BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

Slides:



Advertisements
Similar presentations
A Flexible Cloud-Computing Platform Focus on solving business problems
Advertisements

Open ticket. Populate with data gathered Event Validation Gather CI service data, check for known outages Update event with ticket # Resolve incident.
System Center 2012 R2 Overview
Dan Stolts Chief Technology Strategist Microsoft Corporation Blog: Managing and Monitoring Critical Infrastructure.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Tom Yarmas CTO – Cloud Technologies U.S. Public Sector Cloud Computing: How to do it right!
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
Optimize the Business with Microsoft Datacenter Services 2.0 John Morello Lead Architect Microsoft Corporation AAP315.
Security in the Cloud: Can You Trust What You Can’t Touch? Rob Johnson Security Architect, Cloud Engineering Unisys Corp.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
Virtualization and the Cloud
© 2009 IBM Corporation ® IBM Software Group Introduction to Cloud Computing Vivek C Agarwal IBM India Software Labs.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.
Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.
Opalis Cross-Silo Orchestration Kaj Wierda, Sr. Program Manager System Center X-Platform & Interop Data Center Management with.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.
M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Cloud computing Tahani aljehani.
Plan Introduction What is Cloud Computing?
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
System Center 2012 Setup The components of system center App Controller Data Protection Manager Operations Manager Orchestrator Service.
Effectively and Securely Using the Cloud Computing Paradigm.
Cloud Computing Source:
+ System Center 2012 SP1 – What’s The Cloud Got To Do With it?
© 2009 VMware Inc. All rights reserved VMworld Update Ian Moore - Country Manager Ireland ie.linkedin.com/in/iantmooreiantmoore.
Cloud Computing.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
Service Catalog Self Service Elasticity Provisioning Chargeback Standardization Security Elasticity Flexibility Integration Economies of Scale.
Derek Slayton Sr. Director, Products Citrix Systems.
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.
Lets agree that an Optimized Data Center is not yet a Cloud +=
UI and Data Entry UI and Data Entry Front-End Business Logic Mid-Tier Data Store Back-End.
M.A.Doman Short video intro Model for enabling the delivery of computing as a SERVICE.
SUNY FARMINGDALE Computer Programming & Information Systems BCS451 – Cloud Computing Prof. Tolga Tohumcu.
Microsoft Virtual Academy.
The ITProGuru Talks About The Impact Of The Cloud Answers To Two Not So Simple Questions… 1) How Will the CLOUD Impact IT Professionals? 2) What Action.
From Virtualization Management to Private Cloud with SCVMM 2012 Dan Stolts Sr. IT Pro Evangelist Microsoft Corporation
Plan  Introduction  What is Cloud Computing?  Why is it called ‘’Cloud Computing’’?  Characteristics of Cloud Computing  Advantages of Cloud Computing.
Uwe Lüthy Solution Specialist, Core Infrastructure Microsoft Corporation Integrated System Management.
Case for Server Virtualization. Content Why virtualize? Business value of virtualization Virtualization technologies & Hyper-V overview Management and.
RECAP Datacenter Admin “Service Provider” Application Owner “Service Consumer”
Take enterprise virtualization to the next level
PaaSport Introduction on Cloud Computing PaaSport training material.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Cloud computing Cloud Computing1. NIST: Five essential characteristics On-demand self-service Computing capabilities, disks are demanded over the network.
CLOUD COMPUTING RICH SANGPROM. What is cloud computing? “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a.
Web Technologies Lecture 13 Introduction to cloud computing.
Virtual techdays INDIA │ august 2010 virtual techdays INDIA │ august 2010 Building the Road to Private Cloud M.S.Anand │ Technology Evangelist,
Optimize the Business with Microsoft Datacenter Services 2.0
Turn Bare Metal Into Silver Lining With SCVMM 2012, Today! Mark Rhodes OBS SESSION CODE: SEC313 (c) 2011 Microsoft. All rights reserved.
1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.
Connect with life Ravi Sankar Technology Evangelist | Microsoft Corporation Ravisankar.spaces.live.com/blog.
Øg fleksibiliteten i din infrastruktur 32 virtual processors per VM 1 TB virtual machine memory New 64TB VHDX format Native 4k disk support Hyper-V.
Inventory Monitor Protect InfraToolsProcessBusiness Requirements Deploy Configure Migrate Tools Service Provider “Service Admin Fabric Admin” Application.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
Mark Gosson & Charles Joy Field Management TSP System Center X-Platform & Interop Microsoft Corporation SESSION CODE: MGT204.
CS 6027 Advanced Networking FINAL PROJECT ​. Cloud Computing KRANTHI ​ CHENNUPATI PRANEETHA VARIGONDA ​ SANGEETHA LAXMAN ​ VARUN ​ DENDUKURI.
Windows 2012R2 Hyper-V and System Center 2012
Security on OpenStack 11/7/2013
Chapter 6: Securing the Cloud
Understanding The Cloud
Azure Solution Alignment Workshop
Network Services, Cloud Computing, and Virtualization
Developing a Baseline On Cloud Security Jim Reavis, Executive Director
Private Cloud best practices
Cloud Computing: Concepts
Views of Cloud Computing
Presentation transcript:

