Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CohesiveFT and IBM joint EMEA Webinar - 20Jun13

637 views

Published on

CohesiveFT and IBM joint EMEA Webinar - 20Jun13

Control and secure your applications on IBM SmartCloud Enterprise with Software Defined Networking from CohesiveFT.
An IBM SmartCloud ready partner, CohesiveFT address issues of security and control to allow customers to take full advantage of cloud computing. Cohesive FT’s VNS3 Software Defined Networking is an overlay network which allows you to extend your data centers into the cloud, join clouds together and have control over end to end 256 bit encryption, IP addressing, topology and multicast protocols.

The joint IBM and Cohesive webinar aired on June 20

Published in: Technology
  • Be the first to comment

  • Be the first to like this

CohesiveFT and IBM joint EMEA Webinar - 20Jun13

  1. 1. @cohesiveft #CFTWebinars CohesiveFT - Need to control and secure your applications in the Cloud? 1
  2. 2. Copyright CohesiveFT - 14 Jun 2013 Welcome to the webinar 2 Sam Mitchell Senior Solution Architect Sam leads the technical elements of the sales cycle. He runs demos, technical qualification, technical account management, proof of concepts, technical and competitive positioning, RFI/RFP responses & proposals. Before CohesiveFT, Sam was a Cloud Solution Architect at Platform Computing, recently acquired by IBM, and Lead Architect at SITA. Your Presenters Chris Purrington Global Sales Director As Global Sales Director at CohesiveFT and Managing Director of CohesiveFT UK, Chris is responsible for worldwide sales. With over 20 years in the software industry. Chris has extensive experience in leading ISVs to success in EMEA, this includes 9+ years at Application Lifecycle Management company Borland where he was UK MD andVP UK, Ireland and Africa.
  3. 3. Copyright CohesiveFT - 14 Jun 2013 Agenda • Cloud and SDN Market Overview • What is cloud networking? • Working with cloud networks • Security & control solutions • Hybrid cloud solutions • Federated cloud solutions • Cloud networking customer use cases • Wrap up & questions 3 @cohesiveft #CFTWebinars
  4. 4. Copyright CohesiveFT - 14 Jun 2013 About CohesiveFT 4 What We DoWho We Are • Cohesive FlexibleTechnologies Corp. (CohesiveFT) • Founded in 2006 by IT and capital markets professionals with years of experience in operations, enterprise software and client- facing services • Customers have 50M+ virtual device hours in public, private, & hybrid clouds secured byVNS3 • First product launched in 2007 with followup products in 2008 and 2011 • Offices in Chicago, London, Belo Horizonte and Palo Alto • Enable enterprises to run business systems in the cloud • Our solutions help migrate, transform and extend both customer facing systems and internal operational platforms • Provide more application-centric SDN for cloud than all competition combined • Only company to promote comprehensive cloud container solution for migration, deployment and control • Cloud, vendor, and standards neutral for greater customization and control
  5. 5. Copyright CohesiveFT - 14 Jun 2013 Customers 5 ISV SaaS Integrators Self Service Enterprise VNS3 has helped secure 50M+ virtual device hours in public, private, & hybrid clouds
  6. 6. Copyright CohesiveFT - 14 Jun 2013 UserControlProviderControl Compute Storage Network Hardware Ownership Layer Virtualization Layer Web Server Runtime IaaS PaaS Layer 0 Layer 4 Layer 3 Layer 2 Layer 1 Layer 5 Layer 7 Layer 6 Limits of access, control, & visibility DeveloperTools Application-layer: above provider control & access 6 Application Layer
  7. 7. Copyright CohesiveFT - 14 Jun 2013 PhysicalLayer SDN Market can be divided into 2 segments 1. Application Controlled • CohesiveFTVNS3 • Cisco Cloud Service Router • Citrix CloudBridge 2. Provider Controlled • Nicira/VMware • Open vSwitch • Cisco Nexus 1000v • IBM • Cisco • Juniper Software Defined Network - Market Segments 7 VirtualLayerApplicationLayer Cloud Instance OS App Stack ProviderControlled Hypervisor Hardware Compute Storage Network Multiplexed access to: AppControlled } OpenFlow Layer 0 Layer 4 Layer 3 Layer 2 Layer 1 Layer 5 Layer 7 Layer 6 Perimeter of access, control, & visibility
  8. 8. Copyright CohesiveFT - 14 Jun 2013 Overlay networks can solve common pain points: 8 @cohesiveft #CFTWebinars Attest to data in motion encryption Capacity expansion into public cloud Cloud WAN / connect to customer & partner networks Federate common, shared infrastructure Legacy Migration and Integration Disaster recovery / readiness
  9. 9. Copyright CohesiveFT - 14 Jun 2013 Overlay SDN (Software Defined Network) gives control in the cloud of: • IP Addressing • Protocols • NetworkTopology • Security • Separate network identity from location •Configure in a mesh for high availability •Overlay across multiple clouds for geographic distribution, & cloud federation •Rest API or UI ExtendYour Network Across the Clouds withVNS3 9
