Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Chris Swan's CloudExpo Europe presentation "Keeping control when moving applications to the cloud"

438 views

Published on

Chris Swan's CloudExpo Europe presentation "Keeping control when moving applications to the cloud"

Chris Swan's CloudExpo Europe presentation originally given 27 Feb in the Cloud Management, Services and Applications Theatre.

Keeping control when moving applications to the cloud

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Chris Swan's CloudExpo Europe presentation "Keeping control when moving applications to the cloud"

  1. 1. copyright 2014 1 Keeping Control Chris Swan, CTO @cpswan the original cloud networking company When moving applications to the cloud
  2. 2. copyright 2014 2 Agenda The lonely application NFV to extend control to cloud Security Topology Addressing Protocols Summary
  3. 3. copyright 2014 3 The lonely application
  4. 4. copyright 2014 When moving from data center to the public cloud… 4
  5. 5. copyright 2014 5 NFV to extend control to cloud
  6. 6. copyright 2014 Providers and Customers have different concerns Layer 0 Layer 4 Layer 3 Layer 2 Layer 1 Layer 5 Layer 7 Layer 6 Virtualization Layer Hardware Ownership Layer Limits of access, control, & visibility UserControl Service Provider SDN starts at the bottom of the network with the "device" and network flows. Application SDN (using NFV) begins at the top of the network with the enterprise application, its owner and their collective technical and organizational demands. 6
  7. 7. copyright 2014 7 Extend enterprise network to the cloud Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server ACloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US EMEA NFVNFV APAC
  8. 8. copyright 2014 8 Using a networking Swiss Army knife Firewall Dynamic & Scriptable SDN Protocol Redistributor IPsec/SSL VPN concentrator Router Switch NFV Hybrid virtual device able to extend to multiple sites Application SDN (Software Defined Network) Appliances • Allow control, mobility & agility by separating network location and network identity • Control over end to end encryption, IP addressing and network topology
  9. 9. copyright 2014 9 Security
  10. 10. copyright 2014 10 Extend enterprise network to the cloud Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server ACloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US EMEA NFVNFV APAC
  11. 11. copyright 2014 11 Topology
  12. 12. copyright 2014 12 Extend enterprise network to the cloud Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server ACloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US EMEA NFVNFV APAC
  13. 13. copyright 2014 13 Addressing
  14. 14. copyright 2014 14 Extend enterprise network to the cloud Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server ACloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US EMEA NFVNFV APAC
  15. 15. copyright 2014 15 Protocol
  16. 16. copyright 2014 16 Extend enterprise network to the cloud Customer Data CenterCustomer Remote Office NFV Overlay Network Subnet: 172.31.0.0/22 Overlay IP: 172.31.1.1 Overlay IP: 172.31.1.5 Overlay IP: 172.31.1.9 Overlay IP: 172.31.1.13 Overlay IP: 172.31.1.17 Overlay IP: 172.31.1.21 Cloud Server ACloud Server B Cloud Server C Cloud Server D Cloud Server E Cloud Server F Active IPsec Tunnel Active IPsec Tunnel Failover IPsec Tunnel 192.168.4.0/24 - 172.31.1.0/24 192.168.3.0/24 - 172.31.1.0/24 Firewall / IPsec Cisco 5505 Firewall / IPsec Cisco 5585 Data Center Server Data Center Server LAN IP: 192.168.4.50 LAN IP: 192.168.4.100 User Workstation LAN IP: 192.168.3.100 User Workstation LAN IP: 192.168.3.50 Chicago, IL USA Remote Subnet: 192.168.3.0/24 London, UK Remote Subnet: 192.168.4.0/24 Public IP: 184.73.174.250 Overlay IP: 172.31.1.250 Public IP: 54.246.224.156 Overlay IP: 172.31.1.246 Public IP: 192.158.29.143 Overlay IP: 172.31.1.242 Peered Peered US EMEA NFVNFV APAC
  17. 17. copyright 2014 17 Summary
  18. 18. copyright 2014 18 Applications can lose context when moved to the cloud and separated from enterprise security, management and monitoring Extend the enterprise network to the cloud using NFV to get control over: Security Topology Addressing Protocols Summary
  19. 19. copyright 2013 19 The CloudCamp Team 'Fireside Chat' - why is it still called cloud? 19 12:45 - 13:10 in Management, Services and Applications Stream
  20. 20. copyright 2014 20 Paddington, London, UK ContactMe@cohesiveft.com +44 20 8144 0156 Questions?

×