Presented at MPLS 2010 Oct 24-27 Washington D.C.
Monique Morrow, Cisco Distinguished Consulting Engineer, discussed the role of the network in developing as a base for cloud computing in developing XaaS models across a private backbone vs offering Cloud-based services over the Internet.
The presenter further presented the potential evolution of Cloud Computing in the form of Private, Hybrid and Inter-Cloud.
Service Level Management and Security are also highlighted themes in this presentation.
An overview of the various standards organizations and forums that may be specific to cloud computing and emerging inter-cloud was also provided
Discussion and takeaway - the value of these models to your business.
Open Data Center Alliance Solution Provider Panel Discussion at 2011 Intel Developer Forum
Panel: Marvin Wheeler, ODCA Chair; Winston Bumpus, VMware; Brent Schroeder, Dell; Shannon Williams, Citrix; Gordon Haff, Red Hat; Sanjog Gad, EMC
This lecture was given by Professor June Sung Park at Korea Advanced Institute of Science and Technology in the 2012 Cloud Conference held in August 2012 by Electronic Times in Korea.
Open Data Center Alliance Solution Provider Panel Discussion at 2011 Intel Developer Forum
Panel: Marvin Wheeler, ODCA Chair; Winston Bumpus, VMware; Brent Schroeder, Dell; Shannon Williams, Citrix; Gordon Haff, Red Hat; Sanjog Gad, EMC
This lecture was given by Professor June Sung Park at Korea Advanced Institute of Science and Technology in the 2012 Cloud Conference held in August 2012 by Electronic Times in Korea.
Hybrid clouds are quickly forming on the horizon, and they are transforming the way that organizations do business. Join David Butler, SVP of Marketing at Eucalyptus, Judith Hurwitz, President and CEO, and Marcia Kaufman, COO and partner, of Hurwitz & Associates and co-authors of “Hybrid Cloud For Dummies” to learn what this new cloud deployment model is all about.
2010 Software Licensing and Pricing Survey Results and 2011 PredictionsFlexera
2010 Software Licensing and Pricing Survey Results and 2011 Predictions by Amy Konary, Director, Software Pricing and Licensing, IDC
Presented at SoftSummit 2010
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
While service-based infrastructure can improve TCO and streamline IT management, it also presents some challenges that need to be met head-on. How do you ensure your data is secure in transit and available when you need it? How do you manage and communicate with your infrastructure? How do you enable service quality metrics and disaster recovery? And, how do you integrate data from legacy systems with data from web-based systems? Join AT&T and Informatica as they share their experience in building and managing cloud applications and infrastructure.
Get ready to deliver Windows desktops and apps like a cloud provider with Pro...Citrix
At Synergy in San Francisco, Citrix announced a bold new project aimed at enabling enterprises and service providers to deliver Windows desktops and apps as a true cloud service. Project Avalon promises to revolutionise the delivery of IT services by enabling enterprise customers to build and leverage private, public and hybrid clouds to deliver access to desktops, apps and data anywhere. Join us to learn what you can do to prepare for Project Avalon.
Steve Abrams reviews Open Services for Lifecycle collaboration - objectives, technical and community approach, process, and progress. Originally presented at Rational Software Conference in June, 2009
Infrastructure components configure and deploy 24 hiapc fabrizio volpeFabrizio Volpe
Infrastructure components configure and deploy
In collaboration with IEEE Computer Society, the Cloud Security Alliance and Dell, Microsoft is hosting a 24 Hours in a Private Cloud virtual event
Hybrid clouds are quickly forming on the horizon, and they are transforming the way that organizations do business. Join David Butler, SVP of Marketing at Eucalyptus, Judith Hurwitz, President and CEO, and Marcia Kaufman, COO and partner, of Hurwitz & Associates and co-authors of “Hybrid Cloud For Dummies” to learn what this new cloud deployment model is all about.
