Secure Enterprise Cloud
Upcoming SlideShare
Loading in...5
×
 

Secure Enterprise Cloud

on

  • 4,231 views

 

Statistics

Views

Total Views
4,231
Views on SlideShare
4,227
Embed Views
4

Actions

Likes
1
Downloads
30
Comments
0

1 Embed 4

http://www.linkedin.com 4

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Secure Enterprise Cloud Secure Enterprise Cloud Presentation Transcript

  • The Secure Enterprise CloudIndu KodukulaExecutive Vice President and Chief Technology OfficerSatish HemachandranDirector Product Management www.sungardas.com
  • Production + DR are 80+% of Enterprise Cloud Priorities What services are you planning to enhance with cloud computing? *IDG Research, 2010 © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 2
  • The Cloud Promise: COST POSITIVE FLEXIBILITY POSITIVE RISK ?? © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 3
  • And Reality Bears Out There is Risk… Jan 2011: Online image Feb 2011: Online email service provider service provider loses mistakenly deletes mails from 150K user 4,000 pictures from a accounts during a paid user’s account weekend outage © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 4
  • Traditional Enterprise IT Risks Changing Unplanned disaster Breach of security Market/Business scenarios can and policy controls conditions might significantly disrupt can lead to need you to expand regular business business and or contract capacity operations regulatory issues © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 5
  • Cloud Risks are (Mostly) Old Wine in New Bottles Security Compliance Connectivity Manageability Availability © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 6
  • Security & Compliance: Platform & Policies © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 7
  • Most Regulations Share a Common Concern:Implementation and Enforcement of Policies Tracks all access to network and  Secure Remote Access Governance, Periodic Platform and cardholder data  Role-Based Access Control Policy Audits, and Certification Documentation of  Separation of Management, actions & activities Control and Customer Planes with 6 yr data retention  Availability and Fault Isolation Organization wide security for IT  Issue Prevention, Detection, systems to support Remediation ops. and assets  Log Management Protect customer  Security and Auditing information & identify/ resolve sec. violations  Business Continuity & Disaster Recovery Financial and  Data Retention/Archival accounting functions segregation of duties © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 8
  • Layered Security with Common Base of Controls Presentation Models Identity Management Policy, Auditing, & and Platforms Compliance Application Interfaces Abstract layer hardening, Monitoring, Applications Separation, Patch and release Data Meta Content management, and policy controls Data Integration and Middleware Host hardening, Encryption, Separation and segregation (Network, Host and Abstract Connectivity Storage) Layer Performance and security monitoring Patch and release management Hardware Infrastructure Logical, Physical, and Environmental Facilities Infrastructure Security Security Detection, Response, Containment, Eradication, and Forensics © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 9
  • Creating a Secure Cloud Foundation for Enterprise • Role-based access control • ITIL v3 based services • Infrastructure security; • Security assessments and Shared vs. dedicated recommendations • Activity Logging, • Periodic Penetration tests monitoring, and detection • Strict change control Platform IT Best Security Practice Data- Compliance center Mgmt. Security • Biometric access control • Datacenter Standards • No access to shared certifications (SAS 70) infrastructure • Regulatory compliance • 24/7 Security Service; (PCI, HIPAA) CCTV for Interior/Exterior • Audit Assistance monitoring © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 10
  • Connectivity:Cloud, Non-Cloud/Hybrid © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 11
  • Choice of Connectivity to Meet Every Business Need CUSTOMERS’ CUSTOMER CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTER Public Internet Client VPN Site to Site VPN MPLS DEDICATED INTERNET CIRCUIT SUNGARD ENTERPRISE CLOUD © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 12
  • Hybrid Cloud Use Case  Leverage existing/legacy infrastructure e.g. mainframes  Integrate with other external IaaS Cloud 1 Colocation virtual clouds for burst (flex) capacity  Host applications requiring physical/dedicated and virtual systems (e.g. Oracle) Internal Cloud  Integrate with third-party hosted applications e.g. ASP, PaaS, SaaS, IaaS Cloud 2 PaaS Cloud © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 13
  • Building a Hybrid Cloud CUSTOMERS’ CUSTOMER CUSTOMER WAN/REMOTE CUSTOMER WAN/DATACENTER Public Internet Client VPN Site to Site VPN MPLS Cross Connect SUNGARD DEDICATED NETWORK INTERNET CIRCUIT SUNGARD DATACENTER SUNGARD ENTERPRISE CLOUD © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 14
