Accelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation
|
|
- Elaine Turner
- 8 years ago
- Views:
Transcription
1 Accelerate OpenStack* Together * OpenStack is a registered trademark of the OpenStack Foundation
2 Where are your workloads running Ensuring Boundary Control in OpenStack Cloud. Raghu Yeluri Principal Engineer, Datacenter and Cloud Products Group Intel Corporation
3 Contents Trust and Boundary Requirements in the Cloud Solution: Geo-Tagging and Boundary Control with OpenStack* Looking ahead: Additional use-cases/solutions targeted for Kilo+ release Geo-tagging for storage volumes Tenant-controlled VM encryption/decryption Summary Q & A
4 Security Challenges in the Cloud Private Cloud DC Public Cloud DC Company B Company A Pool 1 Pool n Company B Company C Visibility Control Enhance Audits Compliance
5 Challenge: Complying with location-based workload security and compliance requirements Policy Challenges To add to these challenges. Sensitive Data & Applications MUST remain Internal to Organizations Data Privacy & National/Regional Regulations constraint workload movement Virtualization, Public and Private Cloud Agility adds to the Challenges. Virtual Servers are files that can be moved or copied and executed anywhere. Very Sensitive Data MUST remain on Specific Data Center Hardware or Security Zones. Hybrid Clouds blur boundary between what is internal and external.
6 Requirement: Ensure that Virtual Workloads are placed, or migrated, based on location and assurance of hardware platform Policy Requirements Run in the correct geography or datacenter Run only on Internal Enterprise Network not in the public cloud Run on hardware in particular Security Zone, or, Assurance Level Technical Need: How do you provide Trusted Geo-location/Assetlocation in Virtualization and Cloud Environment to meet these Policy Requirements?
7 Intel Trusted Execution Technology (TXT)-based H/W Provides a Strong Foundation for Platform Security & Trusted Geo/Asset-location Intel TXT Hardware Solution Components Intel 5500/5520 Chipset BIOS Flash TPM A trusted execution platform for sensitive apps and data Intel TXT provides integrity assurance for x86 server hardware, and the software stack above Root of Trust is Intel Xeon processors & motherboard chipsets Measured Boot + Attestation extends the chain of Trust to OS/VMM. Chain of Trust: H/W->FW->BIOS->OS/VMM Leverages TPM for secure storage and TXT Measured Boot + Attestation for Trusted Geo/Asset-location - Geo/Asset-tagging
8 Geo/Asset-tagging - Enabling Boundary Control Geo/Asset descriptor (asset-tag) stored in the TPM of the Server. Used to control placement & migration of workloads Broad support across bare metal OS and hypervisors (ESX, XenServer, Xen, KVM). What is Asset Tag? TAG SHA-1 SHA-2 UUID of Host Asset Certificate Digital Signature Asset Tag Asset Certificate TPM NVRAM Index NV Index Index used: index 0x Size of Index: TPM 1.2: 20 Bytes; TPM 2.0 (future): 32 Bytes (for 256) and 64 (for 512) Data Format: 20 Bytes of Binary data ; Asset Tag used with Geo-Location attributes is a Geo-Tag
9 VM Boundary Control With OpenStack * - How it works 1 Upload Workload A to Glance with Launch Policy. 2 Launch VM A 3 Workload A Glance Workload A Launch Policy Trust Verified. Geo=France API Server Nova 5 Challenge Request Location Attestation Attestation Authority 5 Attestation Report TrustedFilter, LocationFilter 4 Challenge 6 Workload A launched with appropriate policy 0 OOB: Provision Geo-Tag on to Server TPMs
10 Geo-Tag extensions in OpenStack Geo-tag Selection UI Horizon (dashboard) End Users (accessing guest vm) Blueprints: spec/nova-trusted-geo-asset-tag n/+spec/trust-n-geo-display Location-Control Tag Provisioning Service VM Policies as Image Properties Glance (Image Store + Registry) New: LocationFilter Attestation Service Guest VMs VMs (workloads) (workloads) Disk Image (for Guest VMs) OS/VMM TXT+TPM OpenStack Extensions Intel/ISV provided components Targeting Kilo release; Downloadable scripts in Q4 for Icehouse & Juno
11 Geo-Tagging Flow in OpenStack Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation Orchestration & VM Launch 5 Dashboard Step 1: Defining and Selecting of Geo/Asset Tags - Tags can be logical or physical geo information, and/or, business functions (Finance, Benefits, Inv Banking, etc) - Uses Tag Mgt APIs. Tags that will be Provisioned to a Server.
