Presentation is loading. Please wait.

Presentation is loading. Please wait.

Real-Life Cloud Transformation Journey with Innovative Security

Published byJohan van der Wolf Modified over 5 years ago

Similar presentations

Presentation on theme: "Real-Life Cloud Transformation Journey with Innovative Security"— Presentation transcript:

1 Real-Life Cloud Transformation Journey with Innovative Security
Alex Philips CIO National Oilwell Varco Jay Chaudhry CEO, Chairman, Co-founder Zscaler

2 CSA: Secure Cloud Transformation Journeys Shared
2016 Chief Enterprise Architect 2017 Head of Global Infrastructure Chief Information Officer 2018

3 Cloud and mobility: opportunities and challenges
SaaS Open Internet Public Cloud MPLS MPLS MPLS MPLS Do we control the Internet? How do you secure the network? Network security is becoming less relevant. A new approach is needed. Note: (1) Cisco Visual Networking Index: Forecast and Methodology, Note: (2) Mozilla Firefox report

4 Cloud & Mobility requires a new approach to security
Old World New World Application Location On-premises data center Public cloud, SaaS, on- premises data center Network Architecture “Hub-and-spoke”: backhaul traffic to the on-premises data center Direct-to-cloud: traffic routed locally to the internet Security Approach “Castle and Moat” to secure the corporate network Securely connect users and devices regardless of network

5 Network security is becoming irrelevant
$17.7 billion spent annually on disparate security appliances(1) Network – Centric HQ MOBILE BRANCH IOT Open internet SaaS Public cloud Private cloud / On-premise data center Policy Enforcement Checkpost User/App – Centric Securely connect users to apps or services Open internet Internet Gateway Security Appliances MOBILE Secure the corporate network to protect users and data Based on IDC estimates, including Worldwide Network Security Forecast (September 2017), Worldwide IT Security Products Forecast, (March 2017), and WW Data Loss Prevention Forecast (March 2016).

6 A three-step journey to secure IT transformation
Up-level security SaaS Open internet Private cloud / Data center Public cloud SIMPLIFY Remove multiple point products SaaS Open internet Private cloud / Data center Public cloud TRANSFORM Cloud-enable network, app access Open internet SaaS Public cloud Private cloud / Data center

7 Our Cloud Transformation Journey
Alex J. Philips CIO & CISO ©2018 NOV | Proprietary and confidential. 6

8 This presentation was developed by National Oilwell Varco as an internal guide and while every effort was made to insure its accuracy, this presentation is only intended to be used as a training aid. Improvements in equipment including, but not limited to, design, engineering, materials, production methods or customer specifications may necessitate changes in the equipment that may result in inconsistencies between the contents of this publication and the end product. National Oilwell Varco reserves the right to make these changes without incurring any liabilities or obligations beyond those stipulated in a signed purchase contract with its customer. The images, photographs, charts, diagrams, drawings, verbal contents and specifications contained herein are not to be construed as giving rise to any warranty, and are not to be regarded as approval or disapproval of any specific product or practice on the part of National Oilwell Varco. copyright National Oilwell Varco, L.P. – 2018 ©2018 NOV | Proprietary and confidential.

9 CISO Responsibilities
Introduction – Who am I? Alex Philips CIO Responsibilities CISO Responsibilities NOV - 20 years MBA – Rice University CIO/CISO Global IT Product IT Corporate Engineering Technology Corporate Financial Systems Corporate Data Warehouse IT Security eDiscovery Incident Response Vulnerability Management M&A Security Product IT Security ©2018 NOV | Proprietary and confidential.

10 Introduction – Who is NOV?
A leading provider of technology, equipment, and services to the global oil and gas industry that supports customers’ full-field drilling, completion, and production needs. NOV powers the industry that powers the world. 36,000 Employees 635 locations 66 Countries $7.3 Billion Revenue 2017 $15.5 Billion Market Cap – NOV (NYSE) 300+ Acquisitions in last 20 years ©2018 NOV | Proprietary and confidential. ©2016 NOV | Proprietary and confidential.

11 OLD WORLD OF IT NOV IT ©2018 NOV | Proprietary and confidential. 10

12 Securing the network to protect data
Perimeter Security Network Security Endpoint Security Prevention Data Security Monitoring & Response Policy Management Mission Critical Assets Mission Critical Assets Operations ©2018 NOV | Proprietary and confidential.

13 I need everything! Data Security
©2018 NOV | Proprietary and confidential.

14 Revenue $24B to $7B Employees 65,000 to 35,000
Pain! Historic Oil Price Revenue $24B to $7B Employees 65,000 to 35,000 ©2018 NOV | Proprietary and confidential.

15 Drivers for Change ©2018 NOV | Proprietary and confidential.

16 Cloud Transformation Journey
©2018 NOV | Proprietary and confidential. 15

17 IT Initiatives Cloud-first app strategy (SaaS)
Migrate internal apps to the public cloud Internet Network Transformation ©2018 NOV | Proprietary and confidential.

18 Applications: Move to a Modern Cloud Platform Proposed Access is still Legacy
©2018 NOV | Proprietary and confidential.

19 Network Transformation Hub-and-Spoke to Direct-to-Cloud (SD-WAN)
4x less $$$$ on MPLS 10-20x Faster User Experience Internet Broadband $ Communication Hub Colo SD-WAN MPLS $$$ Branches (VoIP) Datacenter ©2018 NOV | Proprietary and confidential.

