Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consolidation Ratios Securely and Proactively

391 views

Published on

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
391
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consolidation Ratios Securely and Proactively

  1. 1. Virtualize More in 2012 with HyTrustBoost Data Center Efficiency and Consolidation Ratios Securelyand ProactivelyFirst in a three-part series for IT and Security professionals responsible forvirtualization and data center architecture, management, and optimization 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
  2. 2. Overview Speakers What are the key business drivers for the virtualization security blueprint ? What are the pitfalls to avoid as we virtualize more mission-critical applications, more securely this year? What guidance and best practices can you share for planning and undertaking these virtualization initiatives? Summary Q&A 2
  3. 3. Speakers Billy Cox, Cloud strategy - Software and Services Group Intel Iben Rodriguez, Cloud Infrastructure Security Architect eBay Eric Chiu, President & Co-Founder HyTrust 3
  4. 4. Cloud 2015 Vision Federated AutomatedShare data securely Dynamically Allocate across public and private clouds Resources Client Aware Optimizing services based on device capabilityDesktops Laptops Netbooks Personal Smartphones Smart TVs Embedded Devices Open, Interoperable Solutions Essential 4
  5. 5. From Usage Model to Proven SolutionA security example Define Enable Prove Scale …the strategy to …the usage model …the usage model …deployments with address IT challenge in the ecosystem delivers the value ecosystem via usage model Pain Points Solution Stacks Prove out in lab Intel® Cloud Builders Reference architecture Enterprise Vulnerabilities Intel® Cloud Builders Usage Model Execute End User Applications IT POCs Management OS Policy Engine VMM • Trusted Pools • Compliance Chipset Reporting CPU 5
  6. 6. Iben Rodriguez Cloud Information Security Infrastructure Architect1. Cloud Infrastructure Security Architect who got his start in data networks for military, and now designs and delivers complex projects for international pharmaceutical, semiconductor companies, ecommerce companies, and many government organizations.2. Has worked closely with RedHat, VMware, and the Center for Internet Security, and kicked off and maintains the Benchmark for vSphere ESX hardening. Has also been selected a vExpert by VMware since 2009.3. Enterprise Security and virtual infrastructure design leader dealing with ITIL, SOX, PCI-DSS, ISO27000 assessments and remediation.4. Presents on virtualization security at many conferences including MISTI, AppCon, InfoSec Cloud, Network World, SANs, and Vmworld, and publishes at www.ibenit.com and www.vadapt.com5. Expert in integration of Virtual Security Infrastructure Components such as Splunk, Nicira NVP, Vyatta, Cisco Nexus 1000v, HyTrust, SilverPeak, NMAP
  7. 7. HyTrust Backgrounder Founded: Fall 2007 Headquarters: Mountain View, CA Venture Funding: $16 million Strategic Partners: Awards & Top Ten Lists: VMworld 2009 Best of Show, VMworld 2009 Gold, VMworld 2010 Finalist, TechTarget 2009 Product of the Year, RSA Innovation Sandbox 2009/2010 Finalist, SC Magazine 2010 Rookie Company of the Year, Network World Startup to Watch 2010, InfoWorld Tech Company to Know 2010, Forbes “Who’s Who” in Virtualization, Red Herring 2010 North America winner, Gartner Cool Vendor 2011© 2011, HyTrust, Inc. www.hytrust.com 77
  8. 8. How are you addressing security concerns in your virtualized environments? (Pick Top One)  Traditional infrastructure tools with NO specific provisions for virtualization  Traditional infrastructure tools with specific provisions for virtualization  Utilize virtualization-specific security tools provided by virtualization vendor  Utilize third-party security tools designed for VMs  Utilize third-party virtualization-only security tools  No security provisions in place© 2011, HyTrust, Inc. www.hytrust.com 8