  10. 10. Copyright CohesiveFT - 14 Jun 2013 VNS3 is a combination of 6 device types: Firewall Dynamic & Scriptable SDNProtocol Redistributor IPsec/SSLVPN concentrator Router Switch VNS3 Hybrid virtual device able to extend to multiple sites 10 Leading Overlay SDN (Software Defined Network) Appliance •Allows control, mobility & agility by separating network location and network identity •Control over IP addressing and topology
  11. 11. Copyright CohesiveFT - 14 Jun 2013 Security lattice: layers of control & access 11 Cloud networks combine with user & provider firewalls and isolation features to create a “security lattice” with layers of security. Some key security elements must be controlled by the customer but separate from the provider. Provider Owned/Provider Controlled Provider Owned/User Controlled VNS3 - User Owned/User Controlled User Owned/User Controlled
  12. 12. Copyright CohesiveFT - 14 Jun 2013 12 Technical Use Cases
  13. 13. Copyright CohesiveFT - 14 Jun 2013 A technical use case preview 13 @cohesiveft #CFTWebinars Other Cloud 2 Singapore Other Cloud 1 New Jersey, USA Other Clouds
  14. 14. Copyright CohesiveFT - 14 Jun 2013 Security & control: customer networking setup 14 @cohesiveft #CFTWebinars App-layer security: Firewalls & IPsec devices Control: users already control and manage everything below this layer
  15. 15. Copyright CohesiveFT - 14 Jun 2013 Security & control: IPsec connections 15 @cohesiveft #CFTWebinars Security: IPsec tunnels with encrypted data-in- motion Control: only provide access to certain endpoints; separate customers and partners
  16. 16. Copyright CohesiveFT - 14 Jun 2013 Security & control: connection into cloudVMs 16 @cohesiveft #CFTWebinars Control: peering and failover for disaster recovery / readiness Security: Points of presence & backup, without vendor lock-in Other Cloud 2 Singapore Other Cloud 1 New Jersey, USA Other Clouds
  17. 17. Copyright CohesiveFT - 14 Jun 2013 Cloud Address Control 17 VNS3 Solution: • Control static addressing of your cloud servers • Local Area Network (LAN) address extension to the cloud • Servers andTopologies behave as though the are running locally • Application centric network is portable Problem: Public Cloud addressing schemes don’t match your data center addressing.
  18. 18. Copyright CohesiveFT - 14 Jun 2013 Cloud Protocol Control: Multicast 18 Problem: • Enterprise software uses multicast protocols for service election and service discovery. • Many public cloud providers block multicast protocols at the user layer. VNS3 Solution: • Send multicast traffic viaVNS3 overlay network before it is rejected by underlying network infrastructure. • Control all your protocols withVNS3.
  19. 19. Copyright CohesiveFT - 14 Jun 2013 Cloud Security Control: IPsecTunneling 19 VNS3 Solution: • Extend your network with industry standard IPsec. • Use your existing network security appliances (Cisco, Juniper, Netscreen, SonicWall). • Use your existing secure communication methods/practices the same as you currently connect offices, data centers or partners/customers. Problem: Public cloud is accessed via public internet.
  20. 20. Copyright CohesiveFT - 14 Jun 2013 Cloud Security Control: Multiple IPsec 20 Problem: Cloud providers limit the number of IPsec connections. VNS3 Solution: • VNS3 Manager enables multiple IPsec connections to a cloud-based overlay network segment. • Serves as user-controlled, virtualized switch/router (uSwitch) inside the provider cloud. • Cloud deployed servers can communicate with multiple IPsec gateways via endpoint-to-endpoint encrypted connections.
  21. 21. Copyright CohesiveFT - 14 Jun 2013 Regional Cloud Federation 21 VNS3 Solution: • Leverage cloud points of presence without sacrificing security and control. • Link multiple clouds for one logical group of resources. • Extend connectivity between multiple public and private cloud environments. Problem: Production cloud deployments require geo distribution for DR and points of presence.
  22. 22. Copyright CohesiveFT - 14 Jun 2013 Use Existing MonitoringTools 22 VNS3 Solution: • Use your existing monitoring tools for cloud deployments. • VNS3 allows you to use your existing NOC to monitor and manage devices in the data center and the cloud. Problem: Cloud deployments cannot be connected to existing network operations center.
  23. 23. Copyright CohesiveFT - 14 Jun 2013 Customer-Partner and Branch Networks in Public Cloud 23 VNS3 Solution: • Industry standard secure connectivity to isolated servers in public cloud • Data in motion in the public cloud is encrypted. Problem: Securely connect customers, partners or branches to specific servers in shared infrastructure.
