SlideShare a Scribd company logo

John Merline - How make your cloud SASE

AWS Chicago
AWS Chicago

How make your cloud SASE John Merline AWS Community Day | Midwest 2020

Technology
1 of 17
Download to read offline
FISHTECH GROUP June 10, 2020 HOW TO MAKE YOUR CLOUD SASE John Merline | June 11, 2020
2 FISHTECH GROUP June 10, 2020 • Access requirements have inverted, with more users, devices, applications, services and data located outside of an enterprise than inside. • Complexity, latency and the need to inspect encrypted traffic once will consolidate networking and security-as-a-service into a cloud-delivered secure access service edge (SASE). • Low-latency access to users, devices and cloud services from anywhere require SASE offerings with a worldwide fabric of points of presence (POPs) and peering relationships. • SASE is the new branding buzzword… The Future of Network Security is in the Cloud - Gartner
3 FISHTECH GROUP June 10, 2020 Application1 Application2 …. The World Turned Upside Down… Corporate data center Remote Workers Peoplesoft Exchange SharePoint Payroll Internet VPN Application1 Application2 …. Internet Office 365 Salesforce … Websites Corporate data center Legacy App 1 Legacy App 2 …. Remote Workers VPN? Security Controls Perimeter 1 23
4 FISHTECH GROUP June 10, 2020 Secure Access Service Edge Inline Real-Time Controls (SaaS + Web + IaaS + Private Access Control Type Out of Band API Controls (SaaS + IaaS) Web Traffic (SWG, DLP) SaaS (CASB, DLP) IaaS/PaaS (CSPM) Private Access (ZTNA) Web Content Classification Real-Time Protection Private App Access Continuous Security Assessment Data At Rest Protection Privileged Account Monitoring Cloud Intranet On-Premise Custom Apps Discovery Unmanaged Devices Data At Rest Protection Products Capabilities SaaS Granular Access Control Activity Visibility Understand Cloud Apps SD-WAN Integration App Control Instance Awareness Advanced DLP Cloud App Discovery Reverse Proxy Compliance ML / AI Analytics Insider Threat API / JSON Decode SSL Decryption 3rd Party Risk Analytics and Insights Proxy Data Protection Threat Protection Security Services
5 FISHTECH GROUP June 10, 2020 Netskope Cloud Infrastructure
6 FISHTECH GROUP June 10, 2020 • IP address and location cannot establish trust for network access • Provide access to applications, not networks • Enhanced user experience for remote workers • Allow unmanaged devices to securely access applications • Think of ZTNA as Tunneling as a Service (TaaS?) • App Connectors reside near the application service, often on the same subnet • Cloud brokers act as a hub connecting tunnels from App Connectors to the Endpoint Client • App Connector require only private IP addresses and outbound Internet access Zero Trust Network Access (ZTNA) Users Corporate data center Legacy App 1 Legacy App 2 …. Application1 Application2 …. Internet Cloud Broker App Connector(s) App Connector(s) Endpoint Client
7 FISHTECH GROUP June 10, 2020 • How do you access your EC2 hosts or other services that may not have a public IP address? • Private connectivity to VPC via AWS Site-to-Site VPN or Direct Connect. • A Site-to-Site VPN that terminates on EC2 instance (Firewall or OpenVPN server). • AWS Client VPN or even AWS Session Manager • How do we maintain the Bastion Host? • Where does the logging and alerts go? • How do we manage the user and group access to the Bastion and the servers reachable from it? • What about the security principle of Least Privilege? • Can we limit access to a specific application/port instead of allowing access to the entire servers and subnets? Bastion Hosts VPC Private subnet Public subnet Bastion Host Instances Corporate data center Internet AWS Direct Connect Remote Users Site-to-Site VPN
8 FISHTECH GROUP June 10, 2020 WHAT CAN SASE DO FOR THE PUBLIC CLOUD? 1. Use Bucket Policy to lockdown access to source IP range of SASE cloud 2. Set explicit proxy on EC2 instance to send web traffic through SWG 3. Use APIs to assess security of Data at Rest and Cloud Security Posture 4. Install SASE client AWS Workspace image to secure endpoints 5. Configure firewalls in Outbound VPC to forward traffic to SASE cloud Bucket with objects SASE DLP CASB SWG CSPM ZTNA … Internet VPC Amazon EC2 Users
9 FISHTECH GROUP June 10, 2020 Questions?
10 FISHTECH GROUP June 10, 2020 APPENDIX
11 FISHTECH GROUP June 10, 2020 Applications are invisible to unauthorized users • Users can’t access what they can’t see 2 PRIVATE ACCESS – FOUR SECURITY TENETS IN ACTION Remote users are never placed on the network • Application access, not network access 1 Policy-based access to specific apps • Define which users access which apps 3 The internet is the new secure network • Double-tunneling for secure access 4 Z-App Workloads Z-broker AWS 1 ZPA Cloud 3 2
12 FISHTECH GROUP June 10, 2020 USER ACCESS TO MIGRATED WORKLOADS USING ZPA us-west-1 Z-broker Legacy Datacenter Internet Users Z-broker US West (N. California) EU (London) Z-broker Z-broker ZPA Connectors ZPA Connectors Private Subnet eu-west-2 ZPA Connectors Private Subnet
13 FISHTECH GROUP June 10, 2020 Magic Quadrant for Cloud Access Security Brokers Magic Quadrant for Secure Web Gateways
14 FISHTECH GROUP June 10, 2020 EMPLOYEESPARTNERS Policy Console ZSCALER PRIVATE ACCESS – HOW IT WORKS GETTING STARTED • Deploy Z-App on endpoints • Deploy Z-Connectors in front of your apps • Define user and app access policies HOW IT WORKS DC ID PROVIDER User attempts to access an app1 User identity/role is verified (before DNS)2 Policy is checked to determine if access is permitted3 If allowed: - Z-Connector initiates outbound connection - Z-App initiates a connection (per app) - Zscaler cloud broker stitches connection together 5 1 2 3 4 7 Z-Connector provides app load balance across VMs/servers6 5 Public Cloud LB for apps Z-Connector ZENs/Brokers Optimal path to app is determined4 Monitor app usage – anomaly detection7 New York London Sydney 6 Z-App
15 FISHTECH GROUP June 10, 2020 ENDPOINT CLIENT
16 FISHTECH GROUP June 10, 2020 REVERSE PROXY VIA SAML
17 FISHTECH GROUP June 10, 2020 EXPLICIT PROXY CHAINING