  • Manageability:Monitoring and Remote Hands © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 15
  • The Cloud Management Challenge Customers are still the same • Complex architectures with point-to-point connections • Legacy platform support dependencies (Win2k, Mainframes) • Non-(x86)cloud integrations (Mainframes, Unix) Enterprise needs from cloud providers • A full portfolio of management services (OS, Database, Security) • Migration assistance and custom policies • Integration of cloud & non-cloud • Auditability of the platform and datacenter • SLA’s for the platform & service • Periodic reporting and guidance © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 16
  • Cloud Extends Traditional Management(but with different tools) Customer Applications Service and Operations Management Availability Event Patching Security Backup Monitoring Problem Management Service Provisioning Service Desk Resolution Config Mgmt Restoration Infrastructure Management Monitoring Capacity Planning Performance CPU Config Memory Config Storage Config Network Config Infrastructure © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 17
  • ITIL Based Support Process Service Desk Customer Service Delivery Verification Request for Change Request Fulfillment Incident Resolution Change Management Customer Front End Ticketing Request for Information System Service Reporting Performance Reporting Portal Service Operation Availability Reporting Configuration Reporting Tier 1 KPI and SLA Reporting CMDB Tier 2 Tier 3 Problem Management Configuration Management Aggregation Engine Correlation Event Validation Management © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 18
  • Enterprise Cloud: Platform + Automation + Process + People Intrusion Detection System – Incident Handling Process Flow System Sensor Monitors and System Users Identifies Security Event Information to users Provide additional Non-Critical and Critical Receives event Event Ticket SOC information, and Report analyzes and notifies Closed Ticket Information NOC and If no response Security Critical Event Notice NOC Information Is needed Security Office Planned Technical Analyze Triage Event Technical Response Response Execution IT Organization Proactive Other Indicators sensors and IT monitoring Operations systems Management If Management or Legal response is needed Management Closed Response Event Provide guidance External Experts and/or assistance (Forensics, legal console, etc.) Technical Focus © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 19
  • Availability:Scalability & Recovery© 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 20
  • Scalability  Customer workloads vary in their infrastructure demands. Typically: • Memory Utilization • Storage I/O • Network Throughput  Infrastructure needs to distribute/scale load • Without affecting user sessions • Without affecting other applications • Maintaining application interdependencies © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 21
  • Cloud Enables Application Availability Decreasing Availability Always Available Available Available in hours in days Cloud Apps More Complex Virtualized Apps Simple Apps Complex Apps Legacy Apps  But… autoscaling is still unattainable for many  Replication technologies still offers the most cost effective solution for the enterprise  Cloud makes availability more affordable for complex applications: database and app/web server  Cloud done right can also reduce RTO © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 22
  • Integrated Recovery: Achieving Continuous Uptime Cloud is the production environment  Backup and Restore of VMs  Active-active deployment mode Enterprise Cloud  Site-to-site recovery across multiple datacenters VMs on Cloud-site 1  Recovery of entire application with its Customer Applications dependencies (VMs and non-virtualized & Data assets) Cloud is your target recovery platform  Web-based backup/replication of data to VMs on Cloud-site 2 cloud based on industry leading technologies  VM cloning and startup Customer Data-center  Mapping of cloud-based data to recovered instances © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 23
  • SunGard Enterprise Cloud Services © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 24 24
  • SunGard Enterprise Cloud Services Vision Deliver Managed and Recovery Services for enterprise-grade applications that ensure availability of business operations © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 25
