Improving OpenStack* Hybrid Cloud Security
|
|
- Amber Gaines
- 7 years ago
- Views:
Transcription
1 SOLUTION BRIEF Intel Trusted Execution Technology Hybrid Security Improving OpenStack* Hybrid Security Together, Intel, Mirantis, and IBM SoftLayer demonstrate how Intel Trusted Execution Technology, attestation, and automation can enhance hybrid cloud security. Private Hybrid Public Solution Provided By: Private data centers strive to optimize efficiency and improve utilization. However, when utilization peaks, it can diminish the data center s ability to absorb bursts of demand or to accommodate workloads of an indeterminate lifespan or unknown viability. To address this problem these workloads are often deployed in a public cloud. Intel believes that a secure hybrid cloud a mixture of public and private deployments is an important component of its effectiveness and efficiency. Even with public deployments, we must have transparent oversight of the deployment s location and security to meet our fiduciary and efficiency goals. Therefore our cloud platform strategy stresses uncompromising security and control in both public and private deployments, while prioritizing three long-term objectives: Open, interoperable software infrastructure. Help avoid vendor lock-in, accelerate component development, and facilitate collaboration with other largescale enterprises. Automated cloud resource management. Address rapidly changing end-user demands, multitenancy, and utilization without compromising security or service-level agreements. Hybrid private/public architecture. Establish a high-utilization, private cloud to run trusted, secure, missioncritical services and enable continuous operations, complemented by an ondemand public cloud for bursting and scaling under a predictable, pay-peruse cost model. Intel took an agile, DevOps approach to building our hybrid cloud, basing our work on OpenStack*. Internal reference OpenStack deployments have helped us evolve our data center roadmap and business objectives. At the same time, we have used these deployments as platforms for proving the business value of Intel s innovations and contributions to OpenStack open source projects in real-world environments. The next logical step was to create a reference hybrid deployment to demonstrate that a hybrid cloud environment can support enterprise-level security.
2 Meet the Team Intel Intel s work on cloud initiatives spans multiple groups. One group may test and benchmark new technologies, another group may make key contributions to the open source community, and other groups may develop marketable technologies and help integrate them into the open cloud computing market. Examples of such activities include the development of Intel Trusted Execution Technology and Intel Service Assurance Administrator (part of the Intel Datacenter Software family), participation in the Open Attestation project, and contributions to OpenStack* projects such as Nova. Our cloud initiatives are based on OpenStack, whose flexible nature can make rapid iteration challenging. However, we have found that rapid iteration instead of lengthy planning and implementation cycles can provide the best business benefits through agility and innovation. Mirantis With years of experience spanning multiple, large-enterprise OpenStack projects and numerous contributions to the OpenStack code base, Mirantis is a recognized leader in the OpenStack ecosystem. Mirantis OpenStack a close-to-trunk OpenStack distribution featuring one-click deployment with Fuel* solved important parts of the deployment puzzle for Intel and shortened the project timeline. Developed by Mirantis, Fuel is an open source, template-driven deployment engine. Fuel discovers hardware resources and rapidly and automatically creates robust OpenStack deployments based on tested reference architectures, drawn from real-world use cases. IBM SoftLayer Founded in 005 and acquired by IBM in 013, SoftLayer provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. Products and services include bare metal and virtual servers, networking, turnkey big data solutions, and private cloud solutions. SoftLayer s Network-Within-a-Network topology provides true out-of-band access, enabling enterprises to deploy infrastructure off-premises but completely within the enterprise s security profile. Other aspects of SoftLayer include an easy-to-use customer portal and robust API for full remote access of all product and service management options. Proof of Concept Running enterprise applications on a hybrid cloud presents several challenges. An enterprise wants assurance that workloads are running on trusted infrastructure, isolated from other cloud subscribers. It also wants to know whether the required compute cycles are guaranteed and whether the service and the workload portability are reliable (see Figure 1). To demonstrate that a hybrid cloud can address many of these challenges using today s technology, Intel, Mirantis, and IBM SoftLayer designed a series of tests to validate that secure workloads were deployed only on virtual machines (VMs) located on physical hosts where their trust was validated through Measured Launch Environment (MLE) and attestation. Throughout Intel s cloud initiatives, we have learned that agility pays off. Go ahead and build it is a good plan as long as rapid iteration does not compromise the principles of stability, availability, and security. Although the team did not expect to build the perfect solution, the proof of concept demonstrated the viability of building a secure OpenStack hybrid cloud using Private Enterprise Challenges: Trust Performance Reliability Portability heterogeneous hardware managed through a single management platform. Intel Trusted Execution Technology (Intel TXT) 1 enhanced infrastructure integrity and security in both the public and private components of the cloud: Public cloud component. The externally hosted cloud component was hosted on IBM SoftLayer, using server platforms with Trusted Platform Modules (TMPs) and the appropriate BIOS to utilize Intel TXT. The TPM, Intel TXT, and attestation created an MLE, within which externally hosted VM workloads could be securely executed. Private cloud component. The internally hosted cloud component used servers enabled with Intel TXT that were similarly measured, providing the attestation server with the ability to ensure a comparable trusted configuration. To facilitate private management communication between Intel and SoftLayer, a virtual private network (VPN) was established between the internal and external sites. A single Horizon dashboard and attestation service was hosted on the internal OpenStack cluster and was enabled to manage both locations. Public Figure 1. Trust, performance, reliability, and portability are major challenges when running enterprise workloads in a hybrid cloud.
