A Look at the New Converged Data Center

Size: px
Start display at page:

Download "A Look at the New Converged Data Center"

Transcription

1 Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable and elastic environment, but will also be more sustainable and secure. This new converged data center, sometimes referred to as a software-defined data center (SDDC), is centrally managed with capabilities to control demand capacity and resource allocation from a single dashboard. Ensuring that the SDDC is sustainable and secure requires a new approach to IT, and nowhere is this more apparent than in the software-defined network (SDN). Traditional data centers relied on perimeter-based network security appliances placed at strategic choke points on the physical network. The SDN s ability to dynamically adapt, introduce new abstraction layers and avoid traditional routing necessitates a more comprehensive security implementation. Network security must be multifunctional and adaptive, ensuring that security controls can react to change events in the converged data center. This discussion focuses specifically on how SDN components offer new opportunities for improved network security

2 controls and compliance, organizational changes as technologists roles shift, and considerations when implementing security controls in virtual compute and network architecture. A Look at the New Converged Data Center The new converged data center, or software-defined data center, is a datastorage facility in which all elements of the infrastructure networking, storage, CPU and security are virtualized and delivered as a service. Deployment, provisioning, configuration and operation of the entire infrastructure is abstracted from hardware and implemented through software. Network virtualization is a concept of combining the available resources in a network by splitting up the available bandwidth into channels, each of which is independent from the others, and each of which can be assigned to a particular server or device in real time. The transitional process to reach a software-defined environment starts with understanding what technical capabilities will need to change. When most IT professionals think of SDN, it s usually in the context of the SDDC. An SDN without the proper security mechanisms in place leaves the data center professional with only a piece of the overall puzzle. The capability to manage capacity demand on the fly requires that the components that make up the architecture be standardized and supportive of the methods of virtualization and automation. For example, unlike traditional networks that default to open, thus requiring firewalls to provide isolation and segmentation, SDN defaults to close. Only when connections between devices are explicitly defined can they communicate. So the functions of firewall and network traffic monitoring, such as net flow, must adapt. It makes little sense to build out a virtual network and then secure it with traditional perimeter-based devices that hinder the capabilities of virtual fabric and undermine the automation process while providing little visibility and control into inner virtual processes. Determining the correct technical controls is just as important as choosing the foundational equipment to support the virtual strategy. To maximize efficiencies and return on investment, organizations must architect a security strategy from inception as part of the software-defined environment. New Opportunities for Network Security in the SDN Software-defined networking promises highly efficient management capabilities coupled with the simplicity and the exponential speed of execution, consuming the attention of vendors and consumers alike. There are many considerations when building out an SDN, one being security a critical component that requires

3 a new approach in the SDN. At a basic level, the definition of SDN is the ability to separate the data plane from the control plane, enabling centralized softwarebased control. Commands from the controller are then communicated back to the data plane for execution on the switches and routers. Ultimately, this approach enables a full perspective of the network and gives the administrator the ability to make changes centrally without a device-centric configuration on each switch or router. Although some vendors have taken a more immediate, tactical approach by providing direct access to the hardware via an API, this method does not allow for central control and is proprietary in nature. Central control of the network is accomplished by the logical centralization of control-plane capabilities, enabling the network administrator to deal with a pool of network devices as a single entity. A global abstraction layer, as opposed to the individual devices used by the OpenFlow protocol, then controls network flows. Central command simplifies network administration by providing this single point of instruction and execution. Network allocation becomes achievable, with more-accurate perspective of the flow demand and bandwidth constraints than ever. All of these capabilities will aid in the ever evolving challenges faced by today s IT work force; the opportunity that comes with ease of administration is the capability to secure and ensure compliance in a way that capitalizes on the fundamental concepts of SDN. Ensuring that security controls are multifunctional and adaptive and can react to change events in the network is an essential component of the converged data center. Software-defined security (SDS) meets these needs and protects the network from within the virtual infrastructure. What distinguishes SDS from perimeter security are three characteristics: (1) the use of logical zoning that relies on SDDC APIs to (2) implement policy-based multifunctional softwaredefined controls for continuous monitoring and mitigation of risk, (3) deployed at the lowest possible level on the virtual switch fabric. Compliance can then be achieved through continuous monitoring of the security event stream against the appropriate control framework. Logical Zoning The concept of logical segmentation, or trust zones, is in line with the concepts of a software-defined data center. Trust zones are logical, flexible policy envelopes that continuously detect and assign all virtual machines (VMs) to groups. They are enabled by the tight integration of software-defined security with the SDDC APIs. This automated zoning mechanism ensures that all VMs are identified and assigned to a policy group, providing real-time perfect inventory and security

