Presentation is loading. Please wait.

Presentation is loading. Please wait.

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud."— Presentation transcript:

1

2 BETA!BETA!

3 Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud

4 CommunityCloud Private Cloud Public Cloud Hybrid Clouds Deployment Models Service Models Essential Characteristics Common Characteristics Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Resource Pooling Broad Network Access Rapid Elasticity Measured Service On Demand Self-Service Low Cost Software Virtualization Service Orientation Advanced Security Homogeneity Massive Scale Resilient Computing Geographic Distribution

5 Operating System Virtualization A Private Cloud presents the OS and virtualization resources as a pool of shared resources The resource pool is created through management, based on business rules and executed through automation. Management You no longer think about numbers of VMs, server ratios, memory or storage but instead on how much compute resources you have access to Your focus now shifts to the applications, where you rely on the pool of resources to supply the right capacity and capabilities

6 Compute / Network / Storage Management Layer Management Layer Hyper-V based Hypervisor Orchestration Layer Orchestration Layer Admin / Tenant Interfaces AuthN, AuthZ & Auditing

7 * Source: IDC Enterprise Panel, August 2008 # CIA = Confidentiality, Integrity & Availability

8

9 Windows Kernel Server Core Virtualization Stack Device Drivers Windows hypervisor VM Worker Processes Guest Partitions Ring 0 Ring 3 OS Kernel VMBus Guest Applications Root Partition CPU Storage NIC Ring 0 Ring 3 “Ring “-1”

10 Hardware Hypervisor VM 1VM 2 Virtual