Virutalization and the Future of Datacenter Security
1. The Future Of Datacenter Security Charu Chaubal Senior Architect, Technical Marketing November 2008
2. Operating System Exchange Operating System Operating System VPN Operating System Operating System File/Print Operating System Operating System CRM Operating System Interconnect Pool CPU Pool Memory Pool Storage Pool Hypervisor Virtual Infrastructure Virtualization Virtualization Virtualization Virtualization Virtual Infrastructure
3. An OS for the Virtual Datacenter Virtual Infrastructure Interconnect Pool CPU Pool Memory Pool Storage Pool
5. Application-independent Uptime Mechanisms Performance Planned Downtime Unplanned Downtime Virtual Machines Server Storage Interconnect Site Recovery Manager HA VCB NIC & HBA Teaming VMotion Storage VMotion Network Redundancy VM Failure Monitoring ESX Server App OS App OS App OS App OS App OS
6. Impact #2: Desktops Look Like Servers Thin or Stateless Clients Traditional Desktops
9. Servers Can Be Managed Like Documents Publish or Retract Audit Usage Retain Dispose Document Lifecycle Management Request for VM Provisioning Delete VM Archive VM Virtual Machine Lifecycle Management Create Request Document Monitor & Adjust Resources Power-On or Suspend VM Route VM for Approval Deploy VM from Template Approve
10. File Replication, De-duplication, Check-in/out Master VM Linked Clone View Manager and View Composer Linked Clone Client Virtualization Check-In Check-Out Google Chrome Google Chrome Google Chrome Google Chrome App OS App OS App OS App OS
11.
12.
13.
14. Auto-Configuration Of App Security Web tier App tier DB tier App App App App App App App Availability = 99.99% Security = High Performance = 500 msec SLA Definitions vApp Web OS App OS DB OS
15. Dynamic Capacity, Mobility Awareness Web tier App tier DB tier Availability = 99.99% Security = High Performance = 500 msec SLA Definitions vApp Web OS App OS DB OS App App App App App App App
16. “ No free lunch” rule applies to virtualization The Good The Bad Easy machine creation “ VM sprawl” Mobility Breaks static security Abstraction layer New layer to be secured Tremendous flexibility Potential for Misconfiguration