4 coverage. Segmentation enabled by trust zones provides precise visibility and management of all virtual networks, network devices, system components and sensitive data in the cloud. Trust zones can be aligned with SDN logical groupings such as Cisco Application Centric Infrastructure s (ACI) use of end-point groups (EPGs). They can thus ensure that assets automatically inherit security policies set for the containers, where the containers can be defined as EPGs. Proper segmentation requires that even if an out-of-scope system component is compromised, it cannot affect the security of sensitive data in a trust zone. The automation around trust zones provides a crucial benefit as a compensating control against any ACI change that violates policy, since manual tracking is nearly impossible owing to rapid, continuous changes in virtual infrastructure. An additional benefit is independent audit and control to assure accurate inventory mapping, thus enabling automatic production of net-flow diagrams across all systems and networks. Manually mapping accurate net flow is impractical if not impossible in the converged data center. Policy-Based Controls Policies automatically assigned to virtual assets placed in trust zones enable centrally controlled software-defined security to automatically and deterministically enforce those policies to protect sensitive data wherever it may be processed, stored or transmitted in the virtual environment. Trust-zone membership is automatic and based on any attribute of the asset. Policy-based security controls are orchestrated in SDS, continuously monitoring network components in the entire virtual environment to ensure adherence to policies. The benefit of continuous monitoring is the ability to immediately spot changes that may compromise the security and compliance posture of an organization. Policies can include automatic mapping to regulatory standards and must include vulnerability management to include network-based checks on VM and hypervisor configuration. Alerts for security-policy violations can be followed by manual or automatic policy-based enforcement actions to mitigate risk and maintain compliance. Virtual-Fabric Deployment Software-defined security is deployed and managed at the lowest level, on the virtual switch fabric, ensuring the highest level of visibility and control over events in the software-defined network. Managed from a single processing hub and interface gives organizations significant operational efficiencies beginning with

5 a simplified infrastructure to support security controls and compliance for the virtual environment. Software-based security has a minimal processing footprint and is easily hosted by existing IT platforms. As multifunction security, organizations get systematic and maximum coverage without having to deploy and manage multiple tools. Automation of inventory tracking and monitoring as well as accurate reporting are available on demand. Converged data center technologists as well as security and compliance professionals can focus on a single interface, driving efficiency in the organization. Approached in a manner consistent with the focus of agile, predetermined rules and policies applied and monitored automatically, security as software in the data center is adaptive and elastic. Investing in a software-defined environment to impose only legacy security methods will not only prove ineffective, but it can also be detrimental to the security posture and compliance model. Consider that the compelling factor driving the transition to the SDDC model is the ability to instantaneously adapt to organizational needs and requirements. With this notion, organizations should without question do the same with their security and compliance strategy. Organizational Changes and Shifting Roles With the advent of virtualization, changes in data center architecture have also led to shifting roles in the organization. Software-defined networking and software-defined security present an opportunity for existing IT personnel to embrace change and expand their portfolios. The software-defined data center is radically reshaping traditional IT responsibilities and roles for network administrators, security administrators and operations. For IT to function efficiently, these changes must be understood and managed. Rather than regarding the changes as reducing responsibilities or otherwise changing them for the worse, the software-defined data center is actually an opportunity to take on a larger scope, as the days of IT siloes are over. The integration of traditional operations and hypervisor administration with network and security management in the software-defined data center necessitates a workflow shift. The focus has turned away from workflow process management towards forward-looking development, supporting system enhancements and improvements. Historically, IT organizations have had multilevel approval processes for change control in the network topology and have dedicated resources to tuning devices or validating whether incidents are false positives. Applications have been based on the limitations of the network. Software-defined networks and security have reversed the focus. With the ability

