The document outlines VMware vCloud Air's security infrastructure and shared responsibility model between the service provider and customer. It emphasizes the ability to integrate existing security measures and maintain seamless networking and security policies across cloud environments. Additionally, it lists compliance certifications and resources for further learning about vCloud Air's security features.

1. © 2014 VMware Inc. All rights reserved.
VMware vCloud Air: Security
Infrastructure and Process
Overview
Formerly known as vCloud Hybrid Service

2. Cloud Provider vs. Customer Responsibilities
Service Provider
Customer
Responsibility of Security
2

3. Threat Model for Cloud Services
3

4. Our Mantra - Bring Your Own Security
Options for our customers
Bring your existing security
along with your workloads
Work with our security
Extend your security with the same solutions that work for you today
INTEGRATE Common security controls that span private and public clouds, linking them seamlessly.
OR
4

5. Seamless Networking: VMware vCloud® Air™ Is
Just Another Remote Site
vCloud Air
Same Networking &
Management
Constructs
Same Security
Policies
Your Data Center
BYO security policies
and IPV4 layer 3
address spaces
Highly available edge
gateways
Configure
networking at
granular levels
Flexibility Freedom Resiliency
Software-Defined
Data Center
5

6. vCloud Air Is Just Another Site – Security
The Same
Security Policies
Integrated L4-7
services for
Firewall/NAT,
IPSec VPN, Load
Balancers, VXLAN
gateways
Your Data Center vCloud Air
Data Center Extensions that Integrate Seamlessly
Primary
Regional Office
Regional Office
US Data Centers
EMEA Data Centers
6

7. vCloud Air Shared Responsibility– Security
7

8. vCloud Air Security Operations – Cycle of Security
Intrusion
Detection
Geo/Political,
Disasters
(Natural and Man
Made)
Insider Threats
Public Reports/
ExploitsInternal Reports
Incident
Response
OSINT
(Intelligence)
8 Confidential 8

9. Complete Cloud Security
• vCloud Network and Security
• IPSec VPN tunnel
• Firewall, switching, routing
• DHCP, NAT
• MyVMware integration
• Secure SSO
• Multiple levels of authentication
• Role Based Access Control
• Shared responsibility
• App traffic encrypted in VPN
tunnels
• Completed Certifications:
• SSAE16 SOC1/2 Type 2
• ISO27001:2005
• HIPAA
Infrastructure Application
NetworkUser
9

10. vCloud Air Certifications and
Examinations
10

11. Compliance Examinations and Security Certifications
ISO 27001:2005
SOC 1 Type 2 (SSAE 16)
SOC 2 Type 2
HIPAA/HITECH
AT101 Reports available with a Signed NDA
11
For the latest certifications, go to:
http://vcloud.vmware.com/service-offering/security-compliance

12. Go To VMware Cloud Academy
• See a video of this presentation and
others to learn more about vCloud
Air
• Condensed VMworld jump start
presentations delivered by technical
subject-matter experts
• Free and ungated to learn at your
own pace
• All videos under 15 mins!
• Test your knowledge by taking a
quiz
• Download vCloud Air eBook and
other assets and tools
12
http://vcloud.vmware.com/cloud-academy

13. Thank You