future architectures and technologies john mclaughlin ibm corporation l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Future Architectures and Technologies John McLaughlin, IBM Corporation PowerPoint Presentation
Download Presentation
Future Architectures and Technologies John McLaughlin, IBM Corporation

Loading in 2 Seconds...

play fullscreen
1 / 11

Future Architectures and Technologies John McLaughlin, IBM Corporation - PowerPoint PPT Presentation


  • 210 Views
  • Uploaded on

Future Architectures and Technologies John McLaughlin, IBM Corporation. 22 September 2010. Approved for Public Release Distribution Unlimited NCOIC-DefDaily-JFM20100917. Cloud and the Military. .… Customization, efficiency, availability, resiliency, security and privacy___ .

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Future Architectures and Technologies John McLaughlin, IBM Corporation' - quanda


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
future architectures and technologies john mclaughlin ibm corporation

Future Architectures and TechnologiesJohn McLaughlin, IBM Corporation

22 September 2010

Approved for Public Release

Distribution Unlimited

NCOIC-DefDaily-JFM20100917

cloud and the military
Cloud and the Military

.… Customization, efficiency, availability, resiliency, security and privacy___

.…Standardization, capital preservation, flexibility and time to deploy

Flexible Delivery Models

  • Cloud Computing shows promise in the commercial world
    • Cost, Schedule, and Performance parameters are encouraging
  • Private cloud architectures in military context are another thing
  • Public …
  • Service provider owned and managed
  • Access by subscription
  • Delivers select set of standardized business process, application and/or infrastructure services on a flexible price per use basis.
  • Private …
  • Privately managed.
  • Access limited to command and its partner network.
  • Drives efficiency, standardization and best practices while retaining greater customization and control

Cloud Services

Cloud Computing

Model

  • Hybrid …
  • Access to client, partner network, and third party resources

ORGANIZATION CULTURE GOVERNANCE

cloud and navair what s really needed
Cloud and NAVAIR(What’s really needed…..)

Despite the IT cost savings, speed to deployment, and performance, cloud computing is not a viable military capability until the following are solved:

  • Foundational Cloud Computing
  • Resilience
  • Compliance
  • Analytics
  • Deep Packet Inspection
  • Multi-tenancy
foundational work
Foundational Work
  • NCOIC, among others, is working this problem
  • Cloud Computing WG is developing a Hybrid Cloud Computing pattern
    • Potential for an NGA pilot
  • The NCOIC Cyber Security IPT is working on the global authentication problem
    • Solutions, technology independent
  • IBM Mission Oriented Cloud Computing
    • 10 month project to work the hard engineering problems for AF Cloud Computing
    • Completion next month
foundational cloud computing
FoundationalCloud Computing
  • Federated Identity Management Capability
      • Provide ability for external authentication (think coalition forces…..)
  • Process governance for approval purposes
  • Automated and Request Driven Provisioning
      • Foundational Service Discovery
      • Operational Service Deployment
      • Service Delivery Monitoring
  • Operational Monitoring
cloud computing and compliance
Cloud Computing and Compliance
  • Compliance provides distribution, revocation, and integrity services for security policies
    • Prove identification and authentication
    • Prove role provisioning capability
    • Prove role based permissions authentication to identified entities
    • Prove auditing of privileged user
    • Prove patch management of end points
cloud and resilience
Cloud and Resilience
  • Can we protect?
    • Protection for the cloud infrastructure achieved through:
      • Network attack protection at the perimeter
      • Virtual firewalls protecting servers
      • Specialized database protection capabilities
  • Can we rebuild?
    • Reconstruction of damaged cloud resources
      • Rapid restoration from gold copies
  • Can we relocate?
    • Relocation of virtualized resources
      • Rapid relocation to a new VLAN
analytics know it now defend at machine speed
Analytics – Know It NowDefend at Machine Speed
  • Step One : Collection
    • Security and configuration logs
    • Internal network sensors and network protection devices
    • Servers
  • Step Two: Correlation and Reduction
    • Ingest engine provides filtered sensor data to the analytics engine for classification and correlation
  • Step Three: Response
    • The response engine initiates autonomic security policy changes
deep packet inspection is it safe
Deep Packet Inspection Is It Safe?

Provide behavior-based, near real time detection and response to network level threats

  • All network traffic is inspected for behavior based attacks
    • TCP/IP level network traffic inspection detects out of spec protocols
    • Behavior based allows zero day protection
  • Detected threats cause autonomic security policy changes to be implemented
multi tenancy peaceful secure co existence
Multi-TenancyPeaceful, Secure Co-existence
  • Validate VM Isolation Management
    • Prove that data confidentiality exists between images
  • Prove ability to detect and correct image provisioning anomalies
    • Test that deployed VM images are correctly configured
    • Show that corrective actions for mis-configured VM images can be applied
  • Prove rapid provisioning capabilities
    • Rapid deployment of new VM images
    • Rapid provisioning of new images
    • Rapid access by new users
the end
The End
  • Questions?
  • Contact Information

John McLaughlin, IBM Corporation

571.229.0453

johnmcl@us.ibm.com

  • Thank you