2010 Software Licensing and Pricing Survey Results and 2011 PredictionsFlexera
2010 Software Licensing and Pricing Survey Results and 2011 Predictions by Amy Konary, Director, Software Pricing and Licensing, IDC
Presented at SoftSummit 2010
Building and Managing Cloud Applications and InfrastructureDarren Cunningham
While service-based infrastructure can improve TCO and streamline IT management, it also presents some challenges that need to be met head-on. How do you ensure your data is secure in transit and available when you need it? How do you manage and communicate with your infrastructure? How do you enable service quality metrics and disaster recovery? And, how do you integrate data from legacy systems with data from web-based systems? Join AT&T and Informatica as they share their experience in building and managing cloud applications and infrastructure.
Get ready to deliver Windows desktops and apps like a cloud provider with Pro...Citrix
At Synergy in San Francisco, Citrix announced a bold new project aimed at enabling enterprises and service providers to deliver Windows desktops and apps as a true cloud service. Project Avalon promises to revolutionise the delivery of IT services by enabling enterprise customers to build and leverage private, public and hybrid clouds to deliver access to desktops, apps and data anywhere. Join us to learn what you can do to prepare for Project Avalon.
Steve Abrams reviews Open Services for Lifecycle collaboration - objectives, technical and community approach, process, and progress. Originally presented at Rational Software Conference in June, 2009
Infrastructure components configure and deploy 24 hiapc fabrizio volpeFabrizio Volpe
Infrastructure components configure and deploy
In collaboration with IEEE Computer Society, the Cloud Security Alliance and Dell, Microsoft is hosting a 24 Hours in a Private Cloud virtual event
RightScale Webinar: Considerations For Choosing Cloud ProvidersRightScale
RightScale has deep experience with a wide range of cloud providers, so customers often ask us for advice on which public and private clouds are right for their use cases. While there is no one right answer, we share an evaluation framework for selecting a portfolio of clouds that meets your strategic needs.
We provide an in-depth look at how to align your cloud infrastructure selection with your technical and business requirements.
1. How many clouds will you need?
2. How should you build a cloud portfolio?
3. Public, private, or hybrid? Which type is best for each use case
4. Six considerations for selecting the right cloud
Making of a Successful Cloud Business:
Current Status & Future Requirements
Rajarshi Bhose and Sumit Kumar Bose
Infosys Technologies Limited
Delivered as part of Cloud symposium, at ACM Bangalore COmpute 2009.
Cisco will be at OFC, the world’s premier optical event again showcasing our industry leading Packet Optical Convergence innovations and solutions. We encourage you to be part of the experience by visiting our Exposition booth (#3109) where you can interact with Cisco demonstrations, technical experts and Cisco Service Provider executives.
[Infographic] Cisco Visual Networking Index (VNI): Mobile-Connected Devices p...Cisco Service Provider
This Cisco Visual Networking Index (VNI) Global Mobile Data Traffic Forecast infographic provides some of the global and regional highlights from the updated study that covers forecast for 2014 to 2019.
For more information, please tweet us @CiscoVNI and follow our hashtag #VNI, and visit: http://cs.co/vnilpss.
[Infographic] Cisco Visual Networking Index (VNI): Mobile Users GrowthCisco Service Provider
This Cisco Visual Networking Index (VNI) Global Mobile Data Traffic Forecast infographic provides some of the global and regional highlights from the updated study that covers forecast for 2014 to 2019.
For more information, please tweet us @CiscoVNI and follow our hashtag #VNI, and visit: http://cs.co/vnilpss.
Operating costs decrease and agility increases, allowing you to react quickly to new market opportunities.
http://www.cisco.com/web/offers/sp04/simplifying-operations/index.html?KeyCode=000947566
Service creation is simpler and delivery is faster, allowing you to react quickly to new market opportunities.
http://www.cisco.com/web/offers/sp04/entering-new-markets/index.html?KeyCode=000947734
What if the orchestrator could also automate the deployment and configuration of an accompanying service assurance solution, tailored to the specific services being delivered? This is now becoming a reality using a concept called Orchestrated Assurance.