3 Methodology We followed these steps to build our proof-of-concept hybrid cloud: 1. Deploy OpenStack on private and public cloud infrastructures. In both cases we used server hardware equipped to support Intel TXT for infrastructure integrity.. Link public and private clouds across a VPN, under a single cloud control plane (OpenStack) hosted on the internal cluster. Internal hosting of the control plane prevented us from having to reconfigure the deployment if the public cloud became unavailable or was disabled to reduce capacity. 3. Deploy and configure operating system support for Intel TXT to obtain trusted compute and storage nodes on public and private clouds. 4. Configure the OpenStack management plane (Nova Scheduler) so that it is aware of the host trust measurement. 5. Install and configure the attestation service using the Open Attestation SDK for Intel TXT on the internal cluster. 6. Define OpenStack flavors of workloads that require trust validation. 7. Execute tests to validate full functionality of public and private clusters trusted by Intel TXT. For the public cloud, the team selected SoftLayer, whose hardware base uses Intel TXT. SoftLayer was willing to collaborate to make changes to cluster networking to accommodate the recommended networking plan for scalability, security, and convenience. Figure shows the SoftLayer environment, including the traffic routing from users to the SoftLayer data center and server communication within the data center. SoftLayer s network architecture consists of separate interfaces for public, private, and management networks a unique approach in the industry. This network of networks delivers a high level of scalability and control, segregating and securing traffic while streamlining management. In addition, SoftLayer s global network features more than,000 Gbps of connectivity between data centers and network points of presence (PoPs). Each location has multiple 10-Gbps transit connections as well as peering links to additional service providers and access networks. Networking Plan Requirements Four networks for administration and deployment OpenStack* management shared between internal and external clusters through a VPN Local virtual machine connectivity Public network access SoftLayer Data Center FCR PUBLIC Network PoP SLR Load Balancer (optional) Firewalls (optional) BBR DAR VPN Servers MBR Users Transit Peering BCR Public Private Management To IBM SoftLayer Network PoP Block File Object OS Update PRIVATE API Servers DNS Transcoding Images BBR backbone/border router; DAR Data center aggregation router; FCR front-end customer router; MBR Master back-end router; PoP Point of Presence; SLR SoftLayer router Figure. In the IBM SoftLayer environment, network traffic routes from users to the SoftLayer data center, which features a network of networks. Public, private, and management traffic is segregated and secured. 3
4 Intel Trusted Execution Technology Intel Trusted Execution Technology (Intel TXT) is an extension to the Intel Xeon processor and is designed to harden platforms against attacks to the hypervisor and BIOS, malicious rootkit installations, and other firmware and software attacks. Intel TXT establishes a root of trust, a hardware-based security foundation that is used to verify the integrity of other system components, such as the hypervisor. Intel TXT helps protect virtualized server environments through isolation and attestation. As shown below, at startup, Intel TXT measures the hash value of the hypervisor and compares it with a known good value. If the measurements do not match, indicating that the hypervisor may have been compromised, Intel TXT alerts IT to the situation. IT staff can then define policies to respond to these alerts, such as blocking the launch. This enables the cloud service provider or the private cloud to establish pools of compute resources with proven integrity of server infrastructure on which tenant virtual machines run. Deployment The team first deployed the Mirantis OpenStack distribution on the private cloud, using the open source Fuel* deployment tool for OpenStack (see the Meet the Team sidebar for more information on Fuel). Fuel automated the deployment and validated the initial internal cluster. Next, the team set up the public cloud cluster using the same distribution and release process that was used for the private cloud, working with SoftLayer to configure the remotely hosted equipment. Enabling this process required SoftLayer to create a network that allowed preboot execution environment (PXE) network communication. Post-deployment, Mirantis configured system-wide networking to use GRE (generic routing encapsulation) tunnels in place of the more common VLANs. Using GRE tunnels enabled both clusters to grow more gracefully, accommodating more tenants or VMs. Once installed and configured, the two clouds appeared as regions in the Horizon dashboard (located on the private cluster), so that they could be uniformly administered from the same management platform. We