6 to institute predefined capabilities based on rules executed automatically, the network is now designed according to the needs of the applications. IT can spend less time on operations and more time building highly efficient applications. IT personnel can also contribute more to the organization by expanding their roles and becoming leaders in converged-infrastructure administration. Five Key Considerations With SDN Adoption As organizations plan to move to virtualized systems and software-defined networks, it is helpful to review the realistic challenges that they will face. To be able to take advantage of the benefits of a software-defined environment, architects should consider the following: 1. Vulnerabilities: A converged network will inherit common operating-system vulnerabilities. Greater attention to patch management and configuration changes must be implemented. Continuous monitoring is critical and can be automated with the right tools in place. 2. Access control: An SDN will have single points of compromise that lead to broader access. Strong access-control policies for authentication and authorization must be imposed on the system. It is best to use a role-based authorization mechanism to assign access levels, permissions and privileges. 3. Failover: Design the SDN for failure, including adequate backups for speed-torecovery, fault tolerance and failover capabilities. 4. Control plane: The control plane requires elevated privileges. Manage the SDN control plane out of band, separating the path to it from the path for normal traffic. Remove all default configurations from SDN, as this is common information for those with negative intentions. 5. Activity log: Implement a logging mechanism and net-flow analysis to track activity and report on compliance status. Continuous monitoring will ensure speed to resolution for any misconfiguration or unauthorized activity. Conclusion As is true with any technological movement, operations must adapt as data centers evolve. The key to adaptation in the software-defined network and more specifically, the software-defined data center is putting a plan in place that not only addresses infrastructure requirements, but also supports security and compliance policies. The virtual fabric introduces new vulnerabilities that can be managed with the right set of tools in place. Having the opportunity to implement security differently and better will pay dividends as security risks and

7 compliance regulations increase. Perhaps most importantly, legacy processes can be dramatically improved on by boosting operational efficiency and promoting greater innovation as team members shift focus from process management to application development. Security implementation and organizational opportunities faced by IT during the transition to converged data centers are daunting only because change is required. Solutions are available and continue to improve, supporting a more secure and solid virtual architecture than ever. It is essential to embrace the changes, and ultimately, both data centers and technologists will have a more competitive edge in their industries.

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking

More information

Catbird 6.0: Private Cloud Security

Catbird 6.0: Private Cloud Security WHITE PAPER Catbird 6.0: Private Cloud Security and agile infrastructure that is exposing weaknesses in legacy perimeter-based network controls and leaving applications vulnerable to advanced threats.

More information

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0 WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,

More information

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure White Paper Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure What You Will Learn The new Cisco Application Centric Infrastructure

More information

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera rbarrera@grupo-dice.com. VERSION May, 2015 Simplify IT With Cisco Application Centric Infrastructure Roberto Barrera rbarrera@grupo-dice.com VERSION May, 2015 Content Understanding Software Definded Network (SDN) Why SDN? What is SDN and Its Benefits?

