CloudPassage, profile picture
Uploaded byCloudPassage
PPTX, PDF748 views

Webinar compiled powerpoint

The document discusses best practices and security considerations for cloud migration, highlighting the increasing adoption of hybrid cloud solutions among enterprises. Key strategies include understanding existing workload realities, planning for portability, and accounting for security challenges that arise in multi-cloud environments. It emphasizes the need for strong access control, exposure management, and the use of automated security platforms to manage compliance and security across different cloud infrastructures.

Embed presentation

Downloaded 13 times
COPING WITH CLOUD MIGRATION CHALLENGES: BEST PRACTICES AND SECURITY CONSIDERATIONS
Agenda & Speakers ® Rishi Vaish VP of Product Amrit Williams CTO • RightScale’s State of the Cloud survey • Why hybrid cloud is the standard of choice • 3 strategies for existing cloud server workloads • Benefits and security challenges of migrating to cloud infrastructures • Choosing a hybrid strategy
Cloud Usage is Ubiquitous…
Enterprises are Choosing Multiple Clouds
0% 20% 40% 60% 80% 100% Cloud Beginners Cloud Explorers Cloud Focused %ofRespondents Benefits Grow with Cloud Maturity % of Respondents Reporting these Benefits CapEx to OpEx Business continuity IT staff efficiency Geographic reach Higher performance Cost savings Faster time-to-market Higher availability Faster access to infrastructure Greater scalability Adoption is Driven by Clear Benefits Source: RightScale 2014 State of the Cloud Report
What about Existing Workloads? How can I migrate existing workloads to the cloud?
What Everyone Wants vSphere AWS or other clouds Greenfield workloads Migrated workloads
Best Practice 1; Understand the realities Best Practice: Understand the Realities
• Newer OS versions • SSL termination • Clustering of LBs • App clustering • Multi-cast • Shared Filesystems • Static IPs 14 Considerations for Migration 8 • Licensing • Tenancy • Scale-down Logic • Bandwidth • Virtual IP requirements • Multi-master DB • Database I/O requirements
Three Strategies for Existing Workloads 9 Manage natively Migrate elsewhere Make portable
Best Practice: Be Smart about Strategy Photo: stevendepolo
Segment Your App Portfolio • Web architecture • Elastic design • Monolithic • Legacy • Traditional vendors Cloud-Ready • Greenfield • Designed for cloud Elastic Web Traditional
Assess Apps for Cloud Readiness 12 REFACTOR DON’T MIGRATE HOLD OFF QUICK WINS Technical Fit BusinessImpact App 1 App 7 App 3 App 12 App 4 App 6 App 2 App 5 App 8 App 11 App 10 App 9
Best Practice 3; Consider portability Best Practice: Plan for Portability
• Lifecycle-based multi-cloud deployment • Dev vs. Test vs. Staging vs. Prod • New (Unpredictable) vs. Mature (Steady-State) • Disaster Recovery • Private for primary, Public for backup • Geographic Reach • Use clouds in different geographies • Arbitrage costs • Leverage different clouds based on costs • Cloudbursting • Base capacity in private, burst to public Why Portability? 14
How to Make Portable Apps 15
RIghtScale Cloud-Enables your Enterprise Your Cloud Portfolio Self-Service Cloud AnalyticsCloud Management Manage Govern Optimize RightScale Cloud Portfolio Management Public Clouds Private Clouds Virtualized Environments
What about Security and Compliance?
Place Cloud Beginners Cloud Focused #1 Security (31%) Compliance (18%) #2 Compliance (30%) Cost (17%) #3 Managing multiple cloud services (28%) Performance (15%) #4 Integration to internal systems (28%) Managing multiple cloud services (13%) #5 Governance/Control (26%) Security (13%) Top 5 Challenges Change with Maturity Top 5 Challenges Change with Cloud Maturity Source: RightScale 2014 State of the Cloud Report
What makes cloud infrastructure great also breaks existing security approaches 19 Virtualized networks New topologies Highly Portable Highly dynamic Shared infrastructure These cloud “pros” become security “cons”
The days of simple infrastructure security… 20
… have given way to tremendous complexity. 21
The problem becomes more challenging in multi- cloud environments 22 Cloud Provider A Cloud Provider B Private Datacenter www- 4 ! www- 5 ! www- 6 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www-1 www-2 www-3 www-4 Workloads become highly transient across multiple cloud environments. ww w-4 ww w-4 ww w-4 ww w-4
Traditional Security Solutions Break… 23 Endpoint Security • Resource intensive • Licensing models • Do not work across disparate cloud environments Virtual Appliances • No hardware acceleration • No gateway to deploy against • Do not well work across disparate cloud environments Hypervisor Security • Affects density of virtualized environments • Limited visibility into workloads themselves • Cannot deploy into public cloud infrastructures
Cloud Security Responsibility Has Added More Complexity 24 Customer Responsibility Provider Responsibili ty Physical Facilities Compute & Storage Shared Network Hypervisor Virtual Machine Data App Code App Framework Operating System “…the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes Shared Responsibility Model
Addressing security & compliance needs as infrastructure models migrate to cloud 25 • Strong access control – User-auditing, privilege access monitoring, multi-factor authentication, device verification, etc… • Exposure management – Vulnerability assessment, configuration security monitoring, file integrity monitoring, etc… • Compromise prevention – Firewall management, application whitelisting, intrusion detection / prevention, data leak prevention, etc. • Security & compliance intelligence, adherence to corporate policies – Reporting and analytics, auditing, and standardized policy implementation, etc. Needs Haven’t Changed • Must work anywhere – Traditional environments, public cloud infrastructures, private cloud infrastructures and hybrid cloud environments • Diminished to no visibility and control – Underlying security and control maintained by the infrastructure provider • Hardware device limitations – Traditional network appliance or security approaches that leverage underlying hardware are not effective or appropriate • Dramatically higher rate of code & infrastructure change – Highly transient workloads often in a Delivery Parameters Have
CloudPassage Halo 26 • Highly automated security & compliance platform • Builds security directly into compute workloads • Secures any compute workloads, at any scale • Supports any cloud or datacenter environment • SaaS delivery model
Halo secure workloads anywhere at any scale and extends existing security investments 27 Halo API Halo Portal
#28# #rightscale Q & A and Resources Start a Free Trial of Halo CloudPassage.com/halo Access the 2014 State of the Cloud Report: RightScale.com/lp/2014-state-of-the-cloud-report Check out our blogs blog.cloudpassage.com blog.rightscale.com ®

