Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securing the Cloud Within and Between Data Centers

1,055 views

Published on

Looking at data center and cloud trends, security challenges, security solutions and what's new: virtual ASA, vCloud Director Integration

Published in: Technology
  • Be the first to comment

Securing the Cloud Within and Between Data Centers

  1. 1. Securing the Cloud Within and Between Data CentersPrashant GandhiSr. Director, Server Access & VirtualizationFebruary 2012
  2. 2. • Data Center & Cloud Trends• Security Challenges• Security Solutions Nexus 1000V – secure switching for VMs Virtual Security Gateway (VSG) – virtual firewall• What’s New Virtual ASA, vCloud Director Integration• Resources© 2010 Cisco and/or its affiliates. All rights reserved. 2
  3. 3. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management© 2010 Cisco and/or its affiliates. All rights reserved. 3
  4. 4. Data Center Technology Investment Drivers Incease Security 76% Decrease Downtime 70% Data Storage/Backup 69% Decrease Operating Costs 68% Virtualization 66% Drivers Improve Management Capability 66% Consolidate Data Centers 65% Iimprove Scalability 62% Consolidate Equipment 59% Centralize IT Services 58% Enable a New Application 55% Higher Energy Efficiency/Green Initiatives 50% 0% 10% 20% 30% 40% 50% 60% 70% 80% Percent of Respondents Rating 6 or 7Source: Data Center Deployment Strategies: North American Enterprise Survey, Infonetics, February 2011.© 2010 Cisco and/or its affiliates. All rights reserved. 4
  5. 5. Highly Scalable Partner Solution Processes Massive Workloads Elements App App App Desktop O/S Desktop Virtualization Dynamic Hypervisor Delivers On-Demand Services Storage VDI Broker Intelligent Supports Different Unified Unified Unified Applications and Data Types Fabric Network Services Computing Cisco Data Center Security: Business Advantage Framework Requires the Same Demands Consolidation, Virtualization, Automation, and Cloud© 2010 Cisco and/or its affiliates. All rights reserved. 5
  6. 6. Network Security Virtualization Security Secure Access • ASA 5585-X with • Nexus® 1000V switch: • Cisco AnyConnect firewall and IPS a distributed virtual • TrustSec switch • ASA Services • Identity Services Module • Virtual Security Engine Gateway (VSG): • Cisco Security Zone-based virtual FW • SaaS gateway Intelligence (cloud security) Operations (SIO) • ASA 1000V: Tenant- edge virtual FW • Cisco Security Single Manager point, integrated, sec urity© 2010 Cisco and/or its affiliates. All rights reserved. 6
  7. 7. PHYSICAL VIRTUAL CLOUD WORKLOAD WORKLOAD WORKLOAD • One app per Server • Many apps per Server • Multi-tenant per Server • Static • Mobile • Elastic • Manual provisioning • Dynamic provisioning • Automated Scaling HYPERVISOR VDC-1 VDC-2 Nexus 7K/5K/3K/2K Nexus 1000V, VM-FEX WAAS, ASA, NAM, ACE Virtual WAAS, VSG, ASA 1000V UCS for Bare Metal UCS for Virtualized Workloads© 2010 Cisco and/or its affiliates. All rights reserved. 7
  8. 8. • Policy applied to VM zones Virtual • Dynamic, scale-out operation VSG, Security • VM context based controls ASA 1000V • Segment internal network FWSM Internal • Policy applied to VLANs ASA-SM Security • Application protocol inspection • Virtual Contexts ASA 55xx • Filter external traffic Internet • Extensive app protocol support Edge • VPN access, Threat mitigation ASA 55xx© 2010 Cisco and/or its affiliates. All rights reserved. 8 *Demonstrated at VMWorld 2011
  9. 9. click here© © 2010 Cisco and/or its affiliates. All rights reserved. 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

×