Long Distance Workload Migration Secure Data Access and Movement Between Clouds Mark Lesher Sr. Director EMC 2 Cloud Infrastructure Solutions September 10 1
Drivers for Long Distance Workload Migration Business Continuity Resource Locality Follow the Sun Dynamic Scaling Data Center Migration Motivated by ODCA usage model 2
Enabler for Long Distance Workload Migration Business Continuity Resource Locality Collaboration Follow the Sun Dynamic Scaling Data Center Migration Mobility Availability 3
Federated Data Access With EMC VPLEX Site A - Active Site B - Active Active-Active Data Access Federated AccessAnywhere Utilize resources at both sites Move and share data nondisruptively Have the exact same information In two separate locations Accessible at the same time
VPLEX Enablers AVAILABILITY MOBILITY COLLABORATION Cluster A Cluster B Federated AccessAnywhere Maintain availability and non-stop access by mirroring across locations Zero RPO/RTO Eliminate storage operations from failover Federated AccessAnywhere Move and relocate VMs, applications, and data over distance Active-active data centers Disaster avoidance Data center migration Workload rebalancing Federated AccessAnywhere Enable concurrent read/write access to data across locations Instant and simultaneous data access over distance Streamline workflows
Secure, Long Distance Workload Migration with EMC, RSA, Intel, and HyTrust EMC ODCA Booth #110 6
Demonstration 1. Non-disruptive and secure workload migration between two data centers that represent a service provider IaaS cloud environment using EMC VPLEX and stretched clusters 2. Secure Boot of VMware ESXi 5.1 hosts and verification by Intel Trusted Execution in bios against known good whitelist 3. Active enforcement of security policy compliance related by HyTrust * security appliance. 4. Enhanced auditing capabilities with RSA s * Solution for Cloud Security and Compliance
A EMC * VPLEX * Virtualization LIVE MIGRATION POSSIBLE IF USING VSPHERE *, OVM*, XEN*, IBM LPAR*, OR HYPER-V * Cluster or Virtual Host Layer NATIVE CLUSTER or VIRTUALIZATION NATIVE CLUSTER OR VIRTUALIZATION Physical Host Layer SITE A Virtual Storage Layer AccessAnywhere * SITE B LINK A Physical Storage Layer
Policy Enforcement HyTrust Appliance Verifies platform integrity, ensuring the hypervisor is hardened and the virtual infrastructure is trusted Enforces consistent access and authorization policies covering all access methods Provides granular, userspecific, audit-quality logs Enables strong, multi-factor authentication Provides complete visibility into and control over who accesses the infrastructure, defends the integrity of the infrastructure, and validates all changes requested.
RSA Solution for Cloud Security and Compliance Guided Remediation Automated Measurement Agent Device Discovery + Configuration Measurement RSA Archer egrc VMware-specific Controls alerts RSA envision Intel Trusted Execution Technology (Intel TXT) 10
Events Brought into Compliance Dashboard Intel Trusted Execution Technology (Intel TXT) 11
Bringing It All Together Site 1 Site 2 1 Non-disruptive workload migration across distance using EMC * VPLEX * EMC AccessAnywhere 2 3 4 5 Trusted Launch Secure boot of host and verification of launch time components Trusted Pools Enable Intel TXT trusted hosts to be grouped into clusters of trusted resources True security policy enforcement across cloud environments using HyTrust * Appliance Overall compliance reporting with RSA * Archer egrc Intel Trusted Execution Technology (Intel TXT) 12
Where to see more - Wednesday 3:30PM RM 2008 Take Control of your Cloud: Solutions to Meet Security and Compliance Needs Raghu Yeluri, Principal Engineer, Intel Corporation Hemma Prafullchandra, CTO/SVP Products, HyTrust, Inc. John McAuley, Principal Solutions Consultant, EMC Corporation SECS005
Thank You 14