12 Geo-Tagging Flow in OpenStack Tag Definition & Selection Tag Provisioning to Servers 2 3 VM Policy 4 Creation Orchestration & VM Launch 5 Dashboard Step 2: Provision Selected Tag(s) from Step 1, onto the server. Mt. Wilson Provisioning Tool & Provisioning APIs to Provision TPMs on the hosts. 1. Select the Host to Provision 2. Select the Tags and Provision the Server TPMs
13 Geo-Tagging Flow in OpenStack Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation Orchestration & VM Launch 5 Dashboard Step 3: Create VM Policies. 1) Policies are associated with VM Images as Properties in Glance. 2) Horizon Extended to select Geo-location Policies. Two Policies for this Image 1. Trust 2. Geo-Location
14 Geo-Tagging Flow in OpenStack Tag Definition & Selection Tag Provisioning to Servers 2 3 VM Policy 4 Creation Orchestration & VM Launch 5 Dashboard Step 4: Determine best Server to meet VM Trust and Geo-Location Policy. Launch VM instance of specific Flavor. OpenStack Scheduler Extended with Asset/Geo-Tag Filter. New Filter invokes Mt. Wilson Geo-Tag Attestation APIs to determine best Server to meet VM Polices. VM Instance created by OpenStack Scheduler by finding the best Server matching the VM Policy to Geo-Tag on the Server
15 Geo-Tagging Flow in OpenStack Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation Orchestration & VM Launch 5 Dashboard
16 Looking Ahead 1. Use-case 1: Extending Geo-Tagging/Location Control for Storage Volumes 2. Use-case 2: Tenant-controlled encryption and decryption, based on Location and Trust Policies. 16
17 Use-case #1: Extending Geo-Tagging/Location Control for Volumes Current Implementation: Geo-tagging/location policies defined and enforced at the VM level. Scenario 1: Two VMs. VM1 no attached storage; VM2 local attached storage; Scenario 2: Two VMs. VM 1 = No attached Storage; VM 2 = External/Shared Storage Volume attached to VM2. VM2 VM2 Trust Verified. Geo = France Trust Verified. Geo=France Cloud Controller Cloud Controller Cinder aunched Attestation Authority launched Attestation Authority Create/attach Storage volumes VM1 and VM2 (with local storage) launched.. VM policies enforced on Storage VM1 and VM2 launched per Policy.. VM Policy not enforced on Storage. Location Policy violation!!!
18 OpenStack Extensions: Location Policy Enforcement on storage volumes Extend VM Location Policy Control to Cinder volumes Leverage Intel TXT Measured Boot, Remote Attestation and Geo-Tag Provisioning, for Location Compliance of Cinder Volumes. - Applies to x86-based External/Shared Storage. Not yet for SAN/NAS storage. New Location filter in Cinder scheduler Location Policy Compliance during Volume Create Location Policy compatibility verified during Volume Attach in the Check Attach code of Nova API. VM Location Policy == Volume Location Policy SQL DB Cinder Scheduler Location Filter AMQP AMQP Cinder Client REST Cinder API AMQP Cinder Volume driver Storage (DAS, Scale Out, NAS, SAN) AMQP Cinder backup Exploring ways to enforcing Location Policy for Volume Migration and Backups (for Swift: Storage Policies)
19 Creating a new Volume with Geo-tag Policy 1) Policy is selected for Volume creation. You can select up to 5 policies from the Horizon extensions. 2) Create Volume invokes CinderLocationFilter. Verifies Policy against Server (cinder node) Geo-tag. Volumes with Trust and Geo-Tag
20 Attach Volume to a VM instance 1)VM Policy == Volume Policy 2)Attach Volume: Verifies Volume Geo-Tag against the VM Geo-Tag Policy for Compatibility.
21 Use-case 2: Tenant-Controlled VM encryption and decryption based on Location and Trust. Enterprise Private Cloud Public Cloud Goals: VMs and data are encrypted at all times at-rest, in-transit, and up until execution. Only allow virtual servers & data to be decrypted on trusted hardware in a particular location Virtual server data only decrypted on approved servers in specified locations Sensitive virtual server storage volumes are prevented from being decrypted on server not in approved location Demonstration at the Intel booth.
22 Proxy Tenant Controlled VM Protection in OpenStack - Architecture Enterprise Data Center Cloud Service Provider 4 Launch VM Horizon 5 Launch VM Cloud Controller 1 Symmetric Key Generation 6 Attestation 7 Launch VM Gold VM Images Trust Director Encrypted VM/Image 3 PUT-VM Blob 2 Key Store KMS [Barbican & Policy Engine] Glance 9 Attestation 8 Attestation Authority 10 GetDecryptionKey (KID, AIK) Decrypt & Launch Policy Plugin Nova compute Blueprint later this year. Targeting L release
23 Summary Location-based policies to meet the most stringent security and compliance requirements. Tied to Intel TXT and TPM for reliable attestation of platform integrity and location attributes. OpenStack Extensions for Geo-Tagging are available for Icehouse & above. Targeting Kilo release for upstream. Blueprints: Looking ahead: Boundary Control for Cinder volumes on x86-based Storage. Looking ahead: Tenant-controlled VM encryption and decryption-based on Location and Trust; Demonstration at Intel Booth. Targeting L release.
