NAB and the ODCAAbout Us NAB and the ODCANational Australia Bank Group(the Group) is a financial services Part of the ODCA as a Steeringorganisation with over Committee Member since 2010.12,000,000 customers and Chair of Security Workgroup and50,000 people, operating more helped develop Security Usagethan 1,750 stores and Service Models.Centres globally.Currently developing our InternalPrivate Cloud Capability. 3
Challenges and Role of Usage ModelsChallenges Usage Models• Common understanding • Usage models developed of security standards to overcome these issues is a big hurdle to enterprise cloud adoption • Provider assurance• Very difficult to determine • Security monitoring “what is secure” • Bronze/Silver/Gold/Platinum 4
ODCA Proof of Concept ProcessPre-engagement Project Project ProjectMatch Making Planning Execution Closure• SP checklist • Generate/Agree on • Acquire equipment, • Reports submitted statement of work SW, and licensing • WG feedback• Members select SP • Determine PM • Configure Test bed method • Demos• Initiate kick-off • Execute test meeting • Generate test plan plan/document • Other• WG, steering comm. • WG approval notified of test plan REAL WORLD SOLUTIONS built on industry driven guidelines PM = Project Management, SP= Solution Provider, SW = Software, WG = Work Group, 5
Terremark Vision for Enterprise CloudCore CapabilitiesPurpose-Built Data CentersSecure and Isolate Customer DataAutomated and EfficientProgrammable with Application ServicesAttributesGlobalExtensible Hybrid CapabilityService LevelsSimplicity of UsePredictability and ControlInvestmentExpansionExpertise and People Globally DeliveredNew Solutions and Markets from World-Class Facilities 8
Virtual Farm with Intelligent NetworkingThe Building Block of Your EnvironmentThe virtual farm creates the individual customer network constructand delivers a secure and resilient configuration to access and protectcustomer data. Directly provisioned from the portal Virtual Farm N Virtual Carves out secure access to resources Load Balancer and creates customer VLAN Virtual Firewall Every virtual farm contains: • Virtual Firewall DMZ Network • Virtual Load Balancer Trusted (Public IP-Facing) Network Two-tiered networking space: Server Server • Trusted network accessible only to other CaaS servers Resources Resources • DMZ network can be configured for Public IP-facing applications Virtual Farm is key part of security story Storage 9
ODCA Gold Provider AssuranceTerremark Verizon Managed CloudCloud Subscriber Security Infrastructure Internet CP Firewall 01 ODCA Gold Remote Connections Name: CP Bastion 02 Name: CP Bastion 01 Firewall 01 CP Load Server OS: RH Linux Server OS: Windows 2003 Balancer Remote Sites Role: Remote Access Role: Remote Access DMZ CP Firewall 02 SecApp02 SecApp01 WebApp02 WebApp01 Server OS: Windows 2003 Server OS: Windows 2008 Server OS: RH Linux Server OS: RH Linux Role: ODCA Gold Demos Role: Security Management Role: Application Server Role: Application Server ODCA Gold Firewall 02 Internal Network SecMgmt01 SecScanner01 SecSIEM01 SecPol01 SecDB01 Server OS: Windows 2003 Server OS: Windows 2003 Server OS: Windows 2008 Server OS: Windows 2008 Server OS: Linux Red Hat 5.6 Role: Directory Services Role: Vulnerability Scanner Role: Log Management Role: Policy Management Role: Database Server 10
Testing Methodology1. Assess Provider Assurance Requirements2. Identify Security Technologies and Provider Policies Needed to Support the Solution3. Implement ODCA Solution: • Trapezoid Interoperability Lab • Terremark Managed VMware Cloud • Applied Innovations HyperV Cloud4. Security Monitoring 12
ODCA Gold Assurance: ChallengesProviders don’t perform Proof of Concepts Stepsmany of the securityrequirements yet 1. Multiple service providers 2. 8 test cases covering provider assurance requirementsSurfacing data from toolsthat aren’t truly multi- 3. Subscriber validation oftenant requirements 4. Also designing a portal thatAll security requirements provides a web interface toneeds to be in place prior to tools that have multiple viewsthe security monitoring and reports for Platinum ODCAreports 13
ODCA Gold Assurance: ResultsCurrently no service providers are meeting all of therequirementsService Providers must work more closely with cloudsubscriberThird party security providers can help facilitate the processby adding layers of security required by each assurancelevel 14
Impact of PoC Elements of usage modelUsage model developed well defined, however somewith best intention controls difficult to assess and/or implement Further refinement of thePurpose of the PoC was usage model to come to allowto determine whether the the more broad adoptionstandards we’d created of these tiered offerings,were implementable including distinction between managed/unmanaged service 15
RFP / AdoptionAdditional refresh of usage model to take into accountresults of the PoCRFP requirements also refined as part of this processYour Opportunity:Learn from this POC to form your organizational strategy.Demand secure and standard solutions based on ODCA requirements 16
Resources Learn the latest about ODCA requirements PRIORITIZE at www.opendatacenteralliance.org Use ODCA PEAT Tool for Upcoming RFPs DELIVER Explore the Latest Solutions at ODCAs Cloud Expo Showcase Booth #411 Actively Participate in Todays Sessions #Forecast12 SHARE Scale your Knowledge with ODCA MEET
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.