New Threats, New Approaches in Modern Data Centers

Hands on architect building secure NFV and SDN infrastructure at Brocade
Mar. 23, 2017
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
New Threats, New Approaches in Modern Data Centers
1 of 29

More Related Content

What's hot

PLC Virtualization Dragos S4 2019PLC Virtualization Dragos S4 2019
PLC Virtualization Dragos S4 2019Dragos, Inc.
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCarlos Andrés García
All Hope is Not LostNetwork Forensics Exposes Today's Advanced Security Thr...All Hope is Not LostNetwork Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
Cloud Security: Make Your CISO SuccessfulCloud Security: Make Your CISO Successful
Cloud Security: Make Your CISO SuccessfulCloudPassage
45 Minutes to PCI Compliance in the Cloud45 Minutes to PCI Compliance in the Cloud
45 Minutes to PCI Compliance in the CloudCloudPassage
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...
6° Sessione VMware NSX: la piattaforma di virtualizzazione della rete per il ...Jürgen Ambrosi

Viewers also liked

CENIC Conference agenda 2017_v1CENIC Conference agenda 2017_v1
CENIC Conference agenda 2017_v1Iben Rodriguez
Troubleshooting Java HotSpot VMTroubleshooting Java HotSpot VM
Troubleshooting Java HotSpot VMPoonam Bajaj Parhar
In-Memory Distributed Computing - Porto Tech HubIn-Memory Distributed Computing - Porto Tech Hub
In-Memory Distributed Computing - Porto Tech HubChristoph Engelbert
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben Rodriguez
Golang 101 (Concurrency vs Parallelism)Golang 101 (Concurrency vs Parallelism)
Golang 101 (Concurrency vs Parallelism)Pramesti Hatta K.
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/Linux
[Defcon Russia #29] Михаил Клементьев - Обнаружение руткитов в GNU/LinuxDefconRussia

Similar to New Threats, New Approaches in Modern Data Centers

nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0Ploynatcha Akkaraputtipat
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
Nsx security deep diveNsx security deep dive
Nsx security deep divesolarisyougood
Sdn primer pdfSdn primer pdf
Sdn primer pdfPooja Patel
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld
NSX, un salt natural cap a SDNNSX, un salt natural cap a SDN
NSX, un salt natural cap a SDNCSUC - Consorci de Serveis Universitaris de Catalunya

Similar to New Threats, New Approaches in Modern Data Centers(20)

More from Iben Rodriguez

Ipv6 test plan for opnfv poc v2.2 spirent-vctlabIpv6 test plan for opnfv poc v2.2 spirent-vctlab
Ipv6 test plan for opnfv poc v2.2 spirent-vctlabIben Rodriguez
VerigraphVerigraph
VerigraphIben Rodriguez
Re-Engineering EngineeringRe-Engineering Engineering
Re-Engineering EngineeringIben Rodriguez
Vmworld 2005-sln241Vmworld 2005-sln241
Vmworld 2005-sln241Iben Rodriguez
Fine grained monitoringFine grained monitoring
Fine grained monitoringIben Rodriguez
Getput suiteGetput suite
Getput suiteIben Rodriguez

Recently uploaded

Orchestration, Automation and Virtualisation Maturity ModelOrchestration, Automation and Virtualisation Maturity Model
Orchestration, Automation and Virtualisation Maturity ModelCSUC - Consorci de Serveis Universitaris de Catalunya
Keynote: Two years at the British Library... and counting / Alan Danskin (Bri...Keynote: Two years at the British Library... and counting / Alan Danskin (Bri...
Keynote: Two years at the British Library... and counting / Alan Danskin (Bri...CILIP MDG
Microsoft Azure New - Sep 2023Microsoft Azure New - Sep 2023
Microsoft Azure New - Sep 2023Daniel Toomey
How to DAO?How to DAO?
How to DAO?Liveplex
Smart Contracts - The Blockchain Beyond BitcoinSmart Contracts - The Blockchain Beyond Bitcoin
Smart Contracts - The Blockchain Beyond BitcoinJim McKeeth
Scaling out with WordPressScaling out with WordPress
Scaling out with WordPressKonstantin Kovshenin