  24. 24. Copyright CohesiveFT - 14 Jun 2013 VNS3 Summary 24 Firewall Dynamic & Scriptable SDNProtocol Redistributor IPsec/SSLVPN concentrator Router Switch VNS3 Hybrid virtual device able to extend to multiple sites Leading Overlay SDN (Software Defined Network) Appliance • Allows control, mobility & agility by separating network location and network identity • Control over end to end encryption, IP addressing and network topology
  25. 25. Copyright CohesiveFT - 14 Jun 2013 CohesiveFT Europe London, UK ContactMe@cohesiveft.com   +44 208 144 0156 CohesiveFT Americas Chicago, IL USA ContactMe@cohesiveft.com +1 888.444.3962 Contact Details 25 Follow us for news and updates: blog.cohesiveft.com @cohesiveft Get in touch: Chris Purrington, Global Sales Director - chris.purrington@cohesiveft.com +44 7962 452661 Sam Mitchell, Senior Solution Architect - sam.mitchell@cohesiveft.com +44 7917 630020
  26. 26. Copyright CohesiveFT - 14 Jun 2013 26 Appendix 1 -VNS3 Licenses SKU License Parameters Cost VNS3 Free 1 VNS3 Manager, 1 IPsec Endpoint, 5 Client Packs Free (no time limit) VNS3 Lite Edition Cloud Only 1 VNS3 Manager, 0 IPsec Endpoint, 25 Client Packs $150 per month VNS3 Lite Edition Data Center Connect 1 VNS3 Manager, 2 IPsec Endpoint, 10 Client Packs $150 per month VNS3 SME Edition 1 VNS3 Manager, 1 IPsec Endpoint, 5 Client Packs $350 per month VNS3 Enterprise 1 VNS3 Manager, 1 IPsec Endpoint, 5 Client Packs $750 per month Larger Licenses additional Managers, IPsec endpoints and client packs can be added to the SME and Enterprise Editions Contact CohesiveFT Sales sales@cohesiveft.com
  27. 27. Copyright CohesiveFT - 14 Jun 2013 27 Appendix 2 Business Use Cases
  28. 28. Copyright CohesiveFT - 14 Jun 2013 Large mutual fund securely bursts into public cloud to extend their HPC grid Highlights Automatically flex existing HPC solution up and down by bursting into public cloud. Configure and contextualize nodes between data center and cloud. Used existing workload manager / grid engine software / vendor to extend their grid. Significantly reduced infrastructure costs, while increasing flexibility and responsiveness. Challenge: Fund needed to extend their existing grid on the same IP network with security. Traditional high performance computing (HPC) environments are expensive to own and to operate. Growing demand for faster results and equally strong push to reduce costs pointed to public cloud, but could not provide security and control. Security & Compliance Challenges Cloud IaaS and multi-tenant solutions still cannot provide the security of a physical grid. Solution Seamlessly extended the grid with an overlay network. The fund’s cloud grid compute nodes connected securely with a pair of highly availableVNS3 managers. Fund bursts into public cloud to extend HPC 28 Public Cloud Node Private Data Center Node Node Node IPsecconnection
  29. 29. Copyright CohesiveFT - 14 Jun 2013 Scalable, pay as you go solution to connect cloud-based apps to partner networks. Highlights Had to connect to telco partners with partners’ exact IP addresses Concerns over keeping customer and partner traffic separate and secure Needed to quickly scale up and down, with a price package to match Overlay network segmented partners to take control of security, addressing, and connection The Situation: Telco with mobile app needed to connect cloud-based app servers to APAC partners on the partners’ exact IP addresses. Developed a segmented overlay network capable of running in multiple geographic regions and separating customer and partner data with encrypted connections. Solution used: • Overlay network • Instance-based solution using pay-as- you-go virtual appliances • Customer-defined address pools • Guarantee encryption for all data in motion, including customer session tokens and payment information Mobile app developer connects on overlay 29 Public Cloud Virtual Network IPsec connection Customer Site PartnerSite Customer Site IPsecconnection IPsecconnection
  30. 30. Copyright CohesiveFT - 14 Jun 2013 European clothing designer wanted creativity and capacity without the hardware. Highlights Created a fashion social networking site with security and cloud-based capacity Wanted to scale and control capacity. Access and reliability will remain to be key aspects of the infrastructure. Secure, encrypted data in motion and access to data center withVNS3 The Situation: European fashion designer and wholesaler wanted to extend fashion brand by: • Creating first ever fashion-focused social site • Scaling up and down with demand • Keeping security standards high The industry, enterprise and infrastructure created hurdles for traditional physical computing. VNS3 overlay network offered control over addressing and topology for customer-controlled hybrid device. Solution included: • Overlay network to public cloud • Encryption for all data in motion • End-to-end encryption from data center to apps • Easy internal approvals for the corporate “network police” • Perpetual license to accommodate scaling needs Capacity expansion: fashion brand grows in cloud 30 Public Cloud Private Data Center HybridCloud
