Collaborative Professional Services Cisco Cloud Consumption Assessment Service Reduce Cloud Risks & Costs With Complete Visibility of Cloud Usage Nataša Minić Territory Services Manager BiH, Croatia, Serbia, Slovenia
As Customers Leverage the World of Many Clouds Shadow IT on the Rise IT as a Cloud Service Brokerage 10-15X 30% Cloud services purchased without IT involvement (Cisco) Global 1000 companies that will broker two or more cloud services by 2014 (Gartner) Cloud Service Providers (CSP) 400 350 300 250 200 150 11x 18x 14x 14x 100 9x 50 0 Manufacturing PublicSector Sector Manufacturing Public Customer CSP estimates Retail Services Technology Services discovered by Cloud Consumption Need complete visibility across all clouds 2013-2014 Cisco and/or its affiliates. All rights reserved. Requires new approach to manage cloud/hybrid IT Cisco Confidential 2
Customer Opportunity Users IT: Service Provider and Broker of Cloud/Hybrid Services Private Infrastructure Public Cloud Hybrid Cloud Standardized Portfolio w Service-Centric Infrastructure Processes/ Policies/Tools CSP Assessments/ On-Boarding w w w Security/ Compliance Outcomes Rapid Service Delivery Business Agility Manage Cloud Risks & Costs 2013-2014 Cisco and/or its affiliates. All rights reserved. Right Service Right Time Right Cost Cisco Confidential 3
Greater Business Agility Journey to Cloud/Hybrid IT From Shadow IT à Hybrid IT User-led Cloud Usage User-led cloud adoption with or without IT Applications/ infrastructure migrated to virtualized, automated data center Little knowledge cloud risks & costs Discover Cloud Usage & Define Cloud Strategy Monitor public cloud usage across organization, discover shadow IT Cloud strategy & infrastructure roadmap based on usage Strategically align LOB & IT Establish Cloud Management & Private Cloud Cloud PMO Cloud lifecycle management including CSP onboarding & risk mitigation processes On-going cloud monitoring Private cloud infrastructure Reduce cloud risk & costs Evolve to Hybrid Cloud Service Brokerage Cloud service catalog & charge back capabilities Monitor public, private, hybrid cloud usage Establish hybrid cloud infrastructure Seamlessly transition workloads to/between clouds Improve IT responsiveness to business Hybrid IT Widespread use of ideal IT services from private, hybrid and public clouds Managed portfolio of cloud services Automated, serviceoriented Policy-driven apps & services Hosted cloud infrastructure Correlate cloud usage to business outcomes Lower Cost & Risk 4
Journey Begins By Gaining Complete Visibility of Cloud Usage Known Unknown 10-15X More Cloud Services Customer Collector Customized Dashboard Internet Gateways Via Netflow Web Security Gateways Cloud Usage Data, No Personally Identifiable Information Professional Services Analytics w Reports w Alerts w Trending Risk Mitigation Cost Reduction Cloud Lifecycle Management Private, Hybrid Cloud Customer Cloud Consumption Software & Analytics Consumption Analytics, Vendor Profiles, Spend Data, Industry Benchmarks 5
Cloud Consumption Web Portal Features Automated Cloud Monitoring/Discovery Customized Dashboard Detailed Analytics, Reports & Alerts User Information & Trending Cloud Vendor Assessment 6
CPS Cloud Consumption Assessment Helps Predict Cloud Needs, Reduce Risks & Costs Challenge Visibility Risk/ Compliance Benefits Predict Cloud Needs Mitigate Business Risk Outcomes Know what cloud services are being used in real-time and predict cloud needs. Improve cloud service performance by foreseeing infrastructure impact of cloud. Reduce security, privacy, and compliance challenges to protect your brand and intellectual property. Costs Optimize Costs Reduce cloud costs 10-15%. Consolidate cloud services. 7