Operator Drives Bandwidth Efficiency and Optimizes Satellite Link PerformanceCisco Service Provider
Providing network connectivity and services, such as data, voice, live TV, high- definition (HD) on-demand video, and mobile services, EMC caters to customers with operations in some of the most remote corners of the planet. Managing satellite bandwidth requires sophisticated monitoring tools to ensure consistent performance of voice, video and data during events, such as rain, that can affect the quality. This telecommunications leader prides itself on delivering carrier-class services through its global mobility platform, using its hybrid satellite and terrestrial broadband network.
The EMC network features fully meshed, Multiprotocol Label Switching (MPLS) enabled and interconnected teleports in the United States, Europe, South America, Africa, and Asia. With EMC’s proprietary tools, it can manage and optimize every megabyte delivered. Its customer-facing tools further maximize every bit delivered over each customer’s WAN and LAN.
Application Engineered Routing Segment Routing and the Cisco WAN Automation ...Cisco Service Provider
The Cisco® Application Engineered Routing solution provides end-to-end control over how the network infrastructure transports applications. In the past, dedicated clusters of servers would deliver specific applications, but the number and diversity of applications continue to increase as the infrastructure becomes more converged.
Traffic patterns are dynamically changing and new applications come with specific transport requirements. Combining Segment Routing (SR) with the Cisco WAN Automation Engine (WAE) provides the necessary intelligence to optimize network resources and make informed decisions dynamically, helping to ensure a consistent, high-quality customer experience.
This white paper describes SR and the Cisco WAE and highlights how they work together to deliver an intelligent, dynamic, highly optimized network.
Research Highlight: Independent Validation of Cisco Service Provider Virtuali...Cisco Service Provider
Service providers want to know how they can build and run programmable, intelligent, responsive, efficient, flexible, and highly secure yet open networks with a high degree of automation. They want to be able to configure and activate new services quickly, utilize emerging cloud capabilities, and meet customer needs. Nimble, smart innovators in the global communications and networking industry are working on the answers and coming up with solutions every day. But providers need to know if these next-generation technologies can already meet their requirements today
In the world of service providers and networks, the demand for new and better services continue to grow, while the networks must expand and quickly adapt to these demands. One way that operators are evolving their network is to adopt some of the latest technologies like NFV (network functions virtualization). Infonetics recently found that 35 percent of the worldwide telecom carriers they surveyed are planning to deploy NFV in 2015. They are doing this because they believe that NFV and its SDN (software-defined networking) architecture will deliver benefits in service agility and new revenue, operational efficiencies and capex savings. Finding new ways to build revenue paths out of the network is critical for operators today as they innovate to find new sources of revenues.
Operators have been looking to Policy to help them find new ways to find value in their network. Specifically, they need a policy platform which can help them quickly adapt to build new services and even new networks for other operators or enterprises. We are now announcing the availability of Cisco Policy Suite version 7.5 for download. With it, operators will benefit from NFV-based policy enforcement and new access selection technologies. These new capabilities are enabling service providers to not only use policy software to open new services and markets, but they are also providing policy to the handset to ensure the best access method for the end user.
Deploy New Technologies Quickly with Cisco Managed Services for Service Provi...Cisco Service Provider
Service providers’ businesses and operations are undergoing major changes. New initiatives, like IP convergence, cloud, software-defined networks and network virtualization, are driving new business models. These initiatives are also creating opportunities for new revenue streams and greater efficiencies. Speed, agility and flexibility are required for fast access to IT and new applications. Now is the time to invest effort and resources in figuring out how to make this opportunity work for you. You have a chance to disrupt rather than being disrupted.
Segment routing is a network technology focused on addressing the pain points of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It’s a foundation for application engineered routing because it prepares the networks for new business models where applications can direct network behavior.
Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era.
Segment routing enables enhanced packet forwarding behavior. It enables a network to transport unicast packets through a specific forwarding path, other than the normal shortest path that a packet usually takes. This capability benefits many use cases, and you can build those specific paths based on application requirements.
Segment routing uses the source routing paradigm. A node, usually a router but it can also be a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows you to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. To be aligned with modern IP networks, segment routing supports equal-cost multipath (ECMP) by design, and the forwarding within a segment-routing network uses all possible paths, when desired.
