Datacenter 2014: Symantec - Peter Schjøtt


Published on

Hvorfor kun sikre din cloud halvt – tænk det hele ind fra starten med Symantec

”Cloud” er mange ting, og beskyttelse af data og systemer i skyen, privat eller public, kræver strategi og omtanke. Kom og hør Symantecs anbefalinger omkring, hvad man skal tænke ind i sin beskyttelse og governance af cloud. Vi har et omfattende sæt af løsninger, som vi vil berøre i denne session, som dækker sikkerhed, backup, storage management og risk governance, hvad enten det drejer sig om private eller public clouds.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Based on interviews with customers as part of the VMware 2013 Journey to IT-as-a-Service Survey, 26% of respondents were in Stage I, 54% in Stage II and 21% in Stage III of this Journey.
  • The way we have secured assets in the data center has changed over the last 10-15 years which was labour intensive as well as physically intensive. With the opportunities for customers that Virtualization and Private Clouds bring, the same security issues remain.
  • Our product bets are being made to support customers are virtualizing everything they can to make it faster, more secure and easier to deliver new assets.We are building new products that deliver similar protection for the physical or virtual asset to assist them to secure the DCCS and SDN’s to help them properly realize the benefits of securing their critical data center infrastructure with the top vendors such as VMware, cisco
  • As we focus on delivering our new Data Center Security products we are delivering highly flexible products to meet the challenges you have in an DNS supporting your businesses dynamic changes.
  • Datacenter 2014: Symantec - Peter Schjøtt

    1. 1. Version2, Datacenter 2014 1 Hvorfor kun sikre Cloud’en halvt - tænk sikkerhed fra starten… Peter Schjøtt Pr. Security Presales Engineer
    2. 2. Why Cloud • Cloud characteristics – whether private or public – Broad network access – Rapid elasticity – On-demand self-service – Shared pool of resources – Measured service • Cost reduction through efficiency • Comparable better security through standardisation • Business focus on core, abstract from the rest Version2, Datacenter 2014 3
    3. 3. Market Dynamics 4 4 Targeted Attacks & APT’s Cloud Private, Cloud, Hybrid Change Organization, Process, Regulation Virtualization & Software-Defined “X" Version2, Datacenter 2014
    4. 4. 5 Big Picture 5Version2, Datacenter 2014
    5. 5. Data Center Risks Increased automation and the virtual layer increases the attack surface, convergence of infrastructure creates big risk around privileged users. Traditional Data Centers Private Cloud Many servers, network and storage systems in separate data centers with separate admins; slow provisioning Many servers, network and storage systems in fewer consolidated data centers with high automation and fewer admins; faster provisioning Large attack surface, concentration of risk Version2, Datacenter 2014 6
    6. 6. shifting gears the SDDC 7 Drivers  Cost  Speed  Flexibility Inhibitors  Security Tax  Complexity  Compliance The data center of the future is software-defined. It is dynamic and application-centric. Our mission is to support our customers as they evolve to the SDDC. DataCenterSecurity Compute and Storage Virtualization Network Virtualization Software Defined Services On-Prem/Private/Public Cloud Resources Software-DefinedDataCenter Applications and Policies AutomationandManagementVersion2, Datacenter 2014
    7. 7. DataCenterSecurity Compute and Storage Virtualization Network Virtualization Software Defined Services On-Prem/Private/Public Cloud Resources Software-DefinedDataCenter Applications and Policies AutomationandManagement The Bets Version2, Datacenter 2014 the Cloud Betthe virtualization Bet 78% 31% 25% Securing private clouds is a good early bet as private clouds will continue to be strongly preferred over public and hybrid clouds HybridPublicPrivate Source: IDC CloudTrack Survey, 2012 Security represents a large opportunity as it is the key obstacle for the virtualization of mission critical workloads the SDN Bet Aligning with e.g. VMware and Cisco to secure SDNs is key as customers will definitely adopt pure or mixed SDNs at a rapid pace the SDDC Bet DC Automation and orchestration are key to SDDCs and will mandate a parallel need for security orchestration. 67% 47% 57% 52% 41% 35% 40% 0% 20% 40% 60% 80% Source: VMware Conference 2012 the Data Center Bet As Data Center consolidation in combination with virtualization increases the concentration of risk, we will see a corresponding demand for security. Data center consolidation is projected to account for 27% of IT spend (2010-2016) Gartner, 2011 8
    8. 8. DataCenterSecurity Compute/Storage Virtualization Network Virtualization Software Defined Services On-Prem/Private/Public Cloud Resources Software-DefinedDataCenter Applications and Policies AutomationandManagement Support for key standards for private clouds e.g. Openstack and partner with vendors delivering those standards e.g. Amazon, VMware, Ope nstack Security for leading hypervisors Security for hybrid networks Integrated security orchestration Dynamic, context- based, policy- centric security Software Defined Security “By 2015, 40% of security controls used in Enterprise data centers will be virtualized, up from less than 5% in 2010” – Neil MacDonald A dynamic, application-centric data center needs dynamic, application-centric security. SDN and SDDC platforms will be enablers of security consolidation offering a platform for security orchestration the Security Bet Version2, Datacenter 2014 9
    9. 9. Version2, Datacenter 2014 10 Public Cloud
    10. 10. Cloud Computing Top Threats • Data Breaches • Data Loss • Account or Service hijacking • Insecure Interfaces and APIs • Denial of Service • Malicious Insiders • Abuse of Cloud Services • Insufficient Due Dilligence • Shared Technology Vulnerablities Version2, Datacenter 2014 11
    11. 11. What are my risks using Cloud Identify the asset Evaluate the asset Map asset to Cloud depl. models Evaluate Cloud service models and providers Map data flow Conclusion Version2, Datacenter 2014 12 HowdoyougetoutofaCloudagreement? •Cloudvendorlock-in •Datalock-in
    12. 12. Version2, Datacenter 2014 13 Summing up
    13. 13. Where can Symantec help Version2, Datacenter 2014 14 Governance Prevention / Protection /Assurace Monitoring / Reporting / Alerting Mitigation / Correction Risk Analysis Policies Compliance Vendor Risk Risk modelling Desktop/laptop/server protection Encryption DLP Messaging Authentication Certificates/PKI Storage Management Hypervisor hardening Managed services DeepSight Backup Archiving
    14. 14. Addressing Security Challenges Today Version2, Datacenter 2014 Public Cloud Integrated Compliance Views across platforms2 • Broadest Portfolio of Security for physical & virtual1 Latest Offering – DCS : Server and Advanced3 Best in Class Threat Intelligence Symantec DeepSight / GIN4 • Symantec Protection Engine for Cloud Services5 Information Security • Threat Protection • Server Hardening • Hypervisor Hardening • Encryption • Data Protection • Messaging Security Information Assurance • Archiving • Backup • Availability Segmented Physical/Virtual Next Gen SDDC 15
    15. 15. Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Version2, Datacenter 2014 16 Peter Schjøtt