Recommended

How SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksHow SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksArticulate Marketing
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Netskope
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BAbourhan88100
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco Canada
 
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco Canada
 
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco Canada
 

Recommended

How SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksHow SASE can help you move securely from the PSN with VMware and Breeze Networks
How SASE can help you move securely from the PSN with VMware and Breeze NetworksArticulate Marketing
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Netskope
 
SASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BASASE Future Proof sdwan 20 Sep2020 v2.1 BA
SASE Future Proof sdwan 20 Sep2020 v2.1 BAbourhan88100
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Three ways-zero-trust-security-redefines-partner-access-v8
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
 
Cisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco connect winnipeg 2018 simply powerful networking with meraki
Cisco connect winnipeg 2018 simply powerful networking with merakiCisco Canada
 
Cisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco connect winnipeg 2018 simple it leads to simple it management
Cisco connect winnipeg 2018 simple it leads to simple it managementCisco Canada
 
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco connect winnipeg 2018 simplifying cloud adoption with cisco ucs
Cisco connect winnipeg 2018 simplifying cloud adoption with cisco ucsCisco Canada
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsZscaler
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceGeorge Fares
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Zscaler
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE Haris Chughtai
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudZscaler
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Zscaler
 
Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco Canada
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureZscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?Zscaler
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copyZscaler
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerAnkit Dua
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will loveZscaler
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Zscaler
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerZscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitybayusch
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 

More Related Content

What's hot

Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsZscaler
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceGeorge Fares
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Zscaler
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudZscaler
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Zscaler
 
Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco Canada
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureZscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?Zscaler
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copyZscaler
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerAnkit Dua
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraZscaler
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will loveZscaler
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Zscaler
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerZscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 

What's hot (20)

Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
 
Understanding SASE
Understanding SASE Understanding SASE
Understanding SASE
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
 
Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...Cisco connect winnipeg 2018 unlocking business value with network programma...
Cisco connect winnipeg 2018 unlocking business value with network programma...
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
 
Schneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copySchneider electric powers security transformation with one simple app copy
Schneider electric powers security transformation with one simple app copy
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with Cloudflare
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
Secure remote access to AWS your users will love
Secure remote access to AWS your users will loveSecure remote access to AWS your users will love
Secure remote access to AWS your users will love
 
Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1Get an office 365 expereience your users will love v8.1
Get an office 365 expereience your users will love v8.1
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
 
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscalerMigration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 

Similar to John Merline - How make your cloud SASE

SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitybayusch
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxNetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxSurendran Naidu
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyesThousandEyes
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCohesive Networks
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)Cisco Canada
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Solace
 
Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Zscaler
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecaseRENJITHKNAIR5
 
Firewall friendly pipeline for secure data access
Firewall friendly pipeline for secure data accessFirewall friendly pipeline for secure data access
Firewall friendly pipeline for secure data accessSumit Sarkar
 
Splendens Project Proposal by Slidesgo.pptx
Splendens Project Proposal by Slidesgo.pptxSplendens Project Proposal by Slidesgo.pptx
Splendens Project Proposal by Slidesgo.pptxssuserea0dfe
 
Introduction To ThousandEyes
Introduction To ThousandEyesIntroduction To ThousandEyes
Introduction To ThousandEyesThousandEyes
 
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdfSaurabh Chauhan
 
Cloud Computing and the Promise of Everything as a Service
Cloud Computing and the Promise of Everything as a ServiceCloud Computing and the Promise of Everything as a Service
Cloud Computing and the Promise of Everything as a ServiceLew Tucker
 
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteApp to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteCohesive Networks
 
Ip tunnelling and_vpn
Ip tunnelling and_vpnIp tunnelling and_vpn
Ip tunnelling and_vpnRajesh Porwal
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT GatewayEurotech
 

Similar to John Merline - How make your cloud SASE (20)

SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivity
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptxNetFoundry - Zero Trust Customer Journey-v1-ext.pptx
NetFoundry - Zero Trust Customer Journey-v1-ext.pptx
 
Introduction to ThousandEyes
Introduction to ThousandEyesIntroduction to ThousandEyes
Introduction to ThousandEyes
 
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlowCloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
Cloud Expo New York: OpenFlow Is SDN Yet SDN Is Not Only OpenFlow
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture
 
Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517Webinar remote access_no_vpn_pitfalls_111517
Webinar remote access_no_vpn_pitfalls_111517
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecase
 
Firewall friendly pipeline for secure data access
Firewall friendly pipeline for secure data accessFirewall friendly pipeline for secure data access
Firewall friendly pipeline for secure data access
 
Splendens Project Proposal by Slidesgo.pptx
Splendens Project Proposal by Slidesgo.pptxSplendens Project Proposal by Slidesgo.pptx
Splendens Project Proposal by Slidesgo.pptx
 
Introduction To ThousandEyes
Introduction To ThousandEyesIntroduction To ThousandEyes
Introduction To ThousandEyes
 
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf
0328apjcintrotothousandeyeswebinar-230328233735-4df10d7f.pdf
 
Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV
 
Cloud Computing and the Promise of Everything as a Service
Cloud Computing and the Promise of Everything as a ServiceCloud Computing and the Promise of Everything as a Service
Cloud Computing and the Promise of Everything as a Service
 
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged KeynoteApp to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
App to Cloud: Patrick Kerpan's DataCenter Dynamics Converged Keynote
 
Ip tunneling and vpns
Ip tunneling and vpnsIp tunneling and vpns
Ip tunneling and vpns
 
Ip tunnelling and_vpn
Ip tunnelling and_vpnIp tunnelling and_vpn
Ip tunnelling and_vpn
 