More information

Virtualization Essentials

Virtualization Essentials Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically

More information

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc. White Paper Juniper Networks Solutions for VMware NSX Enabling Businesses to Deploy Virtualized Data Center Environments Copyright 2013, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3

More information

Leveraging SDN and NFV in the WAN

Leveraging SDN and NFV in the WAN Leveraging SDN and NFV in the WAN Introduction Software Defined Networking (SDN) and Network Functions Virtualization (NFV) are two of the key components of the overall movement towards software defined

More information

VMware vcloud Networking and Security

VMware vcloud Networking and Security VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility

More information

PLUMgrid Open Networking Suite Service Insertion Architecture

PLUMgrid Open Networking Suite Service Insertion Architecture White Paper PLUMgrid Open Networking Suite Service Insertion Architecture Introduction A rapid increase in the use of cloud services across the globe require networks to be adaptable and flexible. PLUMgrid

More information

The Mandate for a Highly Automated IT Function

The Mandate for a Highly Automated IT Function The Mandate for a Highly Automated IT Function Introduction The traditional IT operational model is highly manual and very hardware centric. As a result, IT infrastructure services have historically been

More information

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre Unlock the full potential of data centre virtualisation with micro-segmentation Making software-defined security (SDS) work for your data centre Contents 1 Making software-defined security (SDS) work for

More information

Boosting Business Agility through Software-defined Networking

Boosting Business Agility through Software-defined Networking Executive Summary: Boosting Business Agility through Software-defined Networking Completing the last mile of virtualization Introduction Businesses have gained significant value from virtualizing server

More information

White Paper: Optimizing the Cloud Infrastructure for Enterprise Applications

White Paper: Optimizing the Cloud Infrastructure for Enterprise Applications White Paper: Optimizing the Cloud Infrastructure for Enterprise Applications 2010 Ashton, Metzler, & Associates. All rights reserved. Executive Summary Given the technological and organizational risks

More information

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

Shifting Roles for Security in the Virtualized Data Center: Who Owns What? Shifting Roles for Security in the Virtualized Data Center: Who Owns What? SESSION ID: CSV-T07 Rob Randell, CISSP Director Systems Engineering Principal Security Architect VMware / NSBU Malcolm Rieke Director

More information

SDN Applications in Today s Data Center

SDN Applications in Today s Data Center SDN Applications in Today s Data Center Harry Petty Director Data Center & Cloud Networking Cisco Systems, Inc. Santa Clara, CA USA October 2013 1 Customer Insights: Research/ Academia OpenFlow/SDN components

More information

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer HAWAII TECH TALK SDN Paul Deakin Field Systems Engineer SDN What Is It? SDN stand for Software Defined Networking SDN is a fancy term for: Using a controller to tell switches where to send packets SDN

More information

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments What You Will Learn Deploying network services in virtual data centers is extremely challenging. Traditionally, such Layer

More information

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack Cisco and Red Hat Extend the Cisco ACI Policy Framework to Red Hat Enterprise Linux OpenStack Platform Enabled Environments

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

Cloud, SDN and the Evolution of

Cloud, SDN and the Evolution of Cloud, SDN and the Evolution of Enterprise Networks Neil Rickard Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form

More information

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE The demand for cloud infrastructure is rapidly increasing, the world of information is becoming application and

More information

Software-Defined Networks Powered by VellOS

Software-Defined Networks Powered by VellOS WHITE PAPER Software-Defined Networks Powered by VellOS Agile, Flexible Networking for Distributed Applications Vello s SDN enables a low-latency, programmable solution resulting in a faster and more flexible

More information

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 SDN - An Overview... 2 SDN: Solution Layers and its Key Requirements to be validated...

More information

Virtualization, SDN and NFV

Virtualization, SDN and NFV Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,

More information

SDN and NFV in the WAN

SDN and NFV in the WAN WHITE PAPER Hybrid Networking SDN and NFV in the WAN HOW THESE POWERFUL TECHNOLOGIES ARE DRIVING ENTERPRISE INNOVATION rev. 110615 Table of Contents Introduction 3 Software Defined Networking 3 Network

More information

Network Virtualization

Network Virtualization . White Paper Network Services Virtualization What Is Network Virtualization? Business and IT leaders require a more responsive IT infrastructure that can help accelerate business initiatives and remove

More information

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang bhuang@cisco.com. Nov 13, 2014