  • Fully Managed Infrastructure-as-a-Service SunGard manages all necessary compute, network, storage and security resources, offering a complete, cost-effective solution  Virtualized environment providing hypervisor and OS system services Compute  Customize your virtual machine configurations to specific requirements  SunGard Software Licensing Services options available  Broad networking options including multiple VLAN support, robust Network internet connectivity, MPLS and dedicated circuit options Storage  Managed storage with integrated backup and restore  Managed firewall and virtual private network connectivity Security  Platform built to support compliance requirements Rapid  Ability to store custom VM templates in your own private image library Provisioning  Virtualized instances deployed within minutes Management  24/7/365 management and monitoring of your virtualized infrastructure & Monitoring  99.95% availability Service Level Agreement (per month / per VM) Portal &  Customer management portal to view and request compute resources Reporting on demand © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 26
  • Cloud Services for the Enterprise  Multi-tenant enterprise cloud and dedicated private cloud  All services fully managed by SunGard’s IT experts  Infrastructure architected for compliance and security  All solutions built on enterprise-grade infrastructure  Designed for production workloads  Predictable contract pricing with flexibility for rapid response to the changing IT demands  Customized solutions designed to enterprise needs  Comprehensive consulting services provide complete Cloud Readiness Assessments and Migration services © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 27
  • Customer Deployment – Pharmaceutical Supplier Customer Solution Requirements Customer Overview • Wanted to leverage the cloud technology to implement new SAP application • Customer supports client fulfillment for health services customers (e.g., including • Needed a solution that would scale quickly pharmacies and health care providers) and efficiently (4x scale) • Small business less than generating • Required an enterprise-level solution that was revenue located in Western US fully managed by the service provider due to lack of internal expertise • New SAP implementation • Looking for a secure and compliant infrastructure Customer Buying Scenario • Leverage new technology platform to improve time to market, management, Why SunGard Enterprise Cloud Services? and scalability • Commitment to service delivery and • Implementing new SAP application and process discipline the customer had no prediction • SLA and commitment to reliability regarding growth • SunGards emphasis on compliance & process • Consultative relationship with the customer © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 28
  • Customer Deployment – Software Provider Customer Solution Requirements Customer Overview • Customer is a provider of enterprise-class • Looking to increase sales, market size, and electronic content archiving software penetration • Services include E-Discovery, compliance, • End-customers want to reduce CapEx and records management, and storage shift to OpEx budget optimization • Assists large firms in mitigating risk and managing digital assets from a single point of control and unified set of policies Why SunGard Enterprise Cloud Services? Customer Buying Scenario • Industry expertise • Datacenter security • Appeal to current customers and prospects to sell archiving software via new delivery • Reputation with financial and large method, avoiding s/w, and h/w CapEx enterprise companies • Elastic SaaS Model to support rapid build-out • SunGards emphasis on compliance and of infrastructure for on demand E-discovery process or growth for any size firm • Future investments in cloud services © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 29
  • SunGard Internal Use of Cloud  Focused on using cloud for new projects in 2011  Using cloud for: • Development • Test/QA • Production  Currently implementing projects for • Enterprise Mobility (IaaS) • Single Sign-On (IaaS) • Store Front/Billing (SaaS) • Ticketing (SaaS) • Email (SaaS) • CRM (SaaS) © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 30
  • Pragmatic Path to Enterprise Cloud Cloud Readiness Assessment Cloud Design & Architecture Cloud Implementation & Transition Steady State Production Phase I Phase II Phase III Phase IV © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 31
  • Key Solution Benefits - Summary  Highly secure and resilient platform built on IT security best practices and meeting numerous compliance standardsSecure enterprise-  Fully managed infrastructure reduces the IT administrative grade cloud burden and allows redirection of staff to strategic business initiatives  Rapid provisioning and ability to scale up and down toImproved IT agility support new business ventures and peak periods where infrastructure may only be needed for a short time & scalability  Flexible contract pricing to respond to your IT requirements  Shift from CapEx to OpEx model so you can pay as you go and only pay for what you need while experiencing fasterFinancial flexibility payback of investment & increased ROI  Reduce labor costs via elimination of time spent on day to day infrastructure management © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 32
  • © 2011 SunGard Availability Services LP. - All Rights Reserved - www.sungardas.com 33