assumed that the public cloud implementation provided cost-effective (lower servicelevel agreement) burst capacity that could be relinquished, or even absorb failure, without affecting the usability of the private cluster. Whole-Stack Security For Multitenant s The team used Intel TXT as a resourceefficient way to make a heterogeneous, multitenant cloud more secure. A critical complement to Intel TXT is an attestation server, which during the boot process anchors and revalidates the trusted state of the BIOS, host operating system, and hypervisor against a predetermined known-good configuration. This procedure lets automated network facilities and human operators know when the trust state of an underlying server infrastructure has changed (perhaps because of a tenant workload s rogue behavior). Once notified, the affected nodes are isolated and, if possible, restarted in an attempt to reestablish trust. Meanwhile, Intel TXT provides information to prevent the deployment of sensitive workloads on untrusted hosts through integration with the OpenStack Nova Scheduler service. This service determines the placement of VMs based on a set of criteria, called filters, combined with weighting factors (see Figure 3). 3 No Match WITH Intel TXT 1 System powers on and Intel TXT verifies system BIOS/firmware Match Hosts sorted by number HOST Available Hosts after filtering HOST Host Priority after filtering and weighting factors applied IT staff blocks or allows launch, depending on whether a match exists APPS APPS OS OS HOST 4 HOST 4 Figure 3. The OpenStack* Nova Scheduler service uses a set of criteria, called filters, combined with weighting factors to help place virtual machines on the appropriate host. 4
5 The team configured Intel TXT to provide two trusted compute pools: one in the private cluster, the other in the public cluster. The Nova-compute service determined through the use of filters whether an available host had a trust measurement and that the attestation server had matched that trust measurement to a preestablished good MLE. The system allowed deployment of sensitive workloads only on trusted hosts and notified administrators about changes that might compromise trust or make it indeterminate. The virtualization stack uses Intel Virtualization Technology (Intel VT) 4 for hardware-supported virtualization and involves the following primary software applications: Kernel-based Virtual Machine (KVM). A hypervisor that allows an application to take advantage of Intel VT. QEMU (Quick EMUlator). A generic and open source machine emulator and virtualizer. QEMU can make use of KVM when running a target architecture that is the same as the host architecture. Libvirt. A virtualization API that interacts with the virtualization capabilities of the operating system. Results The proof of concept validated several aspects of improving security in a hybrid cloud environment, including the following: Visibility into the trust level of different VMs or workloads A way to tag and differentiate which workloads required additional security The ability to use common credentials and authentication and authorization across both public and private clouds The combination of trust measurement and the security specifications on the workloads made it much simpler to determine which workloads could run and where they should not run. The entire process could be automated, with no manual intervention to place the workloads, because placement of workloads was handled in the background by the OpenStack Nova Scheduler service with the help of the trust filter. Conclusion This collaborative proof of concept is an important step on the road to fullfeatured hybrid cloud computing. It validates important aspects of Intel s vision for the future of OpenStack and cloud computing. The results highlight OpenStack capabilities in linked private and public cluster configurations and illustrate how rapid, multi-platform deployment efficiencies delivered by Mirantis OpenStack and Fuel on Intel architecture-based hardware offered by SoftLayer can shorten time-to-benefit. For more information on Mirantis, visit For more information on IBM SoftLayer, visit For more information on Intel s cloud computing initiatives, visit Solution Provided By: 1 No computer system can provide absolute security under all conditions. Intel Trusted Execution Technology (Intel TXT) requires a computer with Intel Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). Intel TXT also requires the system to contain a TPM v1.s. For more information, visit This proof of concept used Intel s derivative of the Open Attestation SDK, code-named Mt. Wilson. 3 The Open Attestation SDK is available at 4 Intel Virtualization Technology requires a computer system with an enabled Intel processor, BIOS, and virtual machine monitor (VMM). Functionality, performance or other benefits will vary depending on hardware and software configurations. Software applications may not be compatible with all operating systems. Consult your PC manufacturer. For more information, visit THE INFORMATION PROVIDED IN THIS PAPER IS INTENDED TO BE GENERAL IN NATURE AND IS NOT SPECIFIC GUIDANCE. RECOMMENDATIONS (INCLUDING POTENTIAL COST SAVINGS) ARE BASED UPON INTEL S EXPERIENCE AND ARE ESTIMATES ONLY. INTEL DOES NOT GUARANTEE OR WARRANT OTHERS WILL OBTAIN SIMILAR RESULTS. INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS AND SERVICES. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS AND SERVICES INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. Intel, the Intel logo, Look Inside., the Look Inside. logo, and Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. Copyright 014 Intel Corporation. All rights reserved. Printed in USA Please Recycle 0914/GSEA/KC/PDF