20 How do I secure a direct-to-cloud architecture?
©2018 NOV | Proprietary and confidential.

21 Appliance Hell ©2018 NOV | Proprietary and confidential.

22 Secure Network transformation with Cloud Security Direct Path to the Internet and Office 365
Communication Hub Colo Broadband $ Internet SD-WAN Branches MPLS $$$ (VoIP) Datacenter ©2018 NOV | Proprietary and confidential.

23 Cloud Security Benefits
Avoided Microsoft ExpressRoute tax Zscaler Peering with Office 365 (globally) 1-Click Office 365 Configuration (Microsoft Recommended) Optimal GTM DNS Full security stack (SSL + Cloud Firewall) ©2018 NOV | Proprietary and confidential.

24 Zscaler enables secure IT transformation to the cloud
Fast and secure policy-based access to applications and services over the Internet Private cloud / On-premise data center SaaS Open internet Public cloud Externally managed Internally managed Securely connects users to externally managed SaaS applications and internet destinations Zscaler Internet Access Firewall / intrusion prevention URL filter Anti-virus Data loss prevention Secure sockets layer inspection Sandbox Global load balancing Distributed denial of service protection External firewall / intrusion prevention VPN concentrator Internal firewall Internal load balancer Securely connects authorized users to internally managed applications Zscaler Private Access HQ MOBILE BRANCH IOT Any device, any location, on-network or off-network

25 Security Transformation (Phased Approach)
Phase 1: Enhance security: ATP, A/V, IPS, Sandbox, Phishing, etc. Phase 2: SSL Decrypt (in Progress) Phase 3: Road Warrior – Endpoint Agent Phase 4: Fast and Secure Access to Internally Managed Apps ©2018 NOV | Proprietary and confidential.

26 80% of NOV Traffic is Encrypted
The SSL Imperative In the past 60 days Of the 5% of HTTPS currently inspected (uncategorized): 40% was blocked due to threats 96 0-day malicious items detected in SSL/HTTPs by Cloud Sandbox 80% of NOV Traffic is Encrypted ©2018 NOV | Proprietary and confidential.

27 Cutting Edge Security Capabilities in the Cloud
SaaS Open Internet Full Inline Content Inspection All ports and protocols Native SSL scanning Cloud Effect Identified once, blocked for all customers; 120 thousand unique security updates a day Payload Analysis Signatures Behavioral Analysis (Sandbox) Application Knowledge Dynamic Risk Score Active Content Analysis DPI P2P / Evasive Apps Malicious JavaScript Zero-Pixel iFrames Integrated Proprietary Inspection Methods Correlation across multiple techniques; Risk of each objected computed inline Destination Knowledge 40+ Industry Threat Feeds Partnerships – commercial feeds, private working groups, open source Domain Reputation / Age URL Classification Country of Origin HQ MOBILE BRANCH IOT

28 Phase 4: Fast and Secure Access to Internally Managed Apps
©2018 NOV | Proprietary and confidential.

29 It’s time to say goodbye.
The SSL Imperative No one likes VPN. It’s time to say goodbye. ©2018 NOV | Proprietary and confidential.

30 A New Approach for Accessing Internal Apps (SDP)
Internet Mobile User Zscaler Private Access Datacenter Users are never on the network Inside out connections (Apps are not exposed to the Internet) Full visibility into internally managed apps No more VPN gateways appliances! ©2018 NOV | Proprietary and confidential.

31 Zscaler: A critical Integration Partner Positioned in the Data Path
Extensible Zscaler platform is leveraging cloud eco-system Cloud providers 1 Secure access without security appliances Faster user experience (Direct-to-Cloud) SaaS Public Cloud In-Line Conditional access / SAML integration Identity and authentication 2 Real-time log feed Reporting and analytics 3 Provisioning and remediation Device management and protection 4 HQ Mobile Branch IOT Automated traffic forwarding Branch (SD-WAN) 5

32 Cost Savings Operational Savings Hardware Savings
No more upgrades / patching Team can focus on other projects Administration Consolidation Rule sets follow user Single Pane of Glass Consolidated logging Hardware Savings No EOL (End of Life) No Max Capacity, new appliance No new acquisition costs ©2018 NOV | Proprietary and confidential.

33 Castle & moat has no place in the world of cloud
The Cloud has no Walls The NGFW is Dead

34 New leaders are born when megashifts take place
Data center and hardware Applications in the data center On-Premises security

35 CEO, Chairman, and Co-Founder
Q & A Founding Member Alex Philips Jay Chaudhry CIO CEO, Chairman, and Co-Founder Booth S623

Download ppt "Real-Life Cloud Transformation Journey with Innovative Security"

Similar presentations

Enabling business beyond the corporate network.

Enabling business beyond the corporate network.
Stonesoft Roadmap WHAT FEATURES WILL COME IN 2013-2014.

Stonesoft Roadmap WHAT FEATURES WILL COME IN
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.
The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.

The Citrix Delivery Center. 2 © 2008 Citrix Systems, Inc. — All rights reserved Every Day, IT Gets More Complex EMPLOYEES PARTNERS CUSTOMERS.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.

David B. Cross Product Unit Manager Microsoft Corporation Session Code: SIA303 Donny Rose Senior Program Manager.
Blue Coat Cloud Continuum

Blue Coat Cloud Continuum
IDC Says, Don't Move To The Cloud Richard Whitehead Director, Intelligent Workload Management August, 2010 Ben Goodman Principal.

IDC Says, "Don't Move To The Cloud" Richard Whitehead Director, Intelligent Workload Management August, 2010 Ben Goodman Principal.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.

SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.

SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SDN & NFV Driving Additional Value into Managed Services.

SDN & NFV Driving Additional Value into Managed Services.

Similar presentations

Ads by Google