1 / 28

Journey to the Private Cloud Key Enabling Technologies

Journey to the Private Cloud Key Enabling Technologies. Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010. The current I/T state:. Infrastructure sprawl Information explosion Identity access complexity Increasing threats Increasing regulation

ravi
Download Presentation

Journey to the Private Cloud Key Enabling Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology OfficerSenior Vice PresidentEMC Corporation June 2010

  2. The current I/T state: • Infrastructure sprawl • Information explosion • Identity access complexity • Increasing threats • Increasing regulation • Spiraling costs vs. reduced budgets

  3. Desired State: Trusted On-demand Controlled Pay for Use Reliable Seamless Secure Economies of Scale Information VirtualizedData Center CloudComputing Identity Infrastructure Internal Cloud External Cloud

  4. Ensure Confidentiality, Integrity, and Availability in a Multi-Tenant environment. Effectively meet the advertised SLA, while optimizing cloud resource utilization. Offer Tenants capabilities for self-service, and achieve scale through automation and simplification. Cloud Computing – Service Provider Priorities

  5. Cloud Computing – Tenant Priorities • Reduce costs, while maintaining or improving SLA. • Maintain an appropriate level of Trust, Visibility, and Control for applications and/or services deployed to Cloud. • Meet all applicable Governance, Risk and Compliance requirements. • For example, organizations are required by law to demonstrate Business Continuity Compliance….

  6. Infrastructure Information Identity Security Desired State: Private Cloud Private Cloud requires key enabling technologies PrivateCloud Control Policy-based Management Seamless Integration Insulation Virtualization Virtualized Data Center CloudComputing Internal Cloud External Cloud

  7. Virtualization: Provides I/T LiquidityInsulates applications from physical infrastructure Lower IT Costs Better Utilization Less Complexity Quality of Service Non-disruptive application migration Fault tolerance Container-based management Virtualization Virtualization Virtualization Virtualization Virtual Infrastructure File/Print Exchange Oracle CRM SAP ERP CPU Pool StoragePool Storage Pool

  8. Today most security, resource management and information management is enforced by the OS and application stack OS / application-based security Application specific management and visibility Application centric information All are complex, expensive and brittle, if not impossible to implement As virtual container levels evolve, We can surpass the levels of management possible in today’s physical infrastructures vApp and VM layer APP APP OS OS Virtual and cloudinfrastructure APP APP OS OS Virtual Containers create the opportunity to simplify and optimize IT management • by pushing security, information and resource management to the virtual container domains • Simplified, unified management • Regardless of OS (Windows/Unix), patch levels Physical infrastructure

  9. VMware vShield Zones and RSA DLP: Building a Content-Aware Trusted Zone APP APP APP APP OS OS OS OS APP APP APP APP OS OS OS OS Virtual Infrastructure • Overview • VMware vShield Zones provides isolation between groups of VMs in the virtual infrastructure • RSA deploys Data Linkage Prevention (DLP) as a virtual application monitoring data traversing virtual networks • Uses centrally managed policies and enforcement controls to prevent data loss in the virtual datacenter • Customer Benefits • Pervasive protection • Persistent protection • Improved scalability VMware vShield zones DLP DLP DLP DLP VMware VSphere Physical Infrastructure

  10. Private Cloud Trusted Zones:Key Capabilities APP APP APP OS OS OS APP OS Cloud Provider Physical Infrastructure Insulate infrastructure from Malware, Trojans and cybercriminals Anti-malware Federate identities with public clouds Identity federation Cybercrime intelligence Strong authentication Tenant #2 Virtual Infrastructure Control and isolate VM(s) in the virtual infrastructure Insulate information from other tenants Virtual network security Data loss prevention Tenant #1 Virtual Infrastructure Insulate information from cloud providers’ employees Segregate and control user access Encryption & key mgmt Access Mgmt Tokenization Physical Infrastructure Security Info. & Event Mgmt Enable end to end view of security events and compliance across infrastructures GRC

  11. How can we flexibly share resources across the Private Cloud… Across data center infrastructure boundaries Across federated service provider boundaries Flexible infrastructure across the Private Cloud Cloud Compute (Virtual) DataCenter Service Provider VPN Cloud Applications Organization A

  12. Infrastructure Information Identity Security Desired State: Private Cloud Private Cloud requires key enabling technologies PrivateCloud Seamless Integration Virtualization Virtualized Data Center CloudComputing Internal Cloud External Cloud

  13. Array Failure Protection • Local mirroring • Non Disruptive Data Mobility • Inter-array migrations Storage Virtualization: introducing EMC vPlex • Distributed Mirroring • Active-Active Access Site A Site B A A Aggregation of Storage devicesVolume management V-Plex Cluster V-Plex Cluster FC V-Plex MetroPlex • Remote Export • Diskless access to non-local storage A Heterogeneous Geographically Distributed Storage A