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang bhuang@cisco.com. Nov 13, 2014 Simplify IT With Cisco Application Centric Infrastructure Barry Huang bhuang@cisco.com Nov 13, 2014 There are two approaches to Control Systems IMPERATIVE CONTROL DECLARATIVE CONTROL Baggage handlers follow

More information

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business WHITE PAPER Data Center Fabrics Why the Right Choice is so Important to Your Business Introduction Data center fabrics are emerging as the preferred architecture for next-generation virtualized data centers,

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

How the Software-Defined Data Center Is Transforming End User Computing

How the Software-Defined Data Center Is Transforming End User Computing How the Software-Defined Data Center Is Transforming End User Computing The Essentials Series sponsored by David Davis SDDC Powered Virtual Desktops and Applications... 1 Three Pillars of SDDC and Desktop/Application

More information

An Application-Centric Infrastructure Will Enable Business Agility

An Application-Centric Infrastructure Will Enable Business Agility An Application-Centric Infrastructure Will Enable Business Agility March 2014 Prepared by: Zeus Kerravala An Application-Centric Infrastructure Will Enable Business Agility by Zeus Kerravala March 2014

More information

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase I D C T E C H N O L O G Y S P O T L I G H T U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase Operational Efficiency March 2013 Adapted from Will New SDN

More information

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments What You Will Learn In many enterprises, physical security departments are making a notable

More information

Delivering the Software Defined Data Center

Delivering the Software Defined Data Center Delivering the Software Defined Data Center Georgina Schäfer Sr. Product Marketing Manager VMware Calvin Rowland, VP, Business Development F5 Networks 2014 VMware Inc. All rights reserved. F5 & Vmware

More information

A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.

A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014. A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC September 18, 2014 Charles Sun www.linkedin.com/in/charlessun @CharlesSun_ 1 What is SDN? Benefits

More information

Network Services in the SDN Data Center

Network Services in the SDN Data Center Network Services in the SDN Center SDN as a Network Service Enablement Platform Whitepaper SHARE THIS WHITEPAPER Executive Summary While interest about OpenFlow and SDN has increased throughout the tech

More information

Database Security, Virtualization and Cloud Computing

Database Security, Virtualization and Cloud Computing Whitepaper Database Security, Virtualization and Cloud Computing The three key technology challenges in protecting sensitive data in modern IT architectures Including: Limitations of existing database

More information

Software Defined Networks

Software Defined Networks Software Defined Networks Dr. Uttam Ghosh, CDAC, Bangalore uttamg@cdac.in Outline Networking Planes OpenFlow Software Defined Network (SDN) SDN Origin What is SDN? SDN Architecture SDN Operation Why We

More information

Data Center Network Evolution: Increase the Value of IT in Your Organization

Data Center Network Evolution: Increase the Value of IT in Your Organization White Paper Data Center Network Evolution: Increase the Value of IT in Your Organization What You Will Learn New operating demands and technology trends are changing the role of IT and introducing new

More information

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service

More information

CoIP (Cloud over IP): The Future of Hybrid Networking

CoIP (Cloud over IP): The Future of Hybrid Networking CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

Endpoint Security: Become Aware of Virtual Desktop Infrastructures!

Endpoint Security: Become Aware of Virtual Desktop Infrastructures! Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity

More information

Networks that virtualization

Networks that virtualization Networks that know virtualization EBOOK VITRUALIZATION Your ideas. Connected. Copyright August 2014, Juniper Networks, Inc. Preface In both legacy IT data centers and emerging private and public clouds,

More information

White Paper: Operationalizing IT Services Software Defined Networking Federation/Operability Orchestration

White Paper: Operationalizing IT Services Software Defined Networking Federation/Operability Orchestration White Paper: Operationalizing IT Services Software Defined Networking Federation/Operability Orchestration Brian Hedstrom Lead BSS/OSS Architect bhedstrom@datavision-inc.com Mark Abolafia VP, SDN Practice

More information

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015. Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines

More information

Deploying Advanced Firewalls in Dynamic Virtual Networks

Deploying Advanced Firewalls in Dynamic Virtual Networks SOLUTION GUIDE Deploying Advanced Firewalls in Dynamic Virtual Networks Enterprise-Ready Security for Network Virtualization 1 This solution guide describes how to simplify deploying virtualization security

More information

OmniCube. SimpliVity OmniCube and Multi Federation ROBO Reference Architecture. White Paper. Authors: Bob Gropman

OmniCube. SimpliVity OmniCube and Multi Federation ROBO Reference Architecture. White Paper. Authors: Bob Gropman OmniCube SimpliVity OmniCube and Multi Federation ROBO Reference Architecture White Paper Authors: Bob Gropman Date: April 13, 2015 SimpliVity and OmniCube are trademarks of SimpliVity Corporation. All

More information

PCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011

PCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011 Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility

More information

Cisco Unified Data Center: The Foundation for Private Cloud Infrastructure

Cisco Unified Data Center: The Foundation for Private Cloud Infrastructure White Paper Cisco Unified Data Center: The Foundation for Private Cloud Infrastructure Providing Agile and Efficient Service Delivery for Sustainable Business Advantage What You Will Learn Enterprises

More information

CENTER I S Y O U R D ATA

CENTER I S Y O U R D ATA I S Y O U R D ATA CENTER R E A DY F O R S D N? C R I T I C A L D ATA C E N T E R C O N S I D E R AT I O N S FOR SOFT WARE-DEFINED NET WORKING Data center operators are being challenged to be more agile

More information

The Promise and the Reality of a Software Defined Data Center

The Promise and the Reality of a Software Defined Data Center The Promise and the Reality of a Software Defined Data Center Authored by Sponsored by Introduction The traditional IT operational model is highly manual and very hardware centric. As a result, IT infrastructure

More information

VIRTUALIZING THE EDGE

VIRTUALIZING THE EDGE VIRTUALIZING THE EDGE NFV adoption to transform telecommunications infrastructure Karthik Kailasam Director, Integrated Modular Solutions September 2015 Key Messages The transformation of telecom networks

More information

SOFTWARE-DEFINED NETWORKS

SOFTWARE-DEFINED NETWORKS THE PROMISE OF SOFTWARE-DEFINED NETWORKS SDNs offer organizations a flexible solution capable of reimagining the enterprise network. The IT community is abuzz with discussions about software-defined networks

More information

Software Defined Environments

Software Defined Environments November 2015 Software Defined Environments 2015 Cloud Lecture, University of Stuttgart Jochen Breh, Director Architecture & Consulting Cognizant Global Technology Office Agenda Introduction New Requirements

More information

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud

More information

IT Infrastructure Services. White Paper. Utilizing Software Defined Network to Ensure Agility in IT Service Delivery

IT Infrastructure Services. White Paper. Utilizing Software Defined Network to Ensure Agility in IT Service Delivery IT Infrastructure Services White Paper Utilizing Software Defined Network to Ensure Agility in IT Service Delivery About the Author Siddhesh Rane Siddhesh Rane is a Technical Architect and part of the

More information

Software Defined Storage Networks An Introduction

Software Defined Storage Networks An Introduction A Jeda Networks White Paper 4400 MacArthur Blvd., suite 350 Newport Beach, CA 92660 (949) 748-7277 www.jedanetworks.com Software Defined Storage Networks An Introduction Doc # 01-000030-001 Rev. A Contents

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

Networks that know data center virtualization

Networks that know data center virtualization Networks that know data center virtualization EBOOK VITRUALIZATION Your ideas. Connected. Copyright August 2014, Juniper Networks, Inc. Preface In both legacy IT data centers and emerging private and public

More information

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, resulting in a comprehensive view of

More information

NFV Management and Orchestration: Enabling Rapid Service Innovation in the Era of Virtualization