More Related Content

PPTX
45 Minutes to PCI Compliance in the Cloud
byCloudPassage
 
PPTX
Security and Compliance for Enterprise Cloud Infrastructure
byCloudPassage
 
PPT
Cloud Security: Make Your CISO Successful
byCloudPassage
 
PPTX
Rethinking Security: The Cloud Infrastructure Effect
byCloudPassage
 
PPTX
Technologies You Need to Safely Use the Cloud
byCloudPassage
 
PDF
Secure Cloud Development Resources with DevOps
byCloudPassage
 
PDF
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
byCloudPassage
 
PPTX
Pros and Cons of Moving to Cloud and Managed Services
byEagle Technologies
 
45 Minutes to PCI Compliance in the Cloud
byCloudPassage
 
Security and Compliance for Enterprise Cloud Infrastructure
byCloudPassage
 
Cloud Security: Make Your CISO Successful
byCloudPassage
 
Rethinking Security: The Cloud Infrastructure Effect
byCloudPassage
 
Technologies You Need to Safely Use the Cloud
byCloudPassage
 
Secure Cloud Development Resources with DevOps
byCloudPassage
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
byCloudPassage
 
Pros and Cons of Moving to Cloud and Managed Services
byEagle Technologies
 

What's hot

PDF
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
byRisk Analysis Consultants, s.r.o.
 
