Extremely inefficient (poor power and mileage) Pg. 5 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • An Automotive Analogy • The 1980’s: o Change fluids and that’s about it o 50% improvement in power and mileage Pg. 6 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • An Automotive Analogy • The 2000s: o Outsource just about everything to specialists o 200%+ improvement in power and mileage Pg. 7 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Private or Public Cloud Infrastructure? • Private -- Do it all yourself o You maintain control and all responsibility o You need to staff accordingly o Greater flexibility Pg. 8 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Private or Public Cloud Infrastructure? • Public -- Outsource to specialists o Easier to focus on core product(s) o Less staffing concerns o Speed of scale Pg. 9 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Definitions: Tenant and Provider • Tenant o Entity consuming the resource(s) o This could be your customers o This could be other internal workgroups Pg. 10 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Definitions: Tenant and Provider • Provider o Entity managing the resource(s) o This could be your Operations group o This could be a 3rd party company Pg. 11 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Gen2 Computing Pg. 12 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Gen3 Computing Pg. 13 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Gen3 Computing SMB Pg. 14 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Déjà vu – Laptops As A Model • We’ve dealt with mobile workloads in the past Pg. 15 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Déjà vu – Laptops As A Model • We’ve dealt with mobile workloads in the past • Workstations used to only reside on desks Pg. 16 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Déjà vu – Laptops As A Model • We’ve dealt with mobile workloads in the past • Workstations used to only reside on desks • Laptops opened up the possibility of working from anywhere Pg. 17 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Déjà vu – Laptops As A Model • Security needed to change from being network based to host based Pg. 18 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Déjà vu – Laptops As A Model • Security needed to change from being network based to host based • Expect similar to occur with mobile workloads – Shared resources means host based technology must be reworked prior to use Pg. 19 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Models • Infrastructure as a Service (IaaS) o Provider supplies platform o Tenant loads OS and all apps Pg. 20 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Models • Platform as a Service (PaaS) o Provider supplies platform and stack o Tenant provides custom apps Pg. 21 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Models • Software as a Service (SaaS) o Provider supplies OS, stack and apps o Tenant hits the ground running Pg. 22 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Model Examples • IaaS o Amazon Web Services (AWS) o Rackspace Cloud Hosting Pg. 23 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Model Examples • IaaS o Amazon Web Services (AWS) o Rackspace Cloud Hosting • PaaS o Original Microsoft Azure o VMware Cloud Foundry Pg. 24 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Cloud Model Examples • SaaS o Dyn o Salesforce Pg. 25 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Deployment Model Tradeoffs • IaaS o Provider generates the lowest level environment o More work for tenant to deploy app o More tenant control to implement security Pg. 26 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Deployment Model Tradeoffs • SaaS o Nearly turnkey solution for app deployment o Least amount of tenant control and flexibility Pg. 27 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Deployment Model Tradeoffs • PaaS o Sits in the middle Pg. 28 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Delineation of Responsibility Pg. 29 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What Are My Security Options? Pg. 30 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Extending The LAN Into The Cloud Pg. 31 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • LAN Extended Challenges • Increases load on corporate link o Today we’re mobile o Limits public cloud scaling • Increase load on perimeter infrastructure Pg. 32 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • LAN Extended Challenges • Negates network benefits o Provider load balancing o Multi-peer points o Geo-location DNS o Higher latency • No protection within virtual infrastructure Pg. 33 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Virtual Appliance Management Pg. 34 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Virtual Appliance Architecture Pg. 35 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What About Introspection? • Hypervisor based security o Has visibility into all VMs Pg. 36 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What About Introspection? • Hypervisor based security o Has visibility into all VMs • Single point of management o For a specific hypervisor deployment Pg. 37 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What About Introspection? • Do you want other tenants to have access to your hypervisor? Pg. 38 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • What About Introspection? • Do you want other tenants to have access to your hypervisor? • Do you want your provider to have nonauditable access to your VMs? o Can break segregation of duties Pg. 39 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Host-Based Architecture Consistent architecture (and risk abatement) regardless of deployment Pg. 40 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Why Host Based Firewalls? • Tenant controlled – Provider gains no additional access Pg. 41 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Why Host Based Firewalls? • Tenant controlled – Provider gains no additional access • Supported across all cloud infrastructures Pg. 42 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Why Host Based Firewalls? • Tenant controlled – Provider gains no additional access • Supported across all cloud infrastructures • Consistent management across all cloud deployments Pg. 43 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Why Host Based Firewalls? • Tenant controlled – Provider gains no additional access • Supported across all cloud infrastructures • Consistent management across all cloud deployments • Security is portable with the VM Pg. 44 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Why Host Based Firewalls? • Tenant controlled – Provider gains no additional access • Supported across all cloud infrastructures • Consistent management across all cloud deployments • Security is portable with the VM • Mitigate potential risks from vswitch or VLANs Pg. 45 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Consistency is Key to Security • Customization is common in small business Pg. 46 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Consistency is Key to Security • Customization is common in small business • Focus is on getting the product to market – “We’ll worry about maintaining it later” Pg. 47 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Consistency is Key to Security • Enterprise needs to play “the long game” Pg. 48 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Consistency is Key to Security • Enterprise needs to play “the long game” • “Snowflakes” can be an inhibitor o Reduces available resources for innovation o Can easily stunt an organizations ability to scale Pg. 49 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • One Off Server Deployment Pg. 50 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • VM Cloning Pg. 51 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Clones Should All Have • Patches to the same level Pg. 52 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Clones Should All Have • Patches to the same level • Identical configuration settings Pg. 53 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Clones Should All Have • Patches to the same level • Identical configuration settings • Same system accounts Pg. 54 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Clones Should All Have • • • • Pg. 55 Patches to the same level Identical configuration settings Same system accounts The same processes running in memory How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Clones Should All Have • • • • • Pg. 56 Patches to the same level Identical configuration settings Same system accounts The same processes running in memory Usually no reason to logon – Update master and re-clone How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • VM Clone Security = Spot The Difference Game Pg. 57 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Spot The Difference Has an additional listening port open Gold Master Pg. 58 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Spot The Difference 1 login successful on first try Gold Master Pg. 59 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Spot The Difference Missing 3 patches Missing 3 patches Gold Master Pg. 60 How to Move Your Data Center to a Cloud Infrastructure Missing 3 patches @chris_brenton
    • VM Clone Security • Can identify positive exceptions, not just negative ones o Successful login o Increased patch level Pg. 61 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • VM Clone Security • Can simplify server security o No more one off auditing! o Far easier to ID variations that matter Pg. 62 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton
    • Questions? Chris Brenton - Director of Security @Chris_Brenton cbrenton@dyn.com Pg. 63 How to Move Your Data Center to a Cloud Infrastructure @chris_brenton