  31. 31. Copyright CohesiveFT - 14 Jun 2013 Customer Site BPMS-as-a-SaaS without traditional complexity 31 Business process SaaS vendor reaches customers without on-site data centers or physical networks. Highlights Large independent logistics firm wanted to provide SaaS as subscription model without burdening clients. Hoped to scale cloud containers for more customized solutions. Removed complexity of migrating and need to change the business model, operations. Solved end client’s issues with on-site data centers and large software clients. The international BPM and CRM software vendor wanted to provide a SaaS offering to move customers to subscription revenue model. Challenges: • Limited multi-tenant environments for customers that pass industry tests • Required connectivity without the hurdles of traditional networks, data centers and enterprise rules • Connecting apps across different public and private clouds • End customer security concerns Solution created: • Access as if it is a subnet on their network • Guaranteed encryption for all data in motion and at rest • Overlay network that can deploy to any public cloud provider • Firm can connect their clients’ software to cloud-based data centers without up-front, capital intense processes Public Cloud Customer SaaS deployment 2 IPsecconnection Customer Site IPsecconnection Customer SaaS deployment 1
  32. 32. Copyright CohesiveFT - 14 Jun 2013 Threat protection firm extended offerings with global cloud points of presence. Highlights Global reach for products and global redundancy for security. Needed secure connections to existing data centers and networks. Access critical infrastructure “in region” without delays or capital of physical resources. Offered global redundancy at dramatically lower cost than traditional infrastructure. A global end point threat prevention company wanted to have global reach for their cloud-based threat protection and virus scanning system. Additionally, they wanted to ensure global redundancy using multiple cloud data centers with the potential for connected multiple cloud providers. Challenges: • Working with multiple cloud providers and cloud regions • Connections across clouds and down to existing physical data centers and networks Solution featured: • Guaranteed encryption for all data in motion and at rest • Overlay network to federate across any public cloud provider End customers can access critical resources without waiting for inter- continental lag times, at much lower costs. Data Center 2 Cloud WAN for global reach and redundancy 32 EU Public Cloud IPsecconnection Existing Data Center IPsecconnection US Public Cloud Federated Multi-Cloud Network Failover
  33. 33. Copyright CohesiveFT - 14 Jun 2013 Cloud WAN connectivity without the expensive assets or contracts. Highlights Global reach for products and global redundancy for security. Needed secure connections to existing data centers and networks. Access critical infrastructure “in region” without phsyical resources. Offered global redundancy at dramatically lower cost. A pharmaceutical information systems firm wanted to integrate US-based offices together and to integrate offices to their cloud infrastructure. Challenges: Offices had different hardware and software, networks and data needs.The firm did not want to invest in assets or long term contracts with vendors. Solution featured: • Guaranteed encryption for all data in motion and at rest • Overlay network to federate across any public cloud provider • IPsec and data in motion encryption Customer created a true Cloud WAN with overlays and cloud provider. Each office connected to the cloud- based systems and also connected to each other usingVNS3 and the cloud as the network backbone. Medical Data Center Pharmaceutical system federates infrastructure 33 Hospital Offices Medical Office Public Cloud Region 2 IPsecconnection Public Cloud Region 1 WANNetwork IPsecconnection IPsecconnection
  34. 34. Copyright CohesiveFT - 14 Jun 2013 Coalescence: Services for the Cloud Container • Cloud migration framework •Automate your application migration to save time and money •No need to re-instal servers if cloud provider infrastructure fails or upgrades • Proven methodologies to take planned topologies to the cloud through a set of logical steps • Experience-informed services: •Cloud strategy / advisory •HPC in the cloud •Cloud training •Cloud / virtualization support •VNS3 design and implementation •Cloud deployment and security audit •Cloud active directory 34 Analyze Requested Topology Packaging & Bundling Unit Implementation Cluster Definition & Contextualization Cluster Mastering Multi Cluster Launch

×