Kura M2M IoT Gateway
Kura M2M IoT GatewayKura M2M IoT Gateway
Kura M2M IoT Gateway
 

More from AWS Chicago

AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS Chicago
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...AWS Chicago
 
WilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxWilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxAWS Chicago
 
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfSuresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfAWS Chicago
 
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaStreamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaAWS Chicago
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxAWS Chicago
 
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxSaurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxAWS Chicago
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfAWS Chicago
 
Ross Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxRoss Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxAWS Chicago
 
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfrobsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfAWS Chicago
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfAWS Chicago
 
Mohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxMohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxAWS Chicago
 
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxNick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxAWS Chicago
 
Pat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfPat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfAWS Chicago
 
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...AWS Chicago
 
MichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxMichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxAWS Chicago
 
Michal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfMichal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfAWS Chicago
 
Kamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxKamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxAWS Chicago
 
John Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxJohn Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxAWS Chicago
 
JuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxJuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxAWS Chicago
 

More from AWS Chicago (20)

AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user group
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
 
WilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxWilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptx
 
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfSuresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
 
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaStreamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxSaurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Ross Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxRoss Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptx
 
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfrobsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Mohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxMohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptx
 
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxNick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
 
Pat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfPat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdf
 
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
 
MichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxMichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptx
 
Michal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfMichal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdf
 
Kamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxKamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptx
 
John Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxJohn Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptx
 
JuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxJuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptx
 