CLOUD SECURITY: Secure Your Infrastructure
CLOUD SECURITY: Secure Your Infrastructure 1 Challenges to security Security challenges are growing more complex. ATTACKERS HAVE EVOLVED TECHNOLOGY ARCHITECTURE HAS CHANGED NIST, HIPAA, PCI-DSS, SOX INCREASED
More informationIntel Service Assurance Administrator. Product Overview
Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an
More informationIntel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms
Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Xeon Processor-based Platforms Enomaly Elastic Computing Platform, * Service Provider Edition Executive Summary Intel Cloud Builder Guide
More informationIntel Cloud Builder Guide to Cloud Design and Deployment on Intel Platforms
Intel Cloud Builder Guide to Cloud Design and Deployment on Intel Platforms Ubuntu* Enterprise Cloud Executive Summary Intel Cloud Builder Guide Intel Xeon Processor Ubuntu* Enteprise Cloud Canonical*
More informationIntegrated OpenStack Cloud Solution with Service Assurance
White Paper Redapt Intel SAA Integrated OpenStack Cloud Solution with Service Assurance Open Reference Cloud Architecture White Paper Redapt, Inc. and Intel Corporation Executive Summary Enterprise IT
More information新 一 代 軟 體 定 義 的 網 路 架 構 Software Defined Networking (SDN) and Network Function Virtualization (NFV)
新 一 代 軟 體 定 義 的 網 路 架 構 Software Defined Networking (SDN) and Network Function Virtualization (NFV) 李 國 輝 客 戶 方 案 事 業 群 亞 太 區 解 決 方 案 架 構 師 美 商 英 特 爾 亞 太 科 技 有 限 公 司 Email: kuo-hui.li@intel.com 1 Legal
More informationIntel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor 5600 Series Parallels* Security Monitoring and Service Catalog for Public Cloud VPS Services Parallels, Inc. Intel Cloud Builders Guide: Cloud Design and
More informationIntel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms
EXECUTIVE SUMMARY Intel Cloud Builder Guide Intel Xeon Processor-based Servers Red Hat* Cloud Foundations Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms Red Hat* Cloud Foundations
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationAccelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation
Accelerate OpenStack* Together * OpenStack is a registered trademark of the OpenStack Foundation Where are your workloads running Ensuring Boundary Control in OpenStack Cloud. Raghu Yeluri Principal Engineer,
More informationOvercoming Security Challenges to Virtualize Internet-facing Applications
Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing
More informationVendor Update Intel 49 th IDC HPC User Forum. Mike Lafferty HPC Marketing Intel Americas Corp.
Vendor Update Intel 49 th IDC HPC User Forum Mike Lafferty HPC Marketing Intel Americas Corp. Legal Information Today s presentations contain forward-looking statements. All statements made that are not
More informationIntel Embedded Virtualization Manager
White Paper Kelvin Lum Fee Foon Kong Platform Application Engineer, ECG Penang Intel Corporation Kam Boon Hee (Thomas) Marketing Development Manager, ECG Penang Intel Corporation Intel Embedded Virtualization
More informationSolution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology
Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology 30406_VT_Brochure.indd 1 6/20/06 4:01:14 PM Preface Intel has developed a series of unique Solution Recipes designed
More informationTrusted Geolocation in the Cloud. Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation
Trusted Geolocation in the Cloud Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation 2 Agenda Definition of cloud computing Trusted Geolocation in
More informationUsing SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP
Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP
More informationUbuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure
TECHNICAL WHITE PAPER Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure A collaboration between Canonical and VMware
More informationIntel Cyber Security Briefing: Trends, Solutions, and Opportunities. Matthew Rosenquist, Cyber Security Strategist, Intel Corp
Intel Cyber Security Briefing: Trends, Solutions, and Opportunities Matthew Rosenquist, Cyber Security Strategist, Intel Corp Legal Notices and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationIntel Cyber-Security Briefing: Trends, Solutions, and Opportunities
Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012 Agenda Intel + McAfee: What it means Computing trends
More informationTrusted Geolocation in The Cloud Technical Demonstration
Trusted Geolocation in The Cloud Technical Demonstration NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation Trusted Geolocation in the Cloud Business Business
More informationHow To Use An Ibm Cloud Server For Business
SoftLayer differentiation Stand apart from the crowd with SoftLayer, an IBM company 2014 IBM Corporation Executive summary Early cloud models shared, virtualized resources are no longer enough to achieve
More informationVMware Hybrid Cloud. Accelerate Your Time to Value
VMware Hybrid Cloud Accelerate Your Time to Value Fulfilling the Promise of Hybrid Cloud Computing Through 2020, the most common use of cloud services will be a hybrid model combining on-premises and external
More informationOutline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture
OpenStack Neutron Outline Why Neutron? What is Neutron? API Abstractions Plugin Architecture Why Neutron? Networks for Enterprise Applications are Complex. Image from windowssecurity.com Why Neutron? Reason
More informationIntel Active Management Technology Embedded Host-based Configuration in Intelligent Systems
WHITE PAPER Intel vpro Technology Embedded Host-based Configuration in Intelligent Systems Easy activation of Intel vpro technology remote manageability without trade-offs in security, functionality, and
More informationSolution Recipe: Improve Networked PC Security with Intel vpro Technology
Solution Recipe: Improve Networked PC Security with Intel vpro Technology Preface Intel has developed a series of unique Solution Recipes designed for channel members interested in providing complete solutions
More informationA Superior Hardware Platform for Server Virtualization
A Superior Hardware Platform for Server Virtualization Improving Data Center Flexibility, Performance and TCO with Technology Brief Server Virtualization Server virtualization is helping IT organizations
More informationMirantis OpenStack Express: Security White Paper
Mirantis OpenStack Express: Security White Paper Version 1.0 2005 2014 All Rights Reserved www.mirantis.com 1 Introduction While the vast majority IT professionals are now familiar with the cost-saving
More informationLife With Big Data and the Internet of Things
Life With Big Data and the Internet of Things Jim Fister Lead Strategist, Director of Business Development james.d.fister@intel.com www.linkedin.com/pub/jim-fister/0/3/aa/ Preston Walters Director, Business
More informationBuilding Trust and Compliance in the Cloud with Intel Trusted Execution Technology
WHITE PAPER Intel Trusted Execution Technology Intel Xeon Processor Secure Cloud Computing Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology The Taiwan Stock Exchange Corporation
More informationORACLE OPS CENTER: VIRTUALIZATION MANAGEMENT PACK
ORACLE OPS CENTER: VIRTUALIZATION MANAGEMENT PACK KEY FEATURES LIFECYCLE MANAGEMENT OF VIRTUALIZATION TECHNOLOGIES MADE SIMPLE Automation of lifecycle management reduces costs and errors while improving
More informationKVM, OpenStack and the Open Cloud SUSECon November 2015
KVM, OpenStack and the Open Cloud SUSECon November 2015 Adam Jollans Program Director, Linux & Open Virtualization Strategy IBM Agenda A Brief History of Virtualization KVM Architecture OpenStack Architecture
More informationAn Enterprise Private Cloud Architecture and Implementation Roadmap
IT@Intel White Paper Intel Information Technology Business Solutions June 2010 An Enterprise Private Cloud Architecture and Implementation Roadmap The private cloud is a shared multi-tenant environment
More informationVNF & Performance: A practical approach
VNF & Performance: A practical approach Luc Provoost Engineering Manager, Network Product Group Intel Corporation SDN and NFV are Forces of Change One Application Per System Many Applications Per Virtual
More informationAdopting Software-Defined Networking in the Enterprise
IT@Intel White Paper Intel IT Data Center Efficiency Software-Defined Networking April 2014 Adopting Software-Defined Networking in the Enterprise Executive Overview By virtualizing the network through
More informationLeading Virtualization 2.0
Leading Virtualization 2.0 How Intel is driving virtualization beyond consolidation into a solution for maximizing business agility within the enterprise White Paper Intel Virtualization Technology (Intel
More informationDifferent NFV/SDN Solutions for Telecoms and Enterprise Cloud
Solution Brief Artesyn Embedded Technologies* Telecom Solutions Intel Xeon Processors Different NFV/SDN Solutions for Telecoms and Enterprise Cloud Networking solutions from Artesyn Embedded Technologies*
More informationSecuring the Intelligent Network
WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network New Threats Demand New Strategies The network is the door to your organization for both legitimate users and would-be attackers.