Cisco Virtual Managed Services: Transform Your Business with Cloud-based Inn...Cisco Service Provider
Service providers face big challenges along with tremendous opportunities. Maturing technologies such as software-defined networking (SDN), network function virtualization (NFV), cloud, and open-source software are enabling exciting business innovations and market disruptions. To keep up with the pace of change today, you need to rethink how to engage with your customers to meet their business needs. At Cisco, we have the right approach to harness the transformative power of the cloud, SDN, and NFV. The Cisco® Virtual Managed Services Solution portfolio provides a rich set of secure cloud-based network services with prepackaged software capabilities over any access technology. The Cisco Virtual Managed Services solution makes it easy for you to deploy, manage, and sell new premium cloud managed services while reducing current operating expenditures (OpEx) and accelerating time to revenue.
Imagine if you could deploy highly secure new services at web speed on demand to customers and partners - complete with personalized capabilities. With this environment you’re creating innovative new services in minutes, not months, accelerating your time-to-revenue while reducing operational costs on an open platform. You have pre-packaged software service solutions that help you transform your business and the businesses of your customers. And you’re letting your customers use their existing customer premises equipment (CPE), to connect to virtual services from the cloud, reducing capital costs and business risk associated with rolling out new services.
It’s all possible with the Cisco Virtual Managed Services Solution based on the combination of the complementary Cisco Evolved Programmable Network (EPN) and the Cisco Evolved Services Platform (ESP). This open infrastructure and software combined with industry leading service orchestration, software-defined networking (SDN), and network functions virtualization (NFV) technologies automate the delivery of business services tailored to your customers from the cloud.
Cisco cBR-8 Evolved CCAP: Deliver Scalable Network and Service Growth at a Lo...Cisco Service Provider
An explosion of new over-the-top (OTT) video services and consumer devices is placing huge demand on cable access networks. To compete for new customers and retain the loyalty of existing ones, multiple system operators (MSOs) will need to expand capacity substantially, rolling out new services and gigabit tiers.
As they strive to meet insatiable market demand and stay competitive, MSOs are looking at significant access network capital expenditures (CapEx) increases over the next 5 years - and steadily rising operating expenses (OpEx) due to higher power costs and a larger network footprint. But current integrated Cisco® Converged Cable Access Platform (CCAP) solutions are limited to supporting only 24 to 32 channels per service group, and they are not designed to support DOCSIS® 3.1 at scale. Using these platforms, MSOs would need to significantly increase CapEx spend in order to compete with gigabit billboard rates and keep pace with growth.
Alternatively, MSOs can use the Cisco cBR-8 Converged Broadband Router, a full-spectrum CCAP-compliant platform that is designed to support DOCSIS 3.1. The Cisco cBR-8 enables cable operators to offer multigigabit broadband and Internet of Everything (IoE) services, and provide a path to virtualization. It empowers MSOs to scale economically to deliver more capacity and best-in-class services with much lower total cost of ownership (TCO).