  14. vPlex evolution VPLEXGlobal VPLEXGeo VPLEXMetro VPLEXLocal Data Center Synchronous Asynchronous Anywhere Access Anywhere

  15. Network Virtualization:Seamless Layer 2 VLAN integration Enable VM mobility without IP address changes or connection drops Virtual Machines can escape IP address block “prisons” Extend layer 2 VLANs over arbitrary network connectivity Seamless add/ drop of edge nodes w/o need to reconfigure other edge notes IP A IP B West East IP C South Core

  16. Move virtual machines from one physical server to another - while running Vmware VMotion • Eliminate downtime and provide continuous service • Shift underlying hardware resources dynamically • Balance workloads across the data center to optimize computing resources

  17. Data Center Elasticity across physical boundaries Data Data Data Standalone Consolidation Pools of Cooperation Data Application Application Application Application Application Application Application Application Application Application Application Application Data Center A Data Center B Data Center C Data Center D Application Application Application Standalone Consolidation Pools of Cooperation Application Enables private cloud computing Federation FAST

  18. But how can we deliver a business relevant SLA… with Customer-controlled app deployment, resource allocation and management With visible compliance to both committed SLA and Regulatory controls???… Across data center infrastructure boundaries Across federated service provider boundaries Service Management across the Private Cloud Cloud Compute (Virtual) DataCenter Service Provider VPN Cloud Applications Organization A

  19. Infrastructure Information Identity Security Desired State: Private Cloud Private Cloud requires key enabling technologies PrivateCloud Control Policy-based Management Integration Virtualization Virtualized Data Center CloudComputing Internal Cloud External Cloud

  20. A logical IT service provided as a collection of VMs Application and any supporting infrastructure VMs (Virtual Appliances) Network connections between these Managed as a unit, not as independent components One-click provision, power-on, snapshot, backup The right view for managing & achieving SLAs IIS Oracle Tomcat App Server Virtual Applications: vAPP A New Model for Describing and Deploying Applications E-commerce vApps E-commerce vApp

  21. Policy Travels with VMs and vApps Open Virtual Framework (OVF) includes instructions for the infrastructure Policy is described and attached to the Virtual Application Policy-based management is maintained across VM deployments and Vmotions Policy Name: eCommerce • Only port 80 is used • 100 ms web response • VRM: Encrypt w/ SHA-1 • DR RPO: 0 minutes • Continuity Compliance • Scalable WebServer • AppServer Security E-commerce vApp

  22. Definition: Subscription to and usage of Cloud Services that are delivered over a virtual private network, where a private instance of the service is based on a common virtual infrastructure model, and wherein an integrated SLA with business relevant metrics is offered Cloud Services – [Virtual] Private Clouds Extra Capacity The contract is with the virtual environment Cloud Compute Service Provider (Virtual) DataCenter VPN Cloud Applications Organization A

  23. Seamless Private Cloud Service Delivery Primary Datacenter Secondary Datacenter / Service Provider VM’s Continuity Monitoring Data Protection Service Delivery Authoring & Assurance Configuration Migration& Planning Performance E-commerce vApp E-commerce vApp Security Capacity Monitoring Virtual Datacenter OS Backup

  24. APP APP APP APP Data Protection-as-a-ServiceBusiness Continuity Compliance PoC CustomersSee Data Protection Status And Cost Service ProvidersOne Solution Across All Customers For SLA Management Data Protection Advisor Customer A Monitoring Alerting Customer B Troubleshooting Optimization Customer C Capacity Planning Reporting NASSAN Backup Clients Replication VirtualEnvironments DeDupeVTL Business Apps

  25. Monitoring and Managing Policy Compliance Tenant #2 Virtual Infrastructure APP APP APP OS OS OS Tenant #1 APP Virtual Infrastructure OS Cloud Provider Physical Infrastructure Across virtual, physical, internal and external infrastructures Virtual infrastructure management VMware vCenter GRC BCC End-to-end business continuity SLA correlation / analysis Compliance Dashboard:End-to-end compliance reporting EMC DPA data recovery management for physical and virtual infrastructures 25

  26. Management & Monitoring ElasticityFor the Virtual Private Cloud:

  27. The Journey to Private Clouds [Virtual] Private clouds will transform how we think about IT As a service The impact to businesses will be considerable Exploit new economics with confidence Clear and logical pathway Preserving existing investment in applications, infrastructure and information Ensuring preservation of security, privacy, and control Compliance to SLA and Regulatory policies

More Related