PPTX
Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys
byGeorg Knon
 
PPTX
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
byEnergySec
 
PDF
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
byAlgoSec
 
PPTX
#ALSummit: Realities of Security in the Cloud
byAlert Logic
 
PPT
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
byAlgoSec
 
PDF
Cloud university intel security
byIngram Micro Cloud
 
PPTX
Security for cloud native workloads
byRuncy Oommen
 
PDF
Microsegmentation from strategy to execution
byAlgoSec
 
PPTX
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
byAlert Logic
 
PDF
Securing Healthcare Data on AWS for HIPAA
byAlert Logic
 
PDF
best practices-managing_security_in_the hybrid cloud
byAlgoSec
 
PDF
CSA SV Threat detection and prediction
byVishwas Manral
 
PDF
Css sf azure_8-9-17 - 5_ways to_optimize_your_azure_infrastructure_thayer gla...
byAlert Logic
 
PPTX
Tying cyber attacks to business processes, for faster mitigation
byMaytal Levi
 
PDF
Migrating and Managing Security in an AWS Environment- Best Practices
byshira koper
 
PPTX
Cloud risk and business continuity v21
byJorge Sebastiao
 
PDF
Cloud Security Governance
byShankar Subramaniyan
 
PDF
The state of the cloud csa survey webinar
byAlgoSec
 
PDF
2021 01-13 reducing risk-of_ransomware
byAlgoSec
 
QualysGuard InfoDay 2013 - QualysGuard RoadMap for H2-­2013/H1-­2014
byRisk Analysis Consultants, s.r.o.
 
Webinar: Vulnerability Management leicht gemacht – mit Splunk und Qualys
byGeorg Knon
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
byEnergySec
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
byAlgoSec
 
#ALSummit: Realities of Security in the Cloud
byAlert Logic
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
byAlgoSec
 
Cloud university intel security
byIngram Micro Cloud
 
Security for cloud native workloads
byRuncy Oommen
 
Microsegmentation from strategy to execution
byAlgoSec
 
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
byAlert Logic
 
Securing Healthcare Data on AWS for HIPAA
byAlert Logic
 
best practices-managing_security_in_the hybrid cloud
byAlgoSec
 
CSA SV Threat detection and prediction
byVishwas Manral
 
Css sf azure_8-9-17 - 5_ways to_optimize_your_azure_infrastructure_thayer gla...
byAlert Logic
 
Tying cyber attacks to business processes, for faster mitigation
byMaytal Levi
 
Migrating and Managing Security in an AWS Environment- Best Practices
byshira koper
 
Cloud risk and business continuity v21
byJorge Sebastiao
 
Cloud Security Governance
byShankar Subramaniyan
 
The state of the cloud csa survey webinar
byAlgoSec
 
2021 01-13 reducing risk-of_ransomware
byAlgoSec
 

Similar to Webinar compiled powerpoint

PDF
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
byRightScale
 
PDF
RightScale Webinar: Security and Compliance in the Cloud
byRightScale
 
PDF
AWS and VMware: How to Architect and Manage Hybrid Environments
byRightScale
 
PPT
Securing Servers in Public and Hybrid Clouds
byRightScale
 
PPTX
Rightscale webinar-key-design-considerations-private-hybrid-clouds
byRightScale
 
PDF
RightScale Webinar: Key Considerations For Cloud Migration and Portability
byRightScale
 
PDF
RightScale Roadtrip - Accelerate To Cloud
byRightScale
 
PDF
RightScale Roadtrip - Accelerate to Cloud
byRightScale
 
PDF
Resetting Your Security Thinking for the Public Cloud
byMighty Guides, Inc.
 
PPTX
RightScale for the Enterprise
byMatt Small
 
PDF
AWS Services 7 Transformation Media
byPressmart Media Limited
 
PDF
RightScale Webinar: Successfully Deploy Your Windows Workloads
byRightScale
 
PDF
RightScale Roadtrip Atlanta - Accelerate to Cloud
byRightScale
 
PDF
Aws re invent hybrid cloud breakout session
byAngela_Tripp
 
PDF
3 Steps to Accelerate to Cloud
byRightScale
 
PDF
8 Elements of Multi-Cloud Security
byRightScale
 
PPTX
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
byRightScale
 
PDF
Cloud Migration and Portability Best Practices
byRightScale
 
PPTX
The Fast Path to Building a Private Cloud (With Guest Speaker from Forrester ...
byRightScale
 
