SafeNet ProtectV Data Protection for Virtual Infrastructure


Published on

Презентация компании SafeNet с проведенного компанией LETA 25 октября 2013г. бизнес-завтрака посвященному вопросам защиты виртуальной инфраструктуры.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

SafeNet ProtectV Data Protection for Virtual Infrastructure

  1. 1. SafeNet ProtectV Data Protection for Virtual Infrastructure ProtectV Overview Insert Your Laptev Andrey Name Insert Your Title PreSales Consultant, Insert Date Russia & CIS © SafeNet Confidential and Proprietary
  2. 2. Virtualization Risks How secure is my data in a virtualized world? APP APP APP APP OS OS OS VMs are easy to copy (and steal). OS VMs are easy to move. Hypervisor Compute Layer VMs introduce a new class of privileged users and administrators—server, storage, backup, and application—all operating independently. Storage Snapshots Snapshots Backup VMs have multiple instances, snapshots and backups of data. And what about your Disaster Recovery site?
  3. 3. Cloud Risks Mail Servers • • Who is accessing my data? • Where is my data? • E-commerce App server Do I have control of my data? Is InfoSec going to stop me from moving to the cloud? SharePoint Services File Servers Web Servers Payment info Intellectual Property Customer data Critical data Sensitive Communications
  4. 4. Data Protection for Virtual Infrastructure ProtectV is the industry’s first comprehensive solution for protecting virtual environments. With ProtectV you can: • Isolate your data • Authorize virtual machine instance launches • Track key access to all copies of your data • Revoke key access in case of a breach ProtectV enables you to migrate your sensitive data to virtual datacenters, the cloud and untrusted or shared environments securely. © SafeNet Confidential and Proprietary 6
  5. 5. Anatomy of Securing Your Data in Virtual or Cloud Environments 1 2 ProtectV Manager ProtectV Client Storage Protected Volumes Hypervisor Protected Virtual Machines 3a KeySecure 3b Virtual KeySecure Protected on-premise servers in physical datacenter 1. ProtectV Manager is a virtual machine instance that runs in a virtualized/cloud environment. 2. ProtectV Client is installed on your virtual machine or your servers in your datacenter. 3. KeySecure is a hardened, highassurance enterprise key management solution in a hardware or in a new virtualized platform, Virtual KeySecure
  6. 6. ProtectV: Secures Your Virtual Data Power On 1 ProtectV API makes server provisioning automated and efficient enabling you to PowerOn a VM securely 5 Delete Every time you delete a key, it “digitally shreds” the data, rendering all copies of VMs inaccessible 4 Start 2 You must be authenticated and authorized to launch a VM Snapshot Every copy of VM in storage or backup is encrypted © SafeNet Confidential and Proprietary Daily Operations 3 All data and VMs are encrypted 8
  7. 7. ProtectV Delivers Complete VM Encryption • Encryption of entire virtual machine (VM) • Entire VM is encrypted Encryption of system/OS partition Secured Volumes • • Encryption of data partition Encryption of associated snapshots and backups (DR sites etc.) Secured VMs © SafeNet Confidential and Proprietary 9
  8. 8. ProtectV Delivers Ownership & Control of Your Data StartGuard Pre-Launch Authentication & Authorization • StartGuard pre-launch user authentication and authorization to launch a virtual machine instance • Separation of duties between infrastructure and security administrators • Secured VMs NEW! KeySecure Hardware based FIPS 140-2 level 3 certified Enterprise Key Manager or Virtual KeySecure hardened virtual security appliance Virtual EKM On-Premise EKM © SafeNet Confidential and Proprietary 10
  9. 9. ProtectV Delivers Visibility & Proof of Data Governance Centralized security management • Unified management - at-a-glance dashboard view and central audit point • On-premise or virtualized key management audit for encryption keys Virtual EKM On-Premise EKM © SafeNet Confidential and Proprietary 11
  10. 10. Deployment Scenario: Public Cloud Trusted on-premise location KeySecure (HA) Public Cloud ProtectV Manager (HA) ProtectV Client Example of an AWS EC2 deployment © SafeNet Confidential and Proprietary 12
  11. 11. Deployment Scenario: Virtual Datacenter Trusted on-premise location Virtualized Data Center ProtectV Manager (HA) KeySecure (HA) ProtectV Client Example of a VMware deployment © SafeNet Confidential and Proprietary 13
  12. 12. ProtectV: Environments, Impact, Products • ProtectV currently supports the following environments: • Amazon Web Services EC2 • Amazon Web Services VPC • VMware vCenter • ProtectV impacts performance by 10% - 15% in standard AWS EC2 scenarios • Complementary products to ProtectV: • KeySecure (k150 and k460) and Virtual KeySecure (k150v) • DataSecure (i150 and i450) and Virtual DataSecure (i150v) © SafeNet Confidential and Proprietary 14
  13. 13. At-a-Glance Control of Your Data © SafeNet Confidential and Proprietary 15
  14. 14. ProtectV Delivers  Encryption of entire VM or server Complete VM or server encryption  Encryption of associated storage volumes (mapped drives), VM instances (snapshots, backups) and locations (DR sites etc.)  Even the entire OS partition is protected  Pre-launch user authorization to access a VM Ownership and control of your data  Encryption based separation of duties across virtual and physical environments  Unified HW based FIPS 140-2 level 3 certified key management to ensure VM ownership  Unified management - at-a-glance dashboard view and Visibility and proof of data governance central audit point  Manage physical, virtual and cloud servers from a single management console.  On-premise key management audit for encryption key usage © SafeNet Confidential and Proprietary 16
  15. 15. Thank You © SafeNet Confidential and Proprietary 18