24 Intel Confidential Do Not Forward
25 Geo-Tagging Provisioning and Management Architecture TAG SELECTIONS Orchestration, Policy Tools whitelists Tag Mgmt. Server TAG DB TAG API TAG MGMT TOOL* Place names Coordinates External Tag Source Country/State/DB Geo-Location System Request Attestation TAG PROV TOOL* Attestation Authority Asset-Tag Invalidation Asset Tag whitelists, Revoke Provisioning API Tag Provisioning Server TAG DB Provisioning API TXT Node/Host Provisioning Agent Geo- Tag TP M Monitoring Service [Nagios] Geo Tag Invalidation Plugin* Asset-Tag Provisioning & Management Service Quot e Geo-Tag Invalidation Quote MTW Trust Agent
26 Trusted Pools - Summary Establish and propagate a new security control attribute Platform Trust - Aggregate Trusted systems and Segregate them from untrusted resources Run sensitive workloads only on Trusted Servers (Policy Control) Tenant Visibility to remote platform status Platform Trust Enable automated monitoring of Trust based policies Platform Trust input to audit logs and compliance reporting Additional Controls: Geotag/Asset-Tags, VM payload en/decryption & Trusted VMs Cloud Tenant Report Intel Trusted Execution Technology + Remote Attestation are the basis for achieving Platform Trust APP Cloud Provider
27 Virtual Workload and Location Policies VM with no attached storage VM using local attached storage (disks presented from the same physical host the VM runs on) VM running an application that queries an external source (remote database connection, HTTP, etc) Host Host Host Remote Host + Storage 4 VM using attached external/shared storage (SAN, vsan, NFS, Scale Out Storage, DAS.. Etc. Host Attached Volumes SAN/NFS/NAS/Software Defined Storage
28 VM Boundary Control with OpenStack* - Solution Components TAG Host UUI Sign. D Asset Certificate Hash Asset Tag Store Store Attestatio n attest TPM TXT Server VM Geo policy In Openstack Glance attributes Extract Openstack NOVA scheduler Verify Trust, Geo (Filter) Launch VM on Trusted, Geoverified server 1 Enable Provisioning of geo-tags to Hosts 4 Specify Geo Policies for VMs via Glance Registry 2 Add Asset/Location Filter to FilterScheduler 5 Enhance Horizon to show Location/Trust attributes 3 Enhance Attestation Server to attest Geo- Tags
Trusted Geolocation in the Cloud. Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation
Trusted Geolocation in the Cloud Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation 2 Agenda Definition of cloud computing Trusted Geolocation in
More informationChapter 5 Boundary Control in the Cloud: Geo-Tagging and Asset Tagging
Chapter 5 Boundary Control in the Cloud: Geo-Tagging and Asset Tagging Chapters 3 and 4 focused on platform boot integrity, trusted compute pools, and the attestation architecture. They covered the reference
More informationIndex. BIOS rootkit, 119 Broad network access, 107
Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models,
More informationTrusted Geolocation in The Cloud Technical Demonstration
Trusted Geolocation in The Cloud Technical Demonstration NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation Trusted Geolocation in the Cloud Business Business
More informationOpenStack Introduction. November 4, 2015
OpenStack Introduction November 4, 2015 Application Platforms Undergoing A Major Shift What is OpenStack Open Source Cloud Software Launched by NASA and Rackspace in 2010 Massively scalable Managed by
More informationIntel Service Assurance Administrator. Product Overview
Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an
More informationClodoaldo Barrera Chief Technical Strategist IBM System Storage. Making a successful transition to Software Defined Storage
Clodoaldo Barrera Chief Technical Strategist IBM System Storage Making a successful transition to Software Defined Storage Open Server Summit Santa Clara Nov 2014 Data at the core of everything Data is
More informationSUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse.
SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager pchadwick@suse.com Product Marketing Manager djarvis@suse.com SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack
More informationAMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013
AMD SEAMICRO OPENSTACK BLUEPRINTS CLOUD- IN- A- BOX OCTOBER 2013 OpenStack What is OpenStack? OpenStack is a cloud operaeng system that controls large pools of compute, storage, and networking resources
More informationAn Introduction to OpenStack and its use of KVM. Daniel P. Berrangé <berrange@redhat.com>
An Introduction to OpenStack and its use of KVM Daniel P. Berrangé About me Contributor to multiple virt projects Libvirt Developer / Architect 8 years OpenStack contributor 1 year
More informationImproving OpenStack* Hybrid Cloud Security
SOLUTION BRIEF Intel Trusted Execution Technology Hybrid Security Improving OpenStack* Hybrid Security Together, Intel, Mirantis, and IBM SoftLayer demonstrate how Intel Trusted Execution Technology, attestation,
More informationMulti Provider Cloud. Srinivasa Acharya, Engineering Manager, Hewlett-Packard rsacharya@hp.com
Multi Provider Cloud Srinivasa Acharya, Engineering Manager, Hewlett-Packard rsacharya@hp.com Agenda Introduction to OpenStack Multi Hypervisor Architecture Use cases for Multi Hypervisor cloud Ironic
More information新 一 代 軟 體 定 義 的 網 路 架 構 Software Defined Networking (SDN) and Network Function Virtualization (NFV)
新 一 代 軟 體 定 義 的 網 路 架 構 Software Defined Networking (SDN) and Network Function Virtualization (NFV) 李 國 輝 客 戶 方 案 事 業 群 亞 太 區 解 決 方 案 架 構 師 美 商 英 特 爾 亞 太 科 技 有 限 公 司 Email: kuo-hui.li@intel.com 1 Legal
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationIsaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014
OpenStack approach to SDN by way of NFV Advanced Network Service Framework Isaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014 Legal Disclaimers Copyright 2014 Intel Corporation. All rights
More informationIntel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms
Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Enomaly Elastic Computing Platform, * Service Provider Edition Executive Summary Intel Cloud Builder Guide
More informationBuilding Storage as a Service with OpenStack. Greg Elkinbard Senior Technical Director
Building Storage as a Service with OpenStack Greg Elkinbard Senior Technical Director MIRANTIS 2012 PAGE 1 About the Presenter Greg Elkinbard Senior Technical Director at Mirantis Builds on demand IaaS
More informationHow To Make A Cloud Work For You
OpenStack Deep Dive Alan Clark OpenStack, Chairman of the Board Director, SUSE aclark@suse.com Community Size Q2 2014 ECOSYSTEM SIZE (Members + Sponsors + Supporters) 390 Companies Members: 26 Sponsors:
More informationCloud Computing #8 - Datacenter OS. Johan Eker
Cloud Computing #8 - Datacenter OS Johan Eker Outline What is a Datacenter OS? OpenStack Kubernetes Resource Management What is an OS? What is an OS? Manage hardware resources such as CPU, RAM, disk, I/O,
More informationUsing SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP
Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP
More informationUbuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure
TECHNICAL WHITE PAPER Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure A collaboration between Canonical and VMware
More informationBuilding the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems
Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems Brian McCarson Sr. Principal Engineer & Sr. System Architect, Internet of Things Group, Intel Corp Mac Devine
More informationVirtual Datacenter or Virtualization in the datacenter. (OpenStack) Larry Rudolph
Virtual Datacenter or Virtualization in the datacenter (OpenStack)! Larry Rudolph A merge of several public presentations Rackspace & NASA started it off, and OpenStack has grown dramatically All possible
More informationNIST Interagency Report 7904 (Draft) Trusted Geolocation in the Cloud: Proof of Concept Implementation (Draft)
NIST Interagency Report 7904 (Draft) Trusted Geolocation in the Cloud: Proof of Concept Implementation (Draft) Erin K. Banks Michael Bartock Kevin Fiftal David Lemon Karen Scarfone Uttam Shetty Murugiah
More informationKVM, OpenStack and the Open Cloud SUSECon November 2015
KVM, OpenStack and the Open Cloud SUSECon November 2015 Adam Jollans Program Director, Linux & Open Virtualization Strategy IBM Agenda A Brief History of Virtualization KVM Architecture OpenStack Architecture
More informationKVM, OpenStack, and the Open Cloud
KVM, OpenStack, and the Open Cloud Adam Jollans, IBM & Mike Kadera, Intel CloudOpen Europe - October 13, 2014 13Oct14 Open VirtualizaGon Alliance 1 Agenda A Brief History of VirtualizaGon KVM Architecture
More informationSecuring sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant
Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV Nadav Elkabets Presale Consultant Protecting Your Data Encrypt Your Data 1 ProtectFile StorageSecure ProtectDB ProtectV Databases File
More informationSavanna Hadoop on. OpenStack. Savanna Technical Lead
Savanna Hadoop on OpenStack Sergey Lukjanov Savanna Technical Lead Mirantis, 2013 Agenda Savanna Overview Savanna Use Cases Roadmap & Current Status Architecture & Features Overview Hadoop vs. Virtualization
More informationSUSE Cloud 5 Private Cloud based on OpenStack
SUSE Cloud 5 Private Cloud based on OpenStack Michał Jura Senior Software Engineer Linux HA/Cloud Developer mjura@suse.com 2 New solutions emerge: Infrastructure-as-Service Cloud = 3 SUSE Cloud Why OpenStack?
