Presentation is loading. Please wait.

Presentation is loading. Please wait.

Direct-to-cloud Issues & Implications Dale McCarty.

Published byJacob Lee Douglas Modified over 6 years ago

Similar presentations

Presentation on theme: "Direct-to-cloud Issues & Implications Dale McCarty."— Presentation transcript:

1 Direct-to-cloud Issues & Implications Dale McCarty

2 DTC in the News “Just Like Everything Else in the Enterprise Space, Security is About to be Disrupted”

3 “ Trends Transforming IT 50% 90% 50% 75% Business Users go Mobile
Users work from home or on-the-go Users who BYOD 50% 90% Cloud Apps go Mainstream Cloud-based applications used by an enterprise 50% Social goes Enterprise employees use Facebook at work 75% Mobile, Cloud & Social: Driving business beyond the corporate network (often without policy & protection) 80% of my MLPS traffic used to be for applications at my HQ and 20% was Internet bound. Now it’s just the opposite.” – CIO, Fortune 50 company This is the biggest transformation in IT security in the last 20 years.

4 MPLS backhaul kept life under control for IT
Traditional it Branch Home/Hotspot Servers, applications & Data at Corp HQ or DC Protect the perimeter with firewalls Gateway proxies to protect Users MPLS backbone connected various offices No policy or protection Internet Backhaul Headquarters Internet MPLS Servers, applications & Data at Corp HQ or DC Internet access was not critical Protect the perimeter with firewalls On-prem firewall/IPS appliances protect servers from incoming attacks Gateway proxies to protect Users On-prem gateway proxies (URL, AV, DLP) enforced policies for users accessing Internet MPLS backbone connected various offices Branch – backhaul traffic to HQ or regional hub Road warriors – Require VPN 90% of the users were in the office. 90% of the access was to on-prem applications. The model worked fine. VPN Backhaul Regional Gateway Branch On the Road/Mobile MPLS backhaul kept life under control for IT

5 Internet breakout off-loaded MPLS circuits for ”trivial” applications
The net effect Branch Home/Hotspot Perimeter becomes dynamic Applications & data are moving to the cloud Users embrace mobile apps Gateway proxies and firewalls get bypassed No policy or protection Internet Backhaul Headquarters Internet MPLS Servers, applications & Data at Corp HQ or DC Internet access was not critical Protect the perimeter with firewalls On-prem firewall/IPS appliances protect servers from incoming attacks Gateway proxies to protect Users On-prem gateway proxies (URL, AV, DLP) enforced policies for users accessing Internet MPLS backbone connected various offices Branch – backhaul traffic to HQ or regional hub Road warriors – Require VPN 90% of the users were in the office. 90% of the access was to on-prem applications. The model worked fine. VPN Backhaul Regional Gateway Branch On the Road/Mobile Internet breakout off-loaded MPLS circuits for ”trivial” applications

6 disappearing perimeter
Branch Home/Hotspot Perimeter becomes “the world wide web” The Cloud becomes a Data Center Users are going direct to net for applications Policy can only be enforced in the Cloud Full policy & protection MPLS Headquarters Internet Applications & Data moved to the cloud A few years ago, 90% of my MPLS backbone traffic was for applications in my corporate DC and 10% was Internet bound. Now, it is just the opposite.” CIO, Fortune 50 company Users - often outside the corporate network VPN is not a desirable option. 3G/4G traffic does not go thru appliances even from the office Gateway proxies or firewalls get bypassed MPLS Backhauling is expensive Backhauling causes latency – unhappy users Enabling business beyond the corporate network Local breakout for Internet traffic - direct to the cloud Policy enforcement & protection – cloud-based Regional Gateway Branch On the Road/Mobile Direct-to-Cloud reduces MPLS backhaul & improves user experience

7 Geoip & “REAL” clouds Stockholm Oslo Moscow Amsterdam Gdansk Toronto
Chicago (West) London Frankfurt (West) Frankfurt (South) Chicago (East) New York Paris Bern San Francisco Denver Herndon Sunnyvale Washington DC Madrid Tokyo Los Angeles Dallas Atlanta (North) Amman Ft. Worth Atlanta (South) Kuwait City Cairo S. Amer. Hub (Miami) Dubai Hong Kong Taipei Riyadh Mumbai Chennai Kuala Lumpur Nigeria Singapore Lima Sao Paulo Johannesburg Sydney Cape Town Santiago