More informationArchitectural Implications of Cloud Computing
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
More informationAn Enterprise Private Cloud Architecture and Implementation Roadmap
IT@Intel White Paper Intel Information Technology Business Solutions June 2010 An Enterprise Private Cloud Architecture and Implementation Roadmap The private cloud is a shared multi-tenant environment
More informationVIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers
VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers Why it s unique The Nuage Networks VSP is the only enterprise and service provider-grade SDN platform that:
More informationcloud functionality: advantages and Disadvantages
Whitepaper RED HAT JOINS THE OPENSTACK COMMUNITY IN DEVELOPING AN OPEN SOURCE, PRIVATE CLOUD PLATFORM Introduction: CLOUD COMPUTING AND The Private Cloud cloud functionality: advantages and Disadvantages
More informationCloudCenter Full Lifecycle Management. An application-defined approach to deploying and managing applications in any datacenter or cloud environment
CloudCenter Full Lifecycle Management An application-defined approach to deploying and managing applications in any datacenter or cloud environment CloudCenter Full Lifecycle Management Page 2 Table of
More informationMaster Hybrid Cloud Management with VMware vrealize Suite. Increase Business Agility, Efficiency, and Choice While Keeping IT in Control
Master Hybrid Cloud Management with VMware vrealize Suite Increase Business Agility, Efficiency, and Choice While Keeping IT in Control Empower IT to Innovate The time is now for IT organizations to take
More informationVblock Systems hybrid-cloud with Cisco Intercloud Fabric
www.vce.com Vblock Systems hybrid-cloud with Cisco Intercloud Fabric Version 1.0 April 2015 THE INFORMATION IN THIS PUBLICATION IS PROVIDED "AS IS." VCE MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND
More informationopportunity Mechanisms to Protect Data in the Open Cloud
Open Source on Intel white paper OpenStack* Intel Xeon processors Intel Trusted Execution Technology Intel Advanced Encryption Standard New Instructions Mechanisms to Protect Data in the Open Cloud Intel
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide HP Gen8 Family Based Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationIntel Trusted Platforms Overview
Intel Trusted Platforms Overview Greg Clifton Intel Customer Solutions Group Director, DoD & Intelligence 2006 Intel Corporation Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationDeveloping a Highly Available, Dynamic Hybrid Cloud Environment
IT@Intel White Paper Intel IT IT Best Practices Cloud Computing and IT Business Agility October 2012 Developing a Highly Available, Dynamic Hybrid Cloud Environment Executive Overview Although open source
More informationPluribus Netvisor Solution Brief
Pluribus Netvisor Solution Brief Freedom Architecture Overview The Pluribus Freedom architecture presents a unique combination of switch, compute, storage and bare- metal hypervisor OS technologies, and
More informationIntel Trusted Execution Technology
white paper Intel Trusted Execution Technology Intel Trusted Execution Technology Hardware-based Technology for Enhancing Server Platform Security Executive Summary A building is only as good as its foundation.
More informationIBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet
IBM PowerSC Security and compliance solution designed to protect virtualized datacenters Highlights Simplify security management and compliance measurement Reduce administration costs of meeting compliance
More informationHow To Get A Client Side Virtualization Solution For Your Financial Services Business
SOLUTION BRIEF Financial Services Industry 2nd Generation Intel Core i5 vpro and Core i7 vpro Processors Benefits of Client-Side Virtualization A Flexible, New Solution for Improving Manageability, Security,
More informationCloud based Holdfast Electronic Sports Game Platform
Case Study Cloud based Holdfast Electronic Sports Game Platform Intel and Holdfast work together to upgrade Holdfast Electronic Sports Game Platform with cloud technology Background Shanghai Holdfast Online
More informationIsaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014
OpenStack approach to SDN by way of NFV Advanced Network Service Framework Isaku Yamahata isaku.yamahata@intel.com CloudOpen Japan May 22, 2014 Legal Disclaimers Copyright 2014 Intel Corporation. All rights
More informationCLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service
CLOUD TECH SOLUTION AT INTEL INFORMATION TECHNOLOGY ICApp Platform as a Service Open Data Center Alliance, Inc. 3855 SW 153 rd Dr. Beaverton, OR 97003 USA Phone +1 503-619-2368 Fax: +1 503-644-6708 Email:
More informationRED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES
RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server
More informationKVM, OpenStack, and the Open Cloud
KVM, OpenStack, and the Open Cloud Adam Jollans, IBM & Mike Kadera, Intel CloudOpen Europe - October 13, 2014 13Oct14 Open VirtualizaGon Alliance 1 Agenda A Brief History of VirtualizaGon KVM Architecture
More informationSUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack. Gábor Nyers Sales Engineer @SUSE gnyers@suse.com
SUSE OpenStack Cloud 4 Private Cloud Platform based on OpenStack Gábor Nyers Sales Engineer @SUSE gnyers@suse.com Introductory video ChalkTalk: SUSE OpenStack Cloud 2 Stetting the Stage for SUSE OpenStack
More informationRED HAT OPENSTACK PLATFORM A COST-EFFECTIVE PRIVATE CLOUD FOR YOUR BUSINESS
WHITEPAPER RED HAT OPENSTACK PLATFORM A COST-EFFECTIVE PRIVATE CLOUD FOR YOUR BUSINESS INTRODUCTION The cloud is more than a marketing concept. Cloud computing is an intentional, integrated architecture