More informationInfrastructure as a Service
Infrastructure as a Service Jose Castro Leon CERN IT/OIS Cloud Computing On-Demand Self-Service Scalability and Efficiency Resource Pooling Rapid elasticity 2 Infrastructure as a Service Objectives 90%
More informationInstallation Runbook for Avni Software Defined Cloud
Installation Runbook for Avni Software Defined Cloud Application Version 2.5 MOS Version 6.1 OpenStack Version Application Type Juno Hybrid Cloud Management System Content Document History 1 Introduction
More informationGetting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013
Getting Started with OpenStack and VMware vsphere TECHNICAL MARKETING DOCUMENTATION V 0.1/DECEMBER 2013 Table of Contents Introduction.... 3 1.1 VMware vsphere.... 3 1.2 OpenStack.... 3 1.3 Using OpenStack
More informationDevelop a process for applying updates to systems, including verifying properties of the update. Create File Systems
RH413 Manage Software Updates Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems Allocate an advanced file system layout, and use file
More informationRED HAT INFRASTRUCTURE AS A SERVICE OVERVIEW AND ROADMAP. Andrew Cathrow Red Hat, Inc. Wednesday, June 12, 2013
RED HAT INFRASTRUCTURE AS A SERVICE OVERVIEW AND ROADMAP Andrew Cathrow Red Hat, Inc. Wednesday, June 12, 2013 SERVICE MODELS / WORKLOADS TRADITIONAL WORKLOADS Stateful VMs: Application defined in VM Application
More informationCloud File Services: October 1, 2014
Cloud File Services: SMB/CIFS and TITLE NFS in the Cloud PRESENTATION GOES HERE October 1, 2014 Webcast Presenters David Fair, SNIA ESF Business Development Chair - Intel John Reed Product Manager, Windows
More informationLong Distance Workload Migration
Long Distance Workload Migration Secure Data Access and Movement Between Clouds Mark Lesher Sr. Director EMC 2 Cloud Infrastructure Solutions September 10 1 Drivers for Long Distance Workload Migration
More informationHow To Install Openstack On Ubuntu 14.04 (Amd64)
Getting Started with HP Helion OpenStack Using the Virtual Cloud Installation Method 1 What is OpenStack Cloud Software? A series of interrelated projects that control pools of compute, storage, and networking
More informationKVM, OpenStack, and the Open Cloud
KVM, OpenStack, and the Open Cloud Adam Jollans, IBM Southern California Linux Expo February 2015 1 Agenda A Brief History of VirtualizaJon KVM Architecture OpenStack Architecture KVM and OpenStack Case
More informationIntel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms
EXECUTIVE SUMMARY Intel Cloud Builder Guide Intel Xeon Processor-based Servers Red Hat* Cloud Foundations Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms Red Hat* Cloud Foundations
More informationOpenNebula Open Souce Solution for DC Virtualization. C12G Labs. Online Webinar
OpenNebula Open Souce Solution for DC Virtualization C12G Labs Online Webinar What is OpenNebula? Multi-tenancy, Elasticity and Automatic Provision on Virtualized Environments I m using virtualization/cloud,
More informationUnderstand IBM Cloud Manager V4.2 for IBM z Systems
Understand IBM Cloud Manager V4.2 for IBM z Systems Kershaw Mehta kershaw@us.ibm.com August 14, 2015 Many organizations begin the cloud journey with a local cloud Organizations are looking for benefits
More informationSecure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com
Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud
More informationMaxDeploy Hyper- Converged Reference Architecture Solution Brief
MaxDeploy Hyper- Converged Reference Architecture Solution Brief MaxDeploy Reference Architecture solutions are configured and tested for support with Maxta software- defined storage and with industry
More informationopportunity Mechanisms to Protect Data in the Open Cloud
Open Source on Intel white paper OpenStack* Intel Xeon processors Intel Trusted Execution Technology Intel Advanced Encryption Standard New Instructions Mechanisms to Protect Data in the Open Cloud Intel
More informationOpenNebula Open Souce Solution for DC Virtualization
13 th LSM 2012 7 th -12 th July, Geneva OpenNebula Open Souce Solution for DC Virtualization Constantino Vázquez Blanco OpenNebula.org What is OpenNebula? Multi-tenancy, Elasticity and Automatic Provision
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide HP Gen8 Family Based Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationWhither Enterprise Cloud Platform Linux, Docker and more Loo Chia Zyn Head of Sales Consulting, Japan & Asia Pacific Oracle Linux & Oracle VM
Whither Enterprise Cloud Platform Linux, Docker and more Loo Chia Zyn Head of Sales Consulting, Japan & Asia Pacific Oracle Linux & Oracle VM Copyright 2015, Oracle and/or its affiliates. All rights reserved.