This white paper examines the consumer trends affecting cable access networks and the projections for how the network and services will evolve in the coming years. It provides a long-term economic analysis of an evolved access network using the Cisco cBR-8, compared with competitive Advanced Telecommunications Computing Architecture (ATCA) platforms. And it demonstrates how MSOs will be able to meet capacity and service demands over the next several years at a 40-percent savings in hardware, space, and power costs.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
"Impact of front-end architecture on development cost", Viktor Turskyi
MPLS 2010: Network Enabled Cloud and Service Models
1. Network Enabled Cloud and Service Models
Monique J. Morrow
Cisco
mmorrow@cisco.com
www.mpls2010.com
Insert Company
Logo Here
2. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
3. Common Taxonomy
Cloud Framework from NIST
Essential Measured
Rapid Elasticity
Characteristics Service
On-Demand Broad Network Resource
Self Service Access Pooling
Service Software as a Infrastructure
Platform as a
as a Service
Models Service (SaaS) Service (PaaS)
(IaaS)
Deployment
Models Public Private Hybrid Community
http://www.csrc.nist.gov/groups/SNS/cloud-computing/index.html
Insert
Company
Logo Here
4. Cloud Services Taxonomy
SaaS Enabled Applications
Software as a CRM/ERP Desktop Apps
Service (SaaS)
End Users
UC Video Other Apps
Platform Enabled Applications
Platform as a Billing Collaboration
Service (PaaS) Developers
Apps Dev Workflow Metadata
Infrastructure Enabled Services
Business Data
Infrastructure as a
Service (IaaS) System Infrastructure
IT Department
Hosted Hardware Grid
Insert
Company
Logo Here
5. Applications in the Cloud
Supporting Hybrid: Not One-Size-Fits-All
Future
Data “Trust” (Verifiable)
- Secure and Private
- Compliant
Strategic
Today
Development and Test
Web Apps (some)
Media Distribution Service
Levels
Large Scale Compute/Storage
Mission
Critical Insert
Company
Logo Here
6. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
7. Hybrid Cloud for Enterprise Extension
Multi-Tenant SP
virtual private cloud services
IaaS
Enterprise
- w/security Enterprise
Internal Cloud - SLA support Virtualized DC
Enterprise
Virtualized DC
Internet
Seamless Extension of the Enterprise DC (IaaS)
(elastic compute, storage, network, services)
Insert
Company
Logo Here
8. Challenge: Tightly Integrating Network
Services
One-size-fits-all makes it
easier, but at the expense of
functionality
More than just VMs on a
VLAN!
Scaling becomes a challenge
with just 20K VM’s and 100’s
of tenants
Requires understanding of
NW service abstraction,
template-based
configuration, tiered network
designs
Insert
Company
Logo Here
9. Network Factored Cloud
App Tiers in a Typical DC Branch Branch
DC
Dept/Customer 1 Dept/Customer 2
Internet MAN/WAN/SP Net
Web Tier
DMZ
App Tier
Core
Distribution
DB Tier
Aggregation
Storage Tier
Dept 2 Dept 1
App 6 App 1
Tiered Network:
Access
Storage
SAN/NAS DB 2 DB 1
Access: App tiers reside here
Aggregation, distribution, core SAN
Outsource
(part of app tiers may reside here) to Cloud
DMZ Insert
Campus core/MAN/WAN edges
Company
Logo Here
10. Multi-tenant Cloud DC
Need Support for Following, for Example: (Via Support Of API,
vDC Configuration Spec A La OVF)
Isolate vDCs not just VM level, but also at network level
Network service or capability insertion (virtual or physical) at various layers on-demand
Isolation
Dept/Customer 1 Dept/Customer 2
Network QoS
Firewall
VPN
Storage Tier
Network QoS
SSL Acceleration
App Tier Load Balancing
Firewall
Network QoS
DB Tier Load Balancing
Firewall
Network QoS
Storage Tier VSAN
Insert
Company
Logo Here
11. Hybrid Cloud With Intelligent Network - High Level Use Case
Additional Capacity
Needs – Request
Cloud Cloud Resources
Data Center
Internal
Data Center
Check Availability,
Performance,
Determine Optimal
Location
Cloud VPN Self-provision Network
Tenant, Virtual
Core Compute, Storage,
Cloud
Data Center VPN
Workloads
Deployed
Cloud
Data Center
‘Pay-as-you-go’ for compute, storage, network
Insert
Company
Logo Here
12. Changing the Approach
Current state Cloud Aware Infrastructure
Periodic polling from Real-time publishing of state
network mgmt system to from Network Devices – Scales
devices does not scale well
Management plane driven Network Control plane reduces
– Scaling is achieved using the scaling challenges of
technologies like clustering management plane
Policy Definition and Policy Definition resides in
Enforcement happens in Management tool &
Management tool - communicates via Service
requires update for every Layer APIs to Network Elements
new device, flow, model to enforce policy
Insert
Company
Logo Here
13. Where to Provision the Tenant?
Utilizing Network Intelligence
Key for many SP applications
Video – where to go that’s closest for particular video segment
Mobile – where to go for resources needed for a particular customer
Cloud (intra-DC) – workload positioning across pods within a DC
Cloud (inter-DC) – workload positioning across DCs within an NGN
Network can provide more than just proximity information
View into not only topology but performance data, link costs, etc.