More informationGetting More Performance and Efficiency in the Application Delivery Network
SOLUTION BRIEF Intel Xeon Processor E5-2600 v2 Product Family Intel Solid-State Drives (Intel SSD) F5* Networks Delivery Controllers (ADCs) Networking and Communications Getting More Performance and Efficiency
More informationIntel IT Cloud 2013 and Beyond. Name Title Month, Day 2013
Intel IT Cloud 2013 and Beyond Name Title Month, Day 2013 Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel and the
More informationJANUARY 2013. Industry Brief
JANUARY 2013 Industry Brief Securing the Cloud for Financial Institutions An Overview of Cloud Security Issues Facing the Financial Services Industry and Intel Technologies for Securing the Financial Cloud
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide DELL* PowerEdge 12G Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationBoas Betzler. Planet. Globally Distributed IaaS Platform Examples AWS and SoftLayer. November 9, 2015. 20014 IBM Corporation
Boas Betzler Cloud IBM Distinguished Computing Engineer for a Smarter Planet Globally Distributed IaaS Platform Examples AWS and SoftLayer November 9, 2015 20014 IBM Corporation Building Data Centers The
More informationIaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
More informationIntel Identity Protection Technology Enabling improved user-friendly strong authentication in VASCO's latest generation solutions
Intel Identity Protection Technology Enabling improved user-friendly strong authentication in VASCO's latest generation solutions June 2013 Dirk Roziers Market Manager PC Client Services Intel Corporation
More informationSoftLayer Offerings. What s Inside
SoftLayer Offerings What s Inside Accelerate Cloud Migration with SoftLayer SoftLayer Cloud Backup for SMB SoftLayer Cloud Backup for Enterprise Security Offerings with SoftLayer SoftLayer Solutions Sizing
More informationSolution Recipe: Remote PC Management Made Simple with Intel vpro Technology and Intel Active Management Technology
Solution Recipe: Remote PC Management Made Simple with Intel vpro Technology and Intel Active Management Technology Preface Intel has developed a series of unique Solution Recipes designed for channel
More informationSUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager pchadwick@suse.com. Product Marketing Manager djarvis@suse.
SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager pchadwick@suse.com Product Marketing Manager djarvis@suse.com SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack
More informationIntel, Cisco, and Red Hat deliver a proven solution that reduces risk. Advance Your Cloud Strategy with OpenStack
Technology Overview Simplify OpenStack * Cloud Deployment Intel, Cisco, and Red Hat deliver a proven solution that reduces risk According to a global survey of 3,643 enterprise executives responsible for
More informationCisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments
Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments What You Will Learn Deploying network services in virtual data centers is extremely challenging. Traditionally, such Layer
More informationCloud for Your Business
Whitepaper Red Hat Enterprise Linux OpenStack Platform A Cost-Effective Private Cloud for Your Business Introduction The cloud is more than a marketing concept. Cloud computing is an intentional, integrated
More informationEasily deploy and move enterprise applications in the cloud
Easily deploy and move enterprise applications in the cloud IBM PureApplication solutions offer a simple way to implement a dynamic hybrid cloud environment 2 Easily deploy and move enterprise applications
More informationIndex. BIOS rootkit, 119 Broad network access, 107
Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models,
More informationIntel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor Servers Enhanced Cloud Security with HyTrust* and VMware* Intel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms Enhanced Cloud Security
More informationEnabling Database-as-a-Service (DBaaS) within Enterprises or Cloud Offerings
Solution Brief Enabling Database-as-a-Service (DBaaS) within Enterprises or Cloud Offerings Introduction Accelerating time to market, increasing IT agility to enable business strategies, and improving
More informationApplication Migration & Management
Application Migration & Management CliQr Application Migration & Management Page 2 Application Migration & Management Cloud computing is here to stay. According to recent Gartner, Inc. research, from 2011
More informationProtecting VMs in a Multi-Tenancy Environment
Protecting VMs in a Multi-Tenancy Environment Prepared by: XenServer Engineering www.citrix.com Table of Contents 1. Executive Summary... 3 2. Introduction... 4 3. Preventing Vulnerabilities with XenServer...
More informationTaking control of the virtual image lifecycle process
IBM Software Thought Leadership White Paper March 2012 Taking control of the virtual image lifecycle process Putting virtual images to work for you 2 Taking control of the virtual image lifecycle process
More informationMANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS
VCE Word Template Table of Contents www.vce.com MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS January 2012 VCE Authors: Changbin Gong: Lead Solution Architect Michael
More informationVMware vcloud Networking and Security
VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility
More informationWindows Server Virtualization An Overview
Microsoft Corporation Published: May 2006 Abstract Today s business climate is more challenging than ever and businesses are under constant pressure to lower costs while improving overall operational efficiency.