PDF
Migrating to Cloud? 5 motivations and 10 key security architecture considerat...
byYew Weisin
 
RightScale Webinar: The Five Critical Steps to Develop a Cloud Strategy
byRightScale
 
RightScale Webinar: Security and Compliance in the Cloud
byRightScale
 
AWS and VMware: How to Architect and Manage Hybrid Environments
byRightScale
 
Securing Servers in Public and Hybrid Clouds
byRightScale
 
Rightscale webinar-key-design-considerations-private-hybrid-clouds
byRightScale
 
RightScale Webinar: Key Considerations For Cloud Migration and Portability
byRightScale
 
RightScale Roadtrip - Accelerate To Cloud
byRightScale
 
RightScale Roadtrip - Accelerate to Cloud
byRightScale
 
Resetting Your Security Thinking for the Public Cloud
byMighty Guides, Inc.
 
RightScale for the Enterprise
byMatt Small
 
AWS Services 7 Transformation Media
byPressmart Media Limited
 
RightScale Webinar: Successfully Deploy Your Windows Workloads
byRightScale
 
RightScale Roadtrip Atlanta - Accelerate to Cloud
byRightScale
 
Aws re invent hybrid cloud breakout session
byAngela_Tripp
 
3 Steps to Accelerate to Cloud
byRightScale
 
8 Elements of Multi-Cloud Security
byRightScale
 
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
byRightScale
 
Cloud Migration and Portability Best Practices
byRightScale
 
The Fast Path to Building a Private Cloud (With Guest Speaker from Forrester ...
byRightScale
 
Migrating to Cloud? 5 motivations and 10 key security architecture considerat...
byYew Weisin
 

More from CloudPassage

PPTX
CloudPassage Careers
byCloudPassage
 
PPTX
Transforming the CSO Role to Business Enabler
byCloudPassage
 
PPTX
SecDevOps: The New Black of IT
byCloudPassage
 
PPTX
Comprehensive Cloud Security Requires an Automated Approach
byCloudPassage
 
PPTX
Security that works with, not against, your SaaS business
byCloudPassage
 
PPTX
Integrating Security into DevOps
byCloudPassage
 
PDF
What You Need To Know About The New PCI Cloud Guidelines
byCloudPassage
 
PPTX
What You Haven't Heard (Yet) About Cloud Security
byCloudPassage
 
PPTX
Meeting PCI DSS Requirements with AWS and CloudPassage
byCloudPassage
 
PPTX
Delivering Secure OpenStack IaaS for SaaS Products
byCloudPassage
 
PPTX
CloudPassage Overview
byCloudPassage
 
PPTX
PCI and the Cloud
byCloudPassage
 
PDF
Halo Installfest Slides
byCloudPassage
 
PPTX
Automating Security for the Cloud - Make it Easy, Make it Safe
byCloudPassage
 
PPTX
BSides SF - Automating Security for the Cloud
byCloudPassage
 
PPTX
Securing Your Cloud Servers with Halo NetSec
byCloudPassage
 
PPTX
BayThreat Why The Cloud Changes Everything
byCloudPassage
 
CloudPassage Careers
byCloudPassage
 
Transforming the CSO Role to Business Enabler
byCloudPassage
 
SecDevOps: The New Black of IT
byCloudPassage
 
Comprehensive Cloud Security Requires an Automated Approach
byCloudPassage
 
Security that works with, not against, your SaaS business
byCloudPassage
 
Integrating Security into DevOps
byCloudPassage
 
What You Need To Know About The New PCI Cloud Guidelines
byCloudPassage
 
What You Haven't Heard (Yet) About Cloud Security
byCloudPassage
 
Meeting PCI DSS Requirements with AWS and CloudPassage
byCloudPassage
 
Delivering Secure OpenStack IaaS for SaaS Products
byCloudPassage
 
CloudPassage Overview
byCloudPassage
 
PCI and the Cloud
byCloudPassage
 
Halo Installfest Slides
byCloudPassage
 
Automating Security for the Cloud - Make it Easy, Make it Safe
byCloudPassage
 
BSides SF - Automating Security for the Cloud
byCloudPassage
 
Securing Your Cloud Servers with Halo NetSec
byCloudPassage
 
BayThreat Why The Cloud Changes Everything
byCloudPassage
 

Recently uploaded

PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PPTX
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Afsar Ahmed - Digital Marketing Portfolio
byAfsar Ahmed
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
INSY_7213_Theme Sessions 47 & 48 Advanced databases.pptx
bystormzy56
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 