API call provides customer identity, policy, requirements, receives top
location(s) of / for resources
Insert
Company
Logo Here
14. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
15. Cloud Management
Not traditional management Cloud User Admin (CUA)
vDC Creation and VPN
Association
Everything has to be on-demand,
on-line and elastic Cloud Service
Mgmt MW
Cloud Service Component
If management layer does not have Service Composition
Service Composition
on-line, on-demand interfaces, it (Via OVF Spec, for
Example)
will be not be suitable for Cloud Cloud Provider
+ + + Corp VPN
Admin (CPA)
Static provisioning has
to be minimal, if at all Cloud Infra
Management Decompose Services
and Orchestrate
Autonomic flow-through Provisions
+ + + Corp VPN
provisioning should be the norm
Compute, storage and network Compute Element Storage Element Network Service Network Service
managed as a whole, interrelated,
Management Management Mgmt L4–7 Mgmt L2–3 VPN
not in isolation
Corp VPN
Provisions
On-demand
Insert
Company
Logo Here
16. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
17. Cloud Security Threats and Issues
Where is my data?
Geographical location of data
Who is accessing it on the physical and virtual servers?
Is it segregated from others?
Can I recover it?
What is the threat vector for cloud services?
Will it be heavily targeted?
How do I identify the weakest link in cloud
services security chain?
Would centralization of data bring more security?
Federated trust and identity issues
Who would manage risk for my business assets?
And, can I comply with regulatory requirements
set by (choose your standards body)
Insert
Company
Logo Here
18. Private Cloud
Private Cloud Security
What is a Private Cloud?
– It’s Private ;-)
– You have control of everything
– You decide the security policy
– No need for total seperation of resources (some
exceptions apply)
– Need to secure virtual machines and services
Insert
Company
Logo Here
19. Public Cloud
Public Cloud Security
What is a Public Cloud?
– You are sharing a public infrastructure with others
– You do not have control of the infrastructure
– You do not decide the common security policy
– You control access to the leased infrastructure (IaaS/PaaS)
– You control access to your own services (IaaS/PaaS/SaaS)
– You need to work together with the Cloud Provider to establish
trust and control
Need to set up a framework for controlling SLA’s and
ensure that Security/Monitoring/Compliance/Audit
requirements are fulfilled
Insert
Company
Logo Here
20. Securing Clouds – Approach
As with any security area, organizations should adopt
a risk-based approach to moving to the cloud and
selecting security options (*)
– Identify the asset for the cloud deployment
– Evaluate the asset
– Map the asset to potential cloud deployment models
– Evaluate potential cloud service models and providers
– Sketch the potential data flow
– Conclusion / Decision
* Cloud Security Alliance Whitepaper v2.1
Insert
Company
Logo Here
21. What Assets Do We Protect?
Company reputation
Customer trust
Employee loyalty and experience
Intellectual property
Service delivery
Personal data
Credentials
User directory
Cloud service management interface
Network
Physical hardware
Buildings
Logs
Backup or archive data
Insert
Company
Logo Here
22. Risks
Policy and organizational
Lock-in, Loss of governance, Compliance challenges, Cloud
service termination or failure, Supply chain failure
Technical
Resource exhaustion, Isolation failure, Cloud provider malicious
insider, Management interface compromise, Intercepting data in
transit, Insecure or ineffective deletion of data, DDoS
Legal
Subpoena and e-discovery, Changes of jurisdiction, Data protection
risks, Licensing risks
Non cloud
Network breaks, Network management, Modifying network traffic, Privilege
escalation, Social engineering
Insert
Company
Logo Here
23. Benefits
Security and the benefits of scale
Multiple locations
Edge networks
Improved timeliness of response: larger to incidents
Threat management
Security as a market differentiator
Standardized interfaces for managed security services
Rapid, smart scaling of resources
Audit and evidence-gathering
More timely and effective and efficient updates and defaults
Benefits of resource concentration
Insert
Company
Logo Here
24. Securing Clouds – Approach
As with any security area, organizations should adopt a
risk-based approach to moving to the cloud and selecting
security options (*)
– Identify the asset for the cloud deployment
– Evaluate the asset
– Map the asset to potential cloud deployment models
– Evaluate potential cloud service models and providers
– Sketch the potential data flow
– Conclusion / Decision
* Cloud Security Alliance Whitepaper v2.1
Insert
Company
Logo Here
25. Evaluate the asset
How Important is the asset, what is the harm if
the asset became widely public and widely distributed?