More informationOpenStack IaaS. Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013
OpenStack IaaS 1 Rhys Oxenham OSEC.pl BarCamp, Warsaw, Poland November 2013 Disclaimer The information provided within this presentation is for educational purposes only and was prepared for a community
More informationIntroduction to CoprHD: An Open Source Software Defined Storage Controller
CoprHD.github.io Introduction to CoprHD: An Open Source Software Defined Storage Controller Anjaneya Reddy Chagam Principal Engineer, Intel Corporation Urayoan Irizarry Consultant Software Engineer, EMC
More informationVMware Virtual Infrastucture From the Virtualized to the Automated Data Center
VMware Virtual Infrastucture From the Virtualized to the Automated Data Center Senior System Engineer VMware Inc. ngalante@vmware.com Agenda Vision VMware Enables Datacenter Automation VMware Solutions
More informationWHITE PAPER. Software Defined Storage Hydrates the Cloud
WHITE PAPER Software Defined Storage Hydrates the Cloud Table of Contents Overview... 2 NexentaStor (Block & File Storage)... 4 Software Defined Data Centers (SDDC)... 5 OpenStack... 5 CloudStack... 6
More informationFPGA Accelerator Virtualization in an OpenPOWER cloud. Fei Chen, Yonghua Lin IBM China Research Lab
FPGA Accelerator Virtualization in an OpenPOWER cloud Fei Chen, Yonghua Lin IBM China Research Lab Trend of Acceleration Technology Acceleration in Cloud is Taking Off Used FPGA to accelerate Bing search
More informationOpenNebula Open Souce Solution for DC Virtualization
OSDC 2012 25 th April, Nürnberg OpenNebula Open Souce Solution for DC Virtualization Constantino Vázquez Blanco OpenNebula.org What is OpenNebula? Multi-tenancy, Elasticity and Automatic Provision on Virtualized
More informationStorage XenMotion: Live Storage Migration with Citrix XenServer
Storage XenMotion: Live Storage Migration with Citrix XenServer Enabling cost effective storage migration and management strategies for enterprise and cloud datacenters www.citrix.com Table of Contents
More informationCloud Defense. Kevin Hall Cyber Security Technology Department 4/17/2012. Sandia National Laboratories SAND 2012-2581C
4/17/2012 Cloud Defense Kevin Hall Cyber Security Technology Department Sandia National Laboratories SAND 2012-2581C Sandia National Laboratories is a multi program laboratory managed and operated by Sandia
More informationCopyright 2014, Oracle and/or its affiliates. All rights reserved. 2
2 CON8358 - Building a Private Cloud with OpenStack Oracle OpenStack for Oracle Linux Ronen Kofman Director of Product Development Oracle OpenStack September, 2014 Safe Harbor Statement The following is
More informationCloud Storage in a PaaS World
Cloud Storage in a PaaS World Susan Wu Oracle Group Manager, Product Management Cloud Storage runs Apps Just like a Platform runs Applications, there are many Applications that need to run in Cloud Storage
More information7 Ways OpenStack Enables Automation & Agility for KVM Environments
7 Ways OpenStack Enables Automation & Agility for KVM Environments Table of Contents 1. Executive Summary 1 2. About Platform9 Managed OpenStack 2 3. 7 Benefits of Automating your KVM with OpenStack 1.
More informationEnterprise-Class Virtualization with Open Source Technologies
Enterprise-Class Virtualization with Open Source Technologies Alex Vasilevsky CTO & Founder Virtual Iron Software June 14, 2006 Virtualization Overview Traditional x86 Architecture Each server runs single
More informationHP OpenStack & Automation
HP OpenStack & Automation Where we are heading Thomas Goh Cloud Computing Cloud Computing Cloud computing is a model for enabling ubiquitous network access to a shared pool of configurable computing resources.