  9. 9. What are your virtualization priorities heading into 2012? (Pick Top Priority)  Maximize performance and availability with sophisticated monitoring  Continue to increase consolidation ratios by virtualizing tier-one applications  Better management of existing virtual environments  Standardization of hypervisors and/or platforms  Become compliant and/or other organizational mandates (i.e. 25% quota for Federal organizations…)  Only maintain at this point© 2011, HyTrust, Inc. www.hytrust.com 9
  10. 10. Key Drivers - Business TrendsVirtualize More…Analyst research of CIO top priorities for 2012, 40% picked virtualization as one of top threeAnalyst research shows market is now 52% virtualized, with many organizations goaled to be 75% virtualized by 2014. * Forrester Research CISO’s Guide to Virtualization Security 10
  11. 11. Key Drivers - Business TrendsVirtualize More Securely…Security and tier-one apps consistently hold down ratios.+40% of virtualization deployments undertaken WITHOUT information security team input.++ + Jeff Burt eWeek 2009 ++Forrester Research CISO’s Guide to Virtualization Security 11
  12. 12. Key Drivers - Business Trends Virtualize More… More Securely… With Less!Forrester Research CISO’s Guide to Virtualization Security 12
  13. 13. Key Drivers - Virtualization / Cloud Security Situation “By 2015, 40% of the “There will be more security controls used virtual machines within enterprise data deployed on servers centers will be during 2011 than in virtualized, up from 2001 through 2009 less than 5% in 2010.”1 combined”2 “Virtualization increases security risk by 60%.”1 1Gartner; “From Secure Virtualization to Secure Private Clouds”; Neil MacDonald & Thomas J. Bittman; 13 October 201013 2Gartner; “Q&A: Six Misconceptions About Server Virtualization”, Thomas J. Bittman; 29 July 2010 13
  14. 14. Key Drivers - Proactively Protect and Secure Your IP87% Percentage of companies that have experienced a data breach — IT Compliance Institute48% Percent of all breaches that involved privileged user misuse — Verizon report, 201074% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute 14
  15. 15. Key Drivers - Proactively Protect and Secure Your IP87% Percentage of companies that have experienced a data breach — IT Compliance Institute48% Percent of all breaches that involved privileged user misuse — Verizon report, 201074% Percentage of breached companies who lost customers as a result of the breach — IT Compliance Institute 15
  16. 16. Best Practices and Guidance - Security Planning for security in the virtual datacenter  Business drivers including compliance requirements  New role of IT in the cloud  Strategy and Framework (and org expectations)  Planning and discovery into the environment is critical  What are the big wins (ref architecture, single roadmap, global scalability, single portal…) 16
  17. 17. Best Practices and Guidance - Virtualization On the Virtualization side, where are things going?  Managing Talent – separation of duties among experts (or cloud admin “super generalist”)  Private cloud adoption and IT as a service  Mix mode versus air gaps 17
  18. 18. Data Center of the Future – 3 year Vision “Rented” Cloud SaaS Application Infrastructure Self-Service Access Identity and UsageConsolidation & IT as a Virtualization Service Ubiquitous Access Data Cost End result of datacenter transformation: IT is delivered as-a-service; Role of Corporate IT is transformed from operational to control / governance © 2011, HyTrust, Inc. www.hytrust.com 18
  19. 19. Best Practices and Guidance - Getting Started How To Get Started with Virtualization Security Strive for virtual security that is equal to or better than the traditional security in your environment. Consider the following:  Apply the “Zero Trust” model of information security to your network architecture  Consider virtualization-aware security solutions  Implement privileged identity management  Incorporate vulnerability management into the virtual server environment 19
  20. 20. Summary – Why You? Why Now? Why do this now? Proactive collaborative approach to Security planning and architecture Lever virtualization ROI, payback periods while advancing security, compliance… Align these actionable measures to larger initiatives (from CIO survey) 20
  21. 21.  eric@hytrust.com billy.cox@intel.com Iben.rodriguez@gmail.com© 2011, HyTrust, Inc. www.hytrust.com 21

×