RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations


Published on

Businesses who want to stay ahead of the curve and achieve maximum efficiency and consistency are adopting cloud infrastructure. Keeping up with dynamic cloud environments, achieving scalable, automated, flexible, and secure cloud infrastructures means increased business agility. But how can you manage security as you migrate to cloud infrastructures?

Join Rishi Vaish, VP of Product at RightScale & Amrit Williams, CTO at CloudPassage as they discuss:

1. Recent findings from RightScale's State of the Cloud survey
2. Why hybrid cloud is the standard of choice
3. Three strategies for existing cloud server workloads
4. Benefits and security challenges of migrating to cloud infrastructures
5. Choosing a hybrid strategy - management and security practices to get the utmost resource flexibility

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices and Security Considerations

  2. 2. Agenda & Speakers ® Rishi Vaish VP of Product Amrit Williams CTO • RightScale’s State of the Cloud survey • Why hybrid cloud is the standard of choice • 3 strategies for existing cloud server workloads • Benefits and security challenges of migrating to cloud infrastructures • Choosing a hybrid strategy
  3. 3. Cloud Usage is Ubiquitous…
  4. 4. Enterprises are Choosing Multiple Clouds
  5. 5. 0% 20% 40% 60% 80% 100% Cloud Beginners Cloud Explorers Cloud Focused %ofRespondents Benefits Grow with Cloud Maturity % of Respondents Reporting these Benefits CapEx to OpEx Business continuity IT staff efficiency Geographic reach Higher performance Cost savings Faster time-to-market Higher availability Faster access to infrastructure Greater scalability Adoption is Driven by Clear Benefits Source: RightScale 2014 State of the Cloud Report
  6. 6. What about Existing Workloads? How can I migrate existing workloads to the cloud?
  7. 7. What Everyone Wants vSphere AWS or other clouds Greenfield workloads Migrated workloads
  8. 8. Best Practice 1; Understand the realities Best Practice: Understand the Realities
  9. 9. • Newer OS versions • SSL termination • Clustering of LBs • App clustering • Multi-cast • Shared Filesystems • Static IPs 14 Considerations for Migration 8 • Licensing • Tenancy • Scale-down Logic • Bandwidth • Virtual IP requirements • Multi-master DB • Database I/O requirements
  10. 10. Three Strategies for Existing Workloads 9 Manage natively Migrate elsewhere Make portable
  11. 11. Best Practice: Be Smart about Strategy Photo: stevendepolo
  12. 12. Segment Your App Portfolio • Web architecture • Elastic design • Monolithic • Legacy • Traditional vendors Cloud-Ready • Greenfield • Designed for cloud Elastic Web Traditional
  13. 13. Assess Apps for Cloud Readiness 12 REFACTOR DON’T MIGRATE HOLD OFF QUICK WINS Technical Fit BusinessImpact App 1 App 7 App 3 App 12 App 4 App 6 App 2 App 5 App 8 App 11 App 10 App 9
  14. 14. Best Practice 3; Consider portability Best Practice: Plan for Portability
  15. 15. • Lifecycle-based multi-cloud deployment • Dev vs. Test vs. Staging vs. Prod • New (Unpredictable) vs. Mature (Steady-State) • Disaster Recovery • Private for primary, Public for backup • Geographic Reach • Use clouds in different geographies • Arbitrage costs • Leverage different clouds based on costs • Cloudbursting • Base capacity in private, burst to public Why Portability? 14
  16. 16. How to Make Portable Apps 15
  17. 17. RIghtScale Cloud-Enables your Enterprise Your Cloud Portfolio Self-Service Cloud AnalyticsCloud Management Manage Govern Optimize RightScale Cloud Portfolio Management Public Clouds Private Clouds Virtualized Environments
  18. 18. What about Security and Compliance?
  19. 19. Place Cloud Beginners Cloud Focused #1 Security (31%) Compliance (18%) #2 Compliance (30%) Cost (17%) #3 Managing multiple cloud services (28%) Performance (15%) #4 Integration to internal systems (28%) Managing multiple cloud services (13%) #5 Governance/Control (26%) Security (13%) Top 5 Challenges Change with Maturity Top 5 Challenges Change with Cloud Maturity Source: RightScale 2014 State of the Cloud Report
  20. 20. What makes cloud infrastructure great also breaks existing security approaches 19 Virtualized networks New topologies Highly Portable Highly dynamic Shared infrastructure These cloud “pros” become security “cons”
  21. 21. The days of simple infrastructure security… 20
  22. 22. … have given way to tremendous complexity. 21
  23. 23. The problem becomes more challenging in multi- cloud environments 22 Cloud Provider A Cloud Provider B Private Datacenter www- 4 ! www- 5 ! www- 6 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www-1 www-2 www-3 www-4 Workloads become highly transient across multiple cloud environments. ww w-4 ww w-4 ww w-4 ww w-4
  24. 24. Traditional Security Solutions Break… 23 Endpoint Security • Resource intensive • Licensing models • Do not work across disparate cloud environments Virtual Appliances • No hardware acceleration • No gateway to deploy against • Do not well work across disparate cloud environments Hypervisor Security • Affects density of virtualized environments • Limited visibility into workloads themselves • Cannot deploy into public cloud infrastructures
  25. 25. Cloud Security Responsibility Has Added More Complexity 24 Customer Responsibility Provider Responsibili ty Physical Facilities Compute & Storage Shared Network Hypervisor Virtual Machine Data App Code App Framework Operating System “…the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes Shared Responsibility Model
  26. 26. Addressing security & compliance needs as infrastructure models migrate to cloud 25 • Strong access control – User-auditing, privilege access monitoring, multi-factor authentication, device verification, etc… • Exposure management – Vulnerability assessment, configuration security monitoring, file integrity monitoring, etc… • Compromise prevention – Firewall management, application whitelisting, intrusion detection / prevention, data leak prevention, etc. • Security & compliance intelligence, adherence to corporate policies – Reporting and analytics, auditing, and standardized policy implementation, etc. Needs Haven’t Changed • Must work anywhere – Traditional environments, public cloud infrastructures, private cloud infrastructures and hybrid cloud environments • Diminished to no visibility and control – Underlying security and control maintained by the infrastructure provider • Hardware device limitations – Traditional network appliance or security approaches that leverage underlying hardware are not effective or appropriate • Dramatically higher rate of code & infrastructure change – Highly transient workloads often in a Delivery Parameters Have
  27. 27. CloudPassage Halo 26 • Highly automated security & compliance platform • Builds security directly into compute workloads • Secures any compute workloads, at any scale • Supports any cloud or datacenter environment • SaaS delivery model
  28. 28. Halo secure workloads anywhere at any scale and extends existing security investments 27 Halo API Halo Portal
  29. 29. #28# #rightscale Q & A and Resources Access the 2014 State of the Cloud Report: RightScale.com/lp/2014-state-of-the-cloud-report Start a Free Trial of Halo CloudPassage.com/halo Check out our blogs rightscale.com/blog blog.cloudpassage.com ®