More informationIBM PowerSC. Security and compliance solution designed to protect virtualised data centres. Highlights. IBM Systems and Technology Data Sheet
IBM PowerSC Security and compliance solution designed to protect virtualised data centres Highlights Simplify security management and compliance measurement Reduce administration costs of meeting compliance
More informationImagine What Fitness Can Look Like in the Future
Imagine What Fitness Can Look Like in the Future Take a glimpse into tomorrow s digital health club. Imagine a future where technology is seamlessly integrated into the fitness experience from the time
More informationThe Open Cloud Near-Term Infrastructure Trends in Cloud Computing
The Open Cloud Near-Term Infrastructure Trends in Cloud Computing Markus Leberecht BELNET Networking Conference 25-Oct-2012 1 Growth & IT Challenges Drive Need for Cloud Computing IT Pros Growth IT Challenges
More informationCisco and Red Hat: Application Centric Infrastructure Integration with OpenStack
Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack Cisco and Red Hat Extend the Cisco ACI Policy Framework to Red Hat Enterprise Linux OpenStack Platform Enabled Environments
More informationCreating Overlay Networks Using Intel Ethernet Converged Network Adapters
Creating Overlay Networks Using Intel Ethernet Converged Network Adapters Technical Brief Networking Division (ND) August 2013 Revision 1.0 LEGAL INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationOpenStack Introduction. November 4, 2015
OpenStack Introduction November 4, 2015 Application Platforms Undergoing A Major Shift What is OpenStack Open Source Cloud Software Launched by NASA and Rackspace in 2010 Massively scalable Managed by
More informationKVM, OpenStack, and the Open Cloud
KVM, OpenStack, and the Open Cloud Adam Jollans, IBM Southern California Linux Expo February 2015 1 Agenda A Brief History of VirtualizaJon KVM Architecture OpenStack Architecture KVM and OpenStack Case
More informationIBM SmartCloud Monitoring
IBM SmartCloud Monitoring Gain greater visibility and optimize virtual and cloud infrastructure Highlights Enhance visibility into cloud infrastructure performance Seamlessly drill down from holistic cloud
More informationDell Client. Take Control of Your Environment. Powered by Intel Core 2 processor with vpro technology
Dell Client Systems Take Control of Your Environment Powered by Intel Core 2 processor with vpro technology Simplifying IT As IT infrastructures grow, heterogeneous environments expand. Growing infrastructures
More informationGetting Started with IBM Bluemix: Web Application Hosting Scenario on Java Liberty IBM Redbooks Solution Guide
Getting Started with IBM Bluemix: Web Application Hosting Scenario on Java Liberty IBM Redbooks Solution Guide Based on the open source Cloud Foundry technology, IBM Bluemix is an open-standard, cloud-based
More informationWith Red Hat Enterprise Virtualization, you can: Take advantage of existing people skills and investments
RED HAT ENTERPRISE VIRTUALIZATION DATASHEET RED HAT ENTERPRISE VIRTUALIZATION AT A GLANCE Provides a complete end-toend enterprise virtualization solution for servers and desktop Provides an on-ramp to
More informationSafeguarding the cloud with IBM Dynamic Cloud Security
Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from
More informationCloud Service Brokerage Case Study. Health Insurance Association Launches a Security and Integration Cloud Service Brokerage
Cloud Service Brokerage Case Study Health Insurance Association Launches a Security and Integration Cloud Service Brokerage Cloud Service Brokerage Case Study Health Insurance Association Launches a Security
More informationVirtualization, SDN and NFV
Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,
More informationIntel Identity Protection Technology (IPT)
Intel Identity Protection Technology (IPT) Enabling improved user-friendly strong authentication in VASCO's latest generation solutions June 2013 Steve Davies Solution Architect Intel Corporation 1 Copyright
More informationIntel Network Builders: Lanner and Intel Building the Best Network Security Platforms
Solution Brief Intel Xeon Processors Lanner Intel Network Builders: Lanner and Intel Building the Best Network Security Platforms Internet usage continues to rapidly expand and evolve, and with it network
More informationIntel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family
Intel Ethernet Switch Load Balancing System Design Using Advanced Features in Intel Ethernet Switch Family White Paper June, 2008 Legal INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL
More informationEricsson Introduces a Hyperscale Cloud Solution
Ericsson Introduces a Hyperscale Cloud Solution The Ericsson HDS 8000 delivers a complete datacenter and cloud platform based on Intel Rack Scale Architecture Solution Brief Ericsson HDS 8000, part of
More information