an employee of our cloud provider accessed the asset?
the process or function were manipulated by an outsider?
the process or function failed to provide expected results?
the information/data were unexpectedly changed?
the asset were unavailable for a period of time?
Confidentiality, integrity and availability requirements
when (part of) the resource is in the cloud
Insert
Company
Logo Here
26. Security as a Service — Assessments
Regulatory Compliance Audits and Reports
Vulnerability Assessment
Define Security Policies
Global Security Intelligence Center Automate
Mitigate risk and eliminate
Insert
Monitor and measure network compliance
Company
Distribute security and compliance reports Logo Here
27. References
NIST Cloud Definition
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc
ENISA Cloud Computing Risk Assessment
http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-
computing-risk-assessment/at_download/fullReport
Cloud Security Alliance
http://cloudsecurityalliance.org/
Insert
Company
Logo Here
28. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
29. The Inter-Cloud
Apps Integrate Services
from Multiple Clouds
Naming/Discovery
Trust
Exchange/Peering
Apps Integrate Services
Dynamic Workload from Multiple Clouds
Migration
Insert
Company
Logo Here
30. Inter-cloud Potential for Disruption
Interoperable Server
Side Protocols and
Formats
Proprietary Proprietary
Computing, Storage Computing, Storage
Client Client
SVMP*, SSRP*, SOIP*
Proprietary Proprietary
Computing, Storage Computing, Storage
Client Client
*Simple VM Mobility Protocol
*Simple Storage Replication Protocol
*Simple Other Inter-cloud Protocols As Needed Insert
Company
Logo Here
31. Evolution of the Cloud Computing Market
from Stand-alone to the Inter-cloud
Open Cloud
(Federations)
Private Cloud Private Cloud
Virtual
Inter Cloud
Private Cloud
Stand Alone
Data Centers
Public Cloud Public Cloud Public Cloud (1) Public Cloud (2)
Phase 1 Phase 2 (Present) Phase 3 Phase 4 (2015–2017)
Federation/Workload Portability/
Insert
Interoperability/Security Company
Logo Here
32. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
33. Where Is the Standards Work to be Done?
CSA DMTF
NIST IEEE
OGF
ETSI-TC Grid MEF
ITU-T
And More…. SNIA
CCIF
OCM
OASIS
NCOIC IETF
OCM LA TMF
Insert
Company
Logo Here
34. Interoperability Standards
Common Interfaces/APIs for Cloud services
offered by Cloud SP (CSP)
OCCI for compute, SNIACDMI for storage
Not much for network, such as standard API for Virtual private Cloud
(VPC), load-balancing (LB), firewall, QoS, bandwidth and other services
Workload mobility/migration with following elements moving between
Clouds (End user to CSP to Enterprise to CSP, CSP to CSP)
Virtual DC (vDC) with App, VM and relevant (App, VM, network) Configurations
Both static or live migration considered
OVF for vDC specification move the OVF spec
Currently lacks features, such as network related
No standard VM (disk) format
Insert
Company
Logo Here
35. Agenda
Service and Deployment Models
Factoring the Network Into the Cloud
Cloud Management
Cloud Security
Inter-cloud
Standards
Summary
Insert
Company
Logo Here
36. Summary
Cloud Computing Represents a Shift in how
Application and Data Center Resources
Will be Architected and Consumed
Sample Areas for Standardization:
Network abstraction, virtualization
Cloud security
Federation and interoperability
Innovation – What disrupts YOU?
Insert
Company
Logo Here