NFV Management and Orchestration: Enabling Rapid Service Innovation in the Era of Virtualization White Paper NFV Management and Orchestration: Enabling Rapid Service Innovation in the Era of Virtualization NFV Orchestration Overview Network Function Virtualization (NFV) technology, in combination

More information

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft White Paper Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft What You Will Learn Cisco is continuously innovating to help businesses reinvent the enterprise data

More information

Evolution of the Software Defined Data Center

Evolution of the Software Defined Data Center Evolution of the Defined Data Center Happiest People Happiest Customers Contents Abstract...3 The big promise of SDDC...3 Moving towards SDDC the adoption roadmap...4 Points to keep in mind...5 Challenges...5

More information

Best Practices for PCI DSS V3.0 Network Security Compliance

Best Practices for PCI DSS V3.0 Network Security Compliance Best Practices for PCI DSS V3.0 Network Security Compliance January 2015 www.tufin.com Table of Contents Preparing for PCI DSS V3.0 Audit... 3 Protecting Cardholder Data with PCI DSS... 3 Complying with

More information

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com SDN 101: An Introduction to Software Defined Networking citrix.com Over the last year, the hottest topics in networking have been software defined networking (SDN) and Network ization (NV). There is, however,

More information

Driving SDN Adoption in Service Provider Networks

Driving SDN Adoption in Service Provider Networks WHITEPAPER Software Defined Networking (SDN) Driving SDN Adoption in Service Provider Networks This whitepaper provides an overview of key requirements and enablers for driving SDN adoption in Service

More information

Vyatta Network OS for Network Virtualization

Vyatta Network OS for Network Virtualization Complete Security and Compliance for Virtual Environments Vyatta takes the concept of virtualization beyond just applications and operating systems and allows enterprise IT to also virtualize network components

More information

A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud

A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud WHITE PAPER A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud Abstract Data center consolidation and virtualization have set the stage for cloud computing.

More information

Service Orchestration: The Key to the Evolution of the Virtual Data Center

Service Orchestration: The Key to the Evolution of the Virtual Data Center Service Orchestration: The Key to the Evolution of the Virtual Data Center By Jim Metzler, Cofounder, Webtorials Editorial/Analyst Division Introduction Data center managers are faced with an array of

More information

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start?

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start? Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start? Yanick Pouffary HP Distinguished Technologist, Chief Technologist Technology Services Mobility & Networking Forward-looking statements

More information

Data Center Networking Designing Today s Data Center

Data Center Networking Designing Today s Data Center Data Center Networking Designing Today s Data Center There is nothing more important than our customers. Data Center Networking Designing Today s Data Center Executive Summary Demand for application availability

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

The Software-Defined Data Center is Key to IT-as-a-Service

The Software-Defined Data Center is Key to IT-as-a-Service The Software-Defined Data Center is Key to IT-as-a-Service August 2013 Prepared by: Zeus Kerravala The Software-Defined Data Center is Key to IT-as-a-Service by Zeus Kerravala August 2013 º º º º º º º

More information

Business Case for Open Data Center Architecture in Enterprise Private Cloud

Business Case for Open Data Center Architecture in Enterprise Private Cloud Business Case for Open Data Center Architecture in Enterprise Private Cloud Executive Summary Enterprise IT organizations that align themselves with their enterprise s overall goals help the organization

More information

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service

More information

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS VCE Word Template Table of Contents www.vce.com MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS January 2012 VCE Authors: Changbin Gong: Lead Solution Architect Michael

More information

Catbird vsecurity : Security and Compliance For The Virtualized Data Center

Catbird vsecurity : Security and Compliance For The Virtualized Data Center Catbird vsecurity : Security and Compliance For The Virtualized Data Center www.catbird.com 2011 Catbird All rights reserved Catbird vsecurity: Securing the Virtual & Cloud Data Center Executive Summary