BETA!BETA!

Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud

CommunityCloud Private Cloud Public Cloud Hybrid Clouds Deployment Models Service Models Essential Characteristics Common Characteristics Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Resource Pooling Broad Network Access Rapid Elasticity Measured Service On Demand Self-Service Low Cost Software Virtualization Service Orientation Advanced Security Homogeneity Massive Scale Resilient Computing Geographic Distribution

Operating System Virtualization A Private Cloud presents the OS and virtualization resources as a pool of shared resources The resource pool is created through management, based on business rules and executed through automation. Management You no longer think about numbers of VMs, server ratios, memory or storage but instead on how much compute resources you have access to Your focus now shifts to the applications, where you rely on the pool of resources to supply the right capacity and capabilities

Compute / Network / Storage Management Layer Management Layer Hyper-V based Hypervisor Orchestration Layer Orchestration Layer Admin / Tenant Interfaces AuthN, AuthZ & Auditing

* Source: IDC Enterprise Panel, August 2008 # CIA = Confidentiality, Integrity & Availability

Windows Kernel Server Core Virtualization Stack Device Drivers Windows hypervisor VM Worker Processes Guest Partitions Ring 0 Ring 3 OS Kernel VMBus Guest Applications Root Partition CPU Storage NIC Ring 0 Ring 3 “Ring “-1”

Hardware Hypervisor VM 1VM 2 Virtual- ization Stack Root Partition Drivers Guest Partition Hypervisor VM 1 (Admin) VM 2VM 3 Hardware Drivers Virtualization Stack “The fact is, the absolute last place you want to see drivers is in the hypervisor, not only because the added abstraction layer is inevitably a big performance problem, but because hardware and drivers are by definition buggier than "generic" code that can be tested.” Linus Torvalds,

Portals & Reporting 3 rd Party Solutions

Event Mgmt Service Desk Asset/CMDB Configuration Virtual Security Storage Server Network IT Silos VM Provisioning Process Monitor Service request Stop VM Update request Update request Update & close request Clone new VM Update properties Remove from Ops Manager Test VMDeploy Applications Verify Application Add to Ops Manager Create CI Retire CI Create incident Detach Storage Detach Network Adapter

DataData Perimeter / Access ApplicationApplication HostHost NetworkNetwork  Windows security model for access control and auditing  System Center Data Protection Manager for data availability  Windows security model for access control and auditing  System Center Data Protection Manager for data availability  User identification & authorization  Application-layer malware protection  User identification & authorization  Application-layer malware protection  Host boundaries enforced by external hypervisor  Host malware protection  Host boundaries enforced by external hypervisor  Host malware protection  VLANs and packet filters in network fabric  Host firewall to supplement & integrate IPSec isolation  Controlled access to portals / services using UAG  Controlled outbound access using TMG  Controlled access to portals / services using UAG  Controlled outbound access using TMG Layer Defenses  Patch Management  Application / Host hardening  Patch Management  Application / Host hardening

Data Center’s Physical Servers Guest OS Data-Center Network