Recently uploaded

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

John Merline - How make your cloud SASE

  • 1. FISHTECH GROUP June 10, 2020 HOW TO MAKE YOUR CLOUD SASE John Merline | June 11, 2020
  • 2. 2 FISHTECH GROUP June 10, 2020 • Access requirements have inverted, with more users, devices, applications, services and data located outside of an enterprise than inside. • Complexity, latency and the need to inspect encrypted traffic once will consolidate networking and security-as-a-service into a cloud-delivered secure access service edge (SASE). • Low-latency access to users, devices and cloud services from anywhere require SASE offerings with a worldwide fabric of points of presence (POPs) and peering relationships. • SASE is the new branding buzzword… The Future of Network Security is in the Cloud - Gartner
  • 3. 3 FISHTECH GROUP June 10, 2020 Application1 Application2 …. The World Turned Upside Down… Corporate data center Remote Workers Peoplesoft Exchange SharePoint Payroll Internet VPN Application1 Application2 …. Internet Office 365 Salesforce … Websites Corporate data center Legacy App 1 Legacy App 2 …. Remote Workers VPN? Security Controls Perimeter 1 23
  • 4. 4 FISHTECH GROUP June 10, 2020 Secure Access Service Edge Inline Real-Time Controls (SaaS + Web + IaaS + Private Access Control Type Out of Band API Controls (SaaS + IaaS) Web Traffic (SWG, DLP) SaaS (CASB, DLP) IaaS/PaaS (CSPM) Private Access (ZTNA) Web Content Classification Real-Time Protection Private App Access Continuous Security Assessment Data At Rest Protection Privileged Account Monitoring Cloud Intranet On-Premise Custom Apps Discovery Unmanaged Devices Data At Rest Protection Products Capabilities SaaS Granular Access Control Activity Visibility Understand Cloud Apps SD-WAN Integration App Control Instance Awareness Advanced DLP Cloud App Discovery Reverse Proxy Compliance ML / AI Analytics Insider Threat API / JSON Decode SSL Decryption 3rd Party Risk Analytics and Insights Proxy Data Protection Threat Protection Security Services
  • 5. 5 FISHTECH GROUP June 10, 2020 Netskope Cloud Infrastructure
  • 6. 6 FISHTECH GROUP June 10, 2020 • IP address and location cannot establish trust for network access • Provide access to applications, not networks • Enhanced user experience for remote workers • Allow unmanaged devices to securely access applications • Think of ZTNA as Tunneling as a Service (TaaS?) • App Connectors reside near the application service, often on the same subnet • Cloud brokers act as a hub connecting tunnels from App Connectors to the Endpoint Client • App Connector require only private IP addresses and outbound Internet access Zero Trust Network Access (ZTNA) Users Corporate data center Legacy App 1 Legacy App 2 …. Application1 Application2 …. Internet Cloud Broker App Connector(s) App Connector(s) Endpoint Client
  • 7. 7 FISHTECH GROUP June 10, 2020 • How do you access your EC2 hosts or other services that may not have a public IP address? • Private connectivity to VPC via AWS Site-to-Site VPN or Direct Connect. • A Site-to-Site VPN that terminates on EC2 instance (Firewall or OpenVPN server). • AWS Client VPN or even AWS Session Manager • How do we maintain the Bastion Host? • Where does the logging and alerts go? • How do we manage the user and group access to the Bastion and the servers reachable from it? • What about the security principle of Least Privilege? • Can we limit access to a specific application/port instead of allowing access to the entire servers and subnets? Bastion Hosts VPC Private subnet Public subnet Bastion Host Instances Corporate data center Internet AWS Direct Connect Remote Users Site-to-Site VPN
  • 8. 8 FISHTECH GROUP June 10, 2020 WHAT CAN SASE DO FOR THE PUBLIC CLOUD? 1. Use Bucket Policy to lockdown access to source IP range of SASE cloud 2. Set explicit proxy on EC2 instance to send web traffic through SWG 3. Use APIs to assess security of Data at Rest and Cloud Security Posture 4. Install SASE client AWS Workspace image to secure endpoints 5. Configure firewalls in Outbound VPC to forward traffic to SASE cloud Bucket with objects SASE DLP CASB SWG CSPM ZTNA … Internet VPC Amazon EC2 Users
  • 9. 9 FISHTECH GROUP June 10, 2020 Questions?
  • 10. 10 FISHTECH GROUP June 10, 2020 APPENDIX
  • 11. 11 FISHTECH GROUP June 10, 2020 Applications are invisible to unauthorized users • Users can’t access what they can’t see 2 PRIVATE ACCESS – FOUR SECURITY TENETS IN ACTION Remote users are never placed on the network • Application access, not network access 1 Policy-based access to specific apps • Define which users access which apps 3 The internet is the new secure network • Double-tunneling for secure access 4 Z-App Workloads Z-broker AWS 1 ZPA Cloud 3 2
  • 12. 12 FISHTECH GROUP June 10, 2020 USER ACCESS TO MIGRATED WORKLOADS USING ZPA us-west-1 Z-broker Legacy Datacenter Internet Users Z-broker US West (N. California) EU (London) Z-broker Z-broker ZPA Connectors ZPA Connectors Private Subnet eu-west-2 ZPA Connectors Private Subnet
  • 13. 13 FISHTECH GROUP June 10, 2020 Magic Quadrant for Cloud Access Security Brokers Magic Quadrant for Secure Web Gateways
  • 14. 14 FISHTECH GROUP June 10, 2020 EMPLOYEESPARTNERS Policy Console ZSCALER PRIVATE ACCESS – HOW IT WORKS GETTING STARTED • Deploy Z-App on endpoints • Deploy Z-Connectors in front of your apps • Define user and app access policies HOW IT WORKS DC ID PROVIDER User attempts to access an app1 User identity/role is verified (before DNS)2 Policy is checked to determine if access is permitted3 If allowed: - Z-Connector initiates outbound connection - Z-App initiates a connection (per app) - Zscaler cloud broker stitches connection together 5 1 2 3 4 7 Z-Connector provides app load balance across VMs/servers6 5 Public Cloud LB for apps Z-Connector ZENs/Brokers Optimal path to app is determined4 Monitor app usage – anomaly detection7 New York London Sydney 6 Z-App
  • 15. 15 FISHTECH GROUP June 10, 2020 ENDPOINT CLIENT
  • 16. 16 FISHTECH GROUP June 10, 2020 REVERSE PROXY VIA SAML
  • 17. 17 FISHTECH GROUP June 10, 2020 EXPLICIT PROXY CHAINING