More information

Enabling Database-as-a-Service (DBaaS) within Enterprises or Cloud Offerings

Enabling Database-as-a-Service (DBaaS) within Enterprises or Cloud Offerings Solution Brief Enabling Database-as-a-Service (DBaaS) within Enterprises or Cloud Offerings Introduction Accelerating time to market, increasing IT agility to enable business strategies, and improving

More information

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions White Paper Getting on the Road to SDN Attacking DMZ Security Issues with Advanced Networking Solutions By Bob Laliberte, Senior Analyst March 2014 This ESG White Paper was commissioned by NEC and is distributed

More information

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)

More information

Virtualizing the SAN with Software Defined Storage Networks

Virtualizing the SAN with Software Defined Storage Networks Software Defined Storage Networks Virtualizing the SAN with Software Defined Storage Networks Introduction Data Center architects continue to face many challenges as they respond to increasing demands

More information

The Software-Defined Data Center and the New Hitachi Unified Compute Platform

The Software-Defined Data Center and the New Hitachi Unified Compute Platform The Software-Defined Data Center and the New Hitachi Unified Compute Platform By Miklos Sandorfi, Chief Strategy Officer for File, Content and Cloud at Hitachi Data Systems and Mike Clayville, Vice President,

More information

REDEFINE SIMPLICITY TOP REASONS: EMC VSPEX BLUE FOR VIRTUALIZED ENVIRONMENTS

REDEFINE SIMPLICITY TOP REASONS: EMC VSPEX BLUE FOR VIRTUALIZED ENVIRONMENTS REDEFINE SIMPLICITY AGILE. SCALABLE. TRUSTED. TOP REASONS: EMC VSPEX BLUE FOR VIRTUALIZED ENVIRONMENTS Redefine Simplicity: Agile, Scalable and Trusted. Mid-market and Enterprise customers as well as Managed

More information

Agility has become a key initiative for business leaders. Companies need the capability

Agility has become a key initiative for business leaders. Companies need the capability A ZK Research White Paper Influence and insight through social media Prepared by Zeus Kerravala March 2014 A Guide To Network Virtualization ZK Research Zeus Kerravala A Guide to BYOD Network And Virtualization

More information

Evolution from the Traditional Data Center to Exalogic: An Operational Perspective

Evolution from the Traditional Data Center to Exalogic: An Operational Perspective An Oracle White Paper July, 2012 Evolution from the Traditional Data Center to Exalogic: 1 Disclaimer The following is intended to outline our general product capabilities. It is intended for information

More information

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...

More information

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER An AlgoSec Whitepaper MANAGE SECURITY AT THE SPEED OF BUSINESS AlgoSec Whitepaper Introduction Corporate networks today must deliver hundreds

More information

White Paper. Requirements of Network Virtualization

White Paper. Requirements of Network Virtualization White Paper on Requirements of Network Virtualization INDEX 1. Introduction 2. Architecture of Network Virtualization 3. Requirements for Network virtualization 3.1. Isolation 3.2. Network abstraction

More information

Transform Your Business. Transformation Data Center

Transform Your Business. Transformation Data Center Transform Your Business Transformation Data Center Transformation Data Center Initiate Your Transformation Value creation is an emphasis for today s IT. Your data center must be efficient, flexible, and

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Juniper Networks QFabric: Scaling for the Modern Data Center

Juniper Networks QFabric: Scaling for the Modern Data Center Juniper Networks QFabric: Scaling for the Modern Data Center Executive Summary The modern data center has undergone a series of changes that have significantly impacted business operations. Applications

More information

PCI DSS Top 10 Reports March 2011

PCI DSS Top 10 Reports March 2011 PCI DSS Top 10 Reports March 2011 The Payment Card Industry Data Security Standard (PCI DSS) Requirements 6, 10 and 11 can be the most costly and resource intensive to meet as they require log management,

More information

Mitigating Information Security Risks of Virtualization Technologies

Mitigating Information Security Risks of Virtualization Technologies Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization

More information

Cyber Security for NERC CIP Version 5 Compliance

Cyber Security for NERC CIP Version 5 Compliance GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...

More information