New Threats, New Approaches in Modern Data Centers

Editor's Notes

  1. New Threats, New Approaches in Modern Data Centers Presented at CENIC conference 11:00 am - 12:00 pm, Wednesday, March 22, 2017 – in San Diego, California Edgar Mendoza, IT Specialist, Information Technology and Communications Services (ITACS) Naval Postgraduate School Eldor Magat, Computer Specialist, ITACS, Naval Postgraduate School Mike Monahan, Network Engineer, ITACS, Naval Postgraduate School Iben Rodriguez, Brocade Resident SDN Delivery Consultant, ITACS, Naval Postgraduate School Brian Recore, NSX Systems Engineer, VMware, Inc.
  2. Copied from the program with corrections - https://adobeindd.com/view/publications/b9fbbdf0-60f1-41dc-8654-3d2141b0bf54/nh4h/publication-web-resources/pdf/Conference_Agenda_2017_v1.pdf The standard approach to securing data centers has historically emphasized strong perimeter protection to keep threats on the outside of the network. However, this model is ineffective for handling new types of threats—including advanced persistent threats, insider threats, and coordinated attacks. A better model for data center security is needed: one that assumes threats can be anywhere and probably are everywhere and then, through automation, acts accordingly. Using micro-segmentation, fine-grained network controls enable unit-level trust, and flexible security policies can be applied all the way down to a network interface. In this joint presentation between customer, partner, and VMware, the fundamental tenants of micro-segmentation will be discussed. Presenters will describe how the Naval Postgraduate School has incorporated these principles into the architecture and design of a multi-tenant Cybersecurity Lab environment to deliver security training to national and international government personnel.
  3. from the NPS 2015 Annual Report
  4. https://my.nps.edu/web/ccw Many classes are using this lab with students from all over the world. The Center for Cyber Warfare (CCW) is an interdisciplinary problem solving research center in the Department of Electrical and Computer Engineering (ECE) at the Naval Postgraduate School (NPS) in Monterey, California. The CCW faculty work in collaboration with other universities and innovative commercial companies to deliver basic and applied research solutions to the Navy, U.S. government, DoD, and intelligence communities. Mission Approved by the NPS Research Board on October 5, 2009, the CCW conducts a mix of classified and unclassified research and offers unique educational programs designed to provide the modern warfighter with tactical and operational responses to immediate and anticipated threats in U.S. and allied cyber space.
  5. http://www.popularmechanics.com/flight/drones/news/a17371/record-breaking-drone-swarm/ http://nps.edu/About/News/NPS-Academic-Partners-Take-to-the-Skies-in-First-Ever-UAV-Swarm-Dogfight.html
  6. At one point the room with the servers got too hot and they had opened the windows. Wires were all over the place, cables not labeled. No structured cable management Even with UPS Battery backups there were extended power outages that caused system downtime due to lack of generator power. Lots of space and power used - 2 racks consolidated to 2U Hyper Converged Server Infrastructure with built-in software defined storage.
  7. At one point the room with the servers got too hot and they had opened the windows. Wires were all over the place, cables not labeled. - structured cable management Even with UPS Battery backups there were extended power outages that caused downtime. Now on generator. 2 racks consolidated to 2U Hyper Converged Server Infrastructure with built-in software defined storage. Amazon AWS design for NROTC Cyber Lab NSX – OSPF, DHCP, Firewall, Load Balancers Virtual appliances – Scalability, High Availability Centralized support with power, cooling Improved monitoring, physical, and operational security
  8. SDDC can span across multiple data centers and into hybrid service providers, independent of physical infrastructure
  9. Power NSX Orchestrator http://community.brocade.com/t5/Federal-Insights/CLI-is-Dead/ba-p/91358 Code NSX . com
  10. VMware Cloud on AWS will be powered by VMware Cloud Foundation™, a unified SDDC platform that integrates VMware vSphere, VMware Virtual SAN™ and NSX™ virtualization technologies, and will provide access to the broad range of AWS services, together with the functionality, elasticity, and security customers have come to expect from the AWS Cloud. Integrates VMware’s flagship compute, storage and network virtualization products (vSphere, VSAN and NSX) along with vCenter management, and optimizes it to run on next-generation, elastic, bare-metal AWS infrastructure. The result is a complete, no compromise, turn-key solution, that works seamlessly with both on-premises private clouds and advanced AWS Public Cloud services. VMware SDDC stack running on AWS Compute (vSphere), storage (VSAN), networking (NSX) Direct access to vCenter, including full API/CLI support Delivered as-a-service (VMware lifecycle fully managed) Access to AWS services Consistent operational model enables Hybrid Cloud Full support for existing and new applications Existing management tooling layers on top Hybrid and Cloud-only deployment options Leverage cloud economics, aligning capacity & demand Single bill for VMware software + AWS infrastructure Consume elastically scalable SDDC clusters On-demand or subscription Leverage global AWS footprint