More informationSunshine in a Cloudy World
Sunshine in a Cloudy World OpenStack 101, HP and OpenStack Jeff Holderfield jeffh@hp.com @jeffholderfield Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationCloud Migration: Migrating workloads to OpenStack Cloud
Cloud Migration: Migrating workloads to OpenStack Cloud Happiest People Happiest Customers Contents 2 Executive Summary For majority of companies, be it small, medium-sized businesses or large, migrating
More informationWojciech Furmankiewicz Senior Solution Architect Red Hat CEE wfurmank@redhat.com
Wojciech Senior Solution Architect Red Hat CEE wfurmank@redhat.com IT challenges Challenges with traditional infrastructure Our data is too large We're producing vast amounts of data, exponentially! Way
More informationAddressing Storage Management Challenges using Open Source SDS Controller
Addressing Storage Management Challenges using Open Source SDS Controller Anjaneya Reddy Chagam, Intel Chief SDS Architect, Data Center Group Shayne Huddleston, Oregon State University Infrastructure Architect,
More informationMPSTOR Technology Overview
MPSTOR Technology Overview Delivering operational efficiency to the datacenter through software defined storage enabling data centers generate new higher margin revenue streams via a single programmable
More informationHP Cloud OS. Платформа OpenStack корпоративного уровня. Иван Кровяков Архитектор облачных решений HP Центральная и Восточная Европа
HP Cloud OS Платформа OpenStack корпоративного уровня Иван Кровяков Архитектор облачных решений HP Центральная и Восточная Европа What is OpenStack Software Massively scalable cloud operating system that
More informationCON8473 Oracle Distribution of OpenStack Making OpenStack an Enterprise Grade Solution
CON8473 Oracle Distribution of OpenStack Making OpenStack an Enterprise Grade Solution Ronen Kofman Director of Product Development Oracle OpenStack September, 2014 Safe Harbor Statement The following
More informationBuilding Trust and Compliance in the Cloud with Intel Trusted Execution Technology
WHITE PAPER Intel Trusted Execution Technology Intel Xeon Processor Secure Cloud Computing Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology The Taiwan Stock Exchange Corporation
More informationOpenstack. Cloud computing with Openstack. Saverio Proto saverio.proto@switch.ch
Openstack Cloud computing with Openstack Saverio Proto saverio.proto@switch.ch Lugano, 23/03/2016 Agenda SWITCH role in Openstack and Cloud Computing What is Virtualization? Why is Cloud computing more
More informationToday. 1. Private Clouds. Private Cloud toolkits. Private Clouds and OpenStack Introduction
Today Private Clouds and OpenStack Introduction 1. Private Clouds 2. Introduction to OpenStack What is OpenStack? Architecture and Main components Demo: basic commands Luis Tomás Department of Computing
More informationRED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES
RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server
More informationMigrating to ESXi: How To
ILTA Webinar Session Migrating to ESXi: How To Strategies, Procedures & Precautions Server Operations and Security Technology Speaker: Christopher Janoch December 29, 2010 Migrating to ESXi: How To Strategies,
More informationEnabling Technologies for Distributed Computing
Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF Multi-core CPUs and Multithreading Technologies
More informationInfrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS) (ENCS 691K Chapter 4) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Moreno et al.,
More informationWhite Paper. Deploying and Provisioning Databases in the Cloud: How Tesora s Database as a Service (DBaaS) Platform is Transforming Enterprise IT
White Paper Deploying and Provisioning Databases in the Cloud: How Tesora s Database as a Service (DBaaS) Platform is Transforming Enterprise IT When IT Departments Can t Deliver, People Go Elsewhere Over
More informationMigration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module
Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module June, 2015 WHITE PAPER Contents Advantages of IBM SoftLayer and RackWare Together... 4 Relationship between
More informationCloud: Where are we now? Gerald Gerry Seaman Cloud Marketing Manager Intel - Data Center Group Enterprise High Performance Group
Cloud: Where are we now? Gerald Gerry Seaman Cloud Marketing Manager Intel - Data Center Group Enterprise High Performance Group Why is Intel Talking Cloud? Service and Policy Management Analytics Cloud
More information(R)Evolution im Software Defined Datacenter Hyper-Converged Infrastructure
(R)Evolution im Software Defined Datacenter Hyper-Converged Infrastructure David Kernahan Senior Systems Engineer VMware Switzerland GmbH 2014 VMware Inc. All rights reserved. Agenda 1 VMware Strategy
More informationEnabling Technologies for Distributed and Cloud Computing
Enabling Technologies for Distributed and Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Multi-core CPUs and Multithreading
More informationVIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers
VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers Why it s unique The Nuage Networks VSP is the only enterprise and service provider-grade SDN platform that:
More informationOCCI and Security Operations in OpenStack - Overview
Allocation of VMs: A primer Alex Glikson (IBM), John M. Kennedy (Intel), Giovanni Toffetti (IBM) FI-WAE Cloud Hosting Chapter June 6th, 2013 http://www.fi-ware.eu http://www.fi-ppp.eu Agenda Overview Web-based
More informationSYNNEFO: A COMPLETE CLOUD PLATFORM OVER GOOGLE GANETI WITH OPENSTACK APIs VANGELIS KOUKIS, TECH LEAD, SYNNEFO
SYNNEFO: A COMPLETE CLOUD PLATFORM OVER GOOGLE GANETI WITH OPENSTACK APIs VANGELIS KOUKIS, TECH LEAD, SYNNEFO 1 Synnefo cloud platform An all-in-one cloud solution Written from scratch in Python Manages
More informationSECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX
White Paper SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX Abstract This white paper explains the benefits to the extended enterprise of the on-
More informationJourney to the Private Cloud. Key Enabling Technologies
Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion
More informationFOR SERVERS 2.2: FEATURE matrix
RED hat ENTERPRISE VIRTUALIZATION FOR SERVERS 2.2: FEATURE matrix Red hat enterprise virtualization for servers Server virtualization offers tremendous benefits for enterprise IT organizations server consolidation,
More informationRED HAT ENTERPRISE LINUX OPENSTACK PLATFORM
RED HAT ENTERPRISE LINUX OPENSTACK PLATFORM OPEN CLOUD INFRASTRUCTURE BUILT ON RED HAT TECHNOLOGIES Jason Callaway Senior Solutions Architect April 22 2014 I.T. CHALLENGES WORKLOADS ARE EVOLVING CLOUD
More informationWith Red Hat Enterprise Virtualization, you can: Take advantage of existing people skills and investments
RED HAT ENTERPRISE VIRTUALIZATION DATASHEET RED HAT ENTERPRISE VIRTUALIZATION AT A GLANCE Provides a complete end-toend enterprise virtualization solution for servers and desktop Provides an on-ramp to
More informationHow an Open Source Cloud Will Help Keep Your Cloud Strategy Options Open
How an Open Source Cloud Will Help Keep Your Cloud Strategy Options Open Simon Briggs Technology Specialist simon@suse.com Open Source = openmind 3 Protect Investment & Work Together 4 Cloud Definitions
More informationIBM Cloud Manager with OpenStack 4.1
IBM Cloud Manager with OpenStack 4.1 schwicht@us.ibm.com WHY CLOUD? Cloud is redefining technology, business and entire industries Early adopters have nearly 2.5x higher gross profit than their peers and
More informationPowerVC 1.2 Q4 2013 Power Systems Virtualization Center
PowerVC 1.2 Q4 2013 Power Systems Virtualization Center At last a simple tool to spin-off Power Virtual Machines with very little effort Nigel Griffiths IBM Power Systems Corporation Advanced Technology
More informationHO5604 Deploying MongoDB. A Scalable, Distributed Database with SUSE Cloud. Alejandro Bonilla. Sales Engineer abonilla@suse.com
HO5604 Deploying MongoDB A Scalable, Distributed Database with SUSE Cloud Alejandro Bonilla Sales Engineer abonilla@suse.com Agenda SUSE Cloud Overview What is MongoDB? 2 Getting familiar with the Cloud
More informationIntroduction to OpenStack
Introduction to OpenStack Carlo Vallati PostDoc Reseracher Dpt. Information Engineering University of Pisa carlo.vallati@iet.unipi.it Cloud Computing - Definition Cloud Computing is a term coined to refer
More informationANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213
ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 Application Compatibility Many organizations have business critical or internally
More informationCorso di Reti di Calcolatori M
Università degli Studi di Bologna Scuola di Ingegneria Corso di Reti di Calcolatori M Cloud: Openstack Antonio Corradi Luca Foschini Anno accademico 2014/2015 NIST STANDARD CLOUD National Institute of
More informationRed Hat Enterprise Linux OpenStack Platform Update February 17, 2016
Red Hat Enterprise Linux OpenStack Platform Update February 17, 2016 1 Ian Pilcher Principal Product Manager Platform Business Unit AGENDA Introductions War stories OpenStack in a Minute or So.. Understanding
More informationSOFTWARE-DEFINED: MAKING CLOUDS MORE EFFICIENT. Julian Chesterfield, Director of Emerging Technologies
SOFTWARE-DEFINED: MAKING CLOUDS MORE EFFICIENT Julian Chesterfield, Director of Emerging Technologies DEFINING SOFTWARE DEFINED! FLEXIBILITY IN SOFTWARE Leveraging commodity CPU cycles to provide traditional
More informationServervirualisierung mit Citrix XenServer
Servervirualisierung mit Citrix XenServer Paul Murray, Senior Systems Engineer, MSG EMEA Citrix Systems International GmbH paul.murray@eu.citrix.com Virtualization Wave is Just Beginning Only 6% of x86
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationPalo Alto Networks. Security Models in the Software Defined Data Center
Palo Alto Networks Security Models in the Software Defined Data Center Christer Swartz Palo Alto Networks CCIE #2894 Network Overlay Boundaries & Security Traditionally, all Network Overlay or Tunneling
More information