Webinar compiled powerpoint

  • 1.
    COPING WITH CLOUD MIGRATIONCHALLENGES: BEST PRACTICES AND SECURITY CONSIDERATIONS
  • 2.
    Agenda & Speakers ® RishiVaish VP of Product Amrit Williams CTO • RightScale’s State of the Cloud survey • Why hybrid cloud is the standard of choice • 3 strategies for existing cloud server workloads • Benefits and security challenges of migrating to cloud infrastructures • Choosing a hybrid strategy
  • 3.
    Cloud Usage isUbiquitous…
  • 4.
    Enterprises are ChoosingMultiple Clouds
  • 5.
    0% 20% 40% 60% 80% 100% Cloud Beginners CloudExplorers Cloud Focused %ofRespondents Benefits Grow with Cloud Maturity % of Respondents Reporting these Benefits CapEx to OpEx Business continuity IT staff efficiency Geographic reach Higher performance Cost savings Faster time-to-market Higher availability Faster access to infrastructure Greater scalability Adoption is Driven by Clear Benefits Source: RightScale 2014 State of the Cloud Report
  • 6.
    What about Existing Workloads? How canI migrate existing workloads to the cloud?
  • 7.
    What Everyone Wants vSphere AWSor other clouds Greenfield workloads Migrated workloads
  • 8.
    Best Practice 1;Understand the realities Best Practice: Understand the Realities
  • 9.
    • Newer OSversions • SSL termination • Clustering of LBs • App clustering • Multi-cast • Shared Filesystems • Static IPs 14 Considerations for Migration 8 • Licensing • Tenancy • Scale-down Logic • Bandwidth • Virtual IP requirements • Multi-master DB • Database I/O requirements
  • 10.
    Three Strategies forExisting Workloads 9 Manage natively Migrate elsewhere Make portable
  • 11.
    Best Practice: Be Smartabout Strategy Photo: stevendepolo
  • 12.
    Segment Your AppPortfolio • Web architecture • Elastic design • Monolithic • Legacy • Traditional vendors Cloud-Ready • Greenfield • Designed for cloud Elastic Web Traditional
  • 13.
    Assess Apps forCloud Readiness 12 REFACTOR DON’T MIGRATE HOLD OFF QUICK WINS Technical Fit BusinessImpact App 1 App 7 App 3 App 12 App 4 App 6 App 2 App 5 App 8 App 11 App 10 App 9
  • 14.
    Best Practice 3;Consider portability Best Practice: Plan for Portability
  • 15.
    • Lifecycle-based multi-clouddeployment • Dev vs. Test vs. Staging vs. Prod • New (Unpredictable) vs. Mature (Steady-State) • Disaster Recovery • Private for primary, Public for backup • Geographic Reach • Use clouds in different geographies • Arbitrage costs • Leverage different clouds based on costs • Cloudbursting • Base capacity in private, burst to public Why Portability? 14
  • 16.
    How to MakePortable Apps 15
  • 17.
    RIghtScale Cloud-Enables yourEnterprise Your Cloud Portfolio Self-Service Cloud AnalyticsCloud Management Manage Govern Optimize RightScale Cloud Portfolio Management Public Clouds Private Clouds Virtualized Environments
  • 18.
  • 19.
    Place Cloud BeginnersCloud Focused #1 Security (31%) Compliance (18%) #2 Compliance (30%) Cost (17%) #3 Managing multiple cloud services (28%) Performance (15%) #4 Integration to internal systems (28%) Managing multiple cloud services (13%) #5 Governance/Control (26%) Security (13%) Top 5 Challenges Change with Maturity Top 5 Challenges Change with Cloud Maturity Source: RightScale 2014 State of the Cloud Report
  • 20.
    What makes cloudinfrastructure great also breaks existing security approaches 19 Virtualized networks New topologies Highly Portable Highly dynamic Shared infrastructure These cloud “pros” become security “cons”
  • 21.
    The days ofsimple infrastructure security… 20
  • 22.
    … have givenway to tremendous complexity. 21
  • 23.
    The problem becomesmore challenging in multi- cloud environments 22 Cloud Provider A Cloud Provider B Private Datacenter www- 4 ! www- 5 ! www- 6 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www- 7 ! www- 8 ! www- 9 ! www-10 ! www-1 www-2 www-3 www-4 Workloads become highly transient across multiple cloud environments. ww w-4 ww w-4 ww w-4 ww w-4
  • 24.