Customer Data Collection Process NetFlow v5/v9 From Internet Gateways Web Security Gateways Flow Record* Customer Collector(s) (Customer Supplied Hardware/VM) Personally Identifiable Information (PII) in log files, eg. source IPs X PII Redaction & Anonymization Utility OK PII (source IPs) Replaced with Tokens in Log Files Cloud Consumption Collector Software Customized Web Portal Customer HTTPS Cloud Consumption Server (Multi-tenant Cloud-based) *Flow Record includes Interface id, Source IP, Destination IP, Protocol, Source UDP/TCP Port, Destination UDP/TCP Port, ToS, Data Amount 8
Customer Data Collection Requirements Collector Privacy Collection performed via Netflow and/or Web Security Gateway Logs (ScanSafe, IronPort, Blue Coat, McAfee, Websense, Symantec) Collection completed by software Customer needs to provide hardware/virtual machine CPU: 4-core Intel Xeon 3 GHz or better RAM: minimum 16 GB, 32GB preferred Collector only collects network statistics and logs NO payload data or personal identifiable information (PII) is collected Tools provided for source IP addresses encryption (PII), encryption of PII is done on the collector To provide URL privacy, we can also provide URL stripping within gateway log Disk: 1TB, OS: CentOS 6.4 Required access to cloud server: port 8080 Customer has full control of hardware at all times The collector is silent, only receives data from Netflow or Web Security Gateways 9
Report Examples 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Cloud Usage Total Traffic (GB) Websites 5,626 69% CSPs 2,549 31% Corporate 1,542 60% Non- Corporate 1,007 40% <Finding Summaries> 11
Cloud Usage CSP Count by Service Type 134 129 Total Corporate Traffic by Service Type (GB) 1,332 1,495 Total Corporate 820 708 34 22 25 2 32 24 IaaS SaaS PaaS IaaS SaaS PaaS <Finding Summaries> 12
Cloud Usage Top 20 CSPs: Traffic (GB) Top Corporate CSPs: Traffic (GB) Wordpress - SaaS llnwd - IaaS Google - SaaS Adobe - SaaS ggpht - IaaS NTT America - IaaS AMAZON- AWS- - IaaS EC2-3 - SoSlayer IaaS MobileIron - PaaS msecnd - IaaS innovid - SaaS Facebook - SaaS Yahoo! Mail - SaaS AMAZON- AWS- EC2-3 - IaaS Oracle - SaaS Akamai - IaaS turner - SaaS Yammer - SaaS Ustream.tv - NeuLion - SaaS Doubleclick IaaS Concur - SaaS Oracle - SaaS Liveperson - SaaS HP - IaaS NTT America - IaaS SoSlayer - IaaS CORPTAX - SaaS Dropbox - IaaS Bluekai Inc. - SaaS Concur - SaaS Box - IaaS Kaltura - IaaS - SaaS <Finding Summaries> 13
Cloud Usage CSP Category CSP Category: With CDN Office Produc^vity 56% Content Delivery Network 44% Telecom 3% Cloud Drive/ Storage 3% Others 6% Collabora^on 3% Finance and Accoun^ng 3% Compute 22% Service Management 4% Others 3% Telecom Cloud 1% Drive/ Storage 2% Collabora^on 2% Compute 12% Finance and Service Accoun^ng Management 2% 2% Office Produc^vity 32% <Finding Summaries> 14
Cloud Usage VENDOR NAME SERVICE TYPE CATEGORY TRAFFIC GB SRC_IPS Akamai IaaS Content Delivery Network 673 6,675 Google SaaS Office Productivity 480 10,393 AMAZON-AWS-EC2-3 IaaS Compute 168 3,244 Oracle SaaS Service Management 31 1,087 NTT America IaaS Telecom 22 1,207 Softlayer IaaS Compute 21 2,294 Concur SaaS Finance and Accounting 20 1,641 Yammer SaaS Collaboration 15 1,642 ShareFile IaaS Cloud Drive/Storage 15 190 MobileIron PaaS Application Development Platform 11 1,363 Box IaaS Cloud Drive/Storage 4 168 SAP SaaS Enterprise Resource Planning 3 402 Kaltura IaaS Content Delivery Network 3 350 15
Financial Analysis 16
Risk Analysis: Common Controls Findings Found 18 controls which are adequately implemented, but 10 are inadequate Risk Impact of 12 controls are of very high in nature, while majority are in high category Risk Score 1 high and 19 medium level risk control Conclusion Top 5 controls that needs attention are; 1. Process to recover from service outage of cloud provider 2. Improvement of SIEM data sources 3. Improve logging, monitoring and access restriction capabilities for security management system Very High: Improve Control Measures immediately High: Improve Control Measures Medium: Review Control Measures Low: Maintain Existing measures 17
Assessing Risk of Cloud Consumption Low Risk à High Risk 18