8 DIRECT-to-Cloud topology
Block the bad, protect the good Global check post Enforces business policy Mobile & Distributed Workforce Regional Office Home or Hotspot HQ On-the-go Cloud Services Social Media Cloud Apps Mobile Apps Botnet Exploits In a more simplistic picture – the best way to think of Zscaler, is as a global check-post sitting between your employees and the Cloud. In a more technical term some of you might view Zscaler as a Massively scalable and fast Proxy available anytime, globally from any device. Compliance-based security: URL filters & A/V Protection Risk-based security: Behavioral Analysis & Data Loss Prevention

9 What DIRECT-to-Cloud CAN …and CAN’t do
Secure Users Not Infrastructure! (That is the role of traditional firewalls, IPS, etc.) Protect Data Proxy-based Data Loss Prevention and SSL Intercept & Decrypt Enable Applications Improve Response Time and Selective Access Streamline WAN Prioritize bandwidth by application and reduce backhaul

10 (and thank you for your attention!)
Questions? (and thank you for your attention!)

Download ppt "Direct-to-cloud Issues & Implications Dale McCarty."

Similar presentations

| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Barracuda Link Balancer Link Reliability and Bandwidth Optimization.

Barracuda Link Balancer Link Reliability and Bandwidth Optimization.
Enabling business beyond the corporate network.

Enabling business beyond the corporate network.
Web Traffic Offload of MPLS Networks

Web Traffic Offload of MPLS Networks
WAN WAN ExpressRoute provides a private, dedicated, high-throughput network connection between on-premises and Microsoft Azure.

WAN WAN ExpressRoute provides a private, dedicated, high-throughput network connection between on-premises and Microsoft Azure.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein

Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein
Hybrid Hyper-scale Enterpris e Grade Azure compute regions.

Hybrid Hyper-scale Enterpris e Grade Azure compute regions.
Blue Coat: Your partner to sales success Nigel Hawthorn VP EMEA Marketing +44 7081 487 987

Blue Coat: Your partner to sales success Nigel Hawthorn VP EMEA Marketing
Zscaler Web Security Services Your Name Contact Info August 2009 Zscaler Proprietary & Confidential.

Zscaler Web Security Services Your Name Contact Info August 2009 Zscaler Proprietary & Confidential.
Customer needs EnterpriseGrade HyperScale Hybrid.

Customer needs EnterpriseGrade HyperScale Hybrid.
Designing Networking and Hybrid Connectivity in Azure

Designing Networking and Hybrid Connectivity in Azure
Hybrid Hyper-scale Enterpris e Grade Azure compute regions.

Hybrid Hyper-scale Enterpris e Grade Azure compute regions.
World Cities Adapted from a presentation by David Palmer & Phil Kline.

World Cities Adapted from a presentation by David Palmer & Phil Kline.
DIRECT-TO-CLOUD Issues & Implications Dale McCarty.

DIRECT-TO-CLOUD Issues & Implications Dale McCarty.
Where do business services cluster? 12-4 (a). I. Ancient World Cities A) City-states (Athens/Rome) A) City-states (Athens/Rome) B) Medieval cities (Most.

Where do business services cluster? 12-4 (a). I. Ancient World Cities A) City-states (Athens/Rome) A) City-states (Athens/Rome) B) Medieval cities (Most.
Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.

Cyber Security Finance Forum 2012 Michael DuBose Managing Director & Practice Leader Cyber Investigations.
World Cities. Top Ten Cities,1950 (estimated from various sources) City Pop (in millions) Lat Long New York, USA12.340 N 74 W London, UK8.752 N 0 Tokyo,

World Cities. Top Ten Cities,1950 (estimated from various sources) City Pop (in millions) Lat Long New York, USA N 74 W London, UK8.752 N 0 Tokyo,
Chicago’s Global Status: Is Chicago a “global city”? GaWC: rates cities’ “global” status [Globalization and World Cities Study Group & Network: Loughborough.

Chicago’s Global Status: Is Chicago a “global city”? GaWC: rates cities’ “global” status [Globalization and World Cities Study Group & Network: Loughborough.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

Similar presentations

Ads by Google