    Traditional Security SolutionsBreak… 23 Endpoint Security • Resource intensive • Licensing models • Do not work across disparate cloud environments Virtual Appliances • No hardware acceleration • No gateway to deploy against • Do not well work across disparate cloud environments Hypervisor Security • Affects density of virtualized environments • Limited visibility into workloads themselves • Cannot deploy into public cloud infrastructures
  • 25.
    Cloud Security ResponsibilityHas Added More Complexity 24 Customer Responsibility Provider Responsibili ty Physical Facilities Compute & Storage Shared Network Hypervisor Virtual Machine Data App Code App Framework Operating System “…the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes Shared Responsibility Model
  • 26.
    Addressing security &compliance needs as infrastructure models migrate to cloud 25 • Strong access control – User-auditing, privilege access monitoring, multi-factor authentication, device verification, etc… • Exposure management – Vulnerability assessment, configuration security monitoring, file integrity monitoring, etc… • Compromise prevention – Firewall management, application whitelisting, intrusion detection / prevention, data leak prevention, etc. • Security & compliance intelligence, adherence to corporate policies – Reporting and analytics, auditing, and standardized policy implementation, etc. Needs Haven’t Changed • Must work anywhere – Traditional environments, public cloud infrastructures, private cloud infrastructures and hybrid cloud environments • Diminished to no visibility and control – Underlying security and control maintained by the infrastructure provider • Hardware device limitations – Traditional network appliance or security approaches that leverage underlying hardware are not effective or appropriate • Dramatically higher rate of code & infrastructure change – Highly transient workloads often in a Delivery Parameters Have
  • 27.
    CloudPassage Halo 26 • Highlyautomated security & compliance platform • Builds security directly into compute workloads • Secures any compute workloads, at any scale • Supports any cloud or datacenter environment • SaaS delivery model
  • 28.
    Halo secure workloadsanywhere at any scale and extends existing security investments 27 Halo API Halo Portal
  • 29.
    #28# #rightscale Q & Aand Resources Start a Free Trial of Halo CloudPassage.com/halo Access the 2014 State of the Cloud Report: RightScale.com/lp/2014-state-of-the-cloud-report Check out our blogs blog.cloudpassage.com blog.rightscale.com ®

Editor's Notes

  • #13 A good place to start is by placing your app portfolio into broad categories The first is cloud native. These are applications that are designed with cloud in mind. You may have some existing applications like this in your portfolio, but you should definitely be adopting cloud-ready architectures for any new applications you create. These are “no brainers” for putting on cloud. The second is elastic web. These are applications that have been build with elastic web architectures, for example, your common 3 tier web apps with web server, app server and DB. There may be some refactoring required, but these are good potential candidates for cloud. The third category includes your traditional legacy applications that may include specialty, proprietary technology and are not designed to scale. These may require more significant rework – so you want to make sure that you will get significant business value from moving them to the cloud
  • #18 RightScale has taken cloud management to the next level with a new category that we call cloud portfolio management. Or CPM The RightScale product suite includes two products – Cloud Management and Cloud Analytics. Cloud Management provides deployment and management of applications for your technical teams. Cloud Analytics helps technical, business and financial users visualize and optimize cloud costs We are introducing a new module to our suite or products, Self-Service, which provides governed, curated and simplified on-demand access to complex application stacks to your IT end users through a Service Catalog. Together, these products help you manage, govern and optimize your applications across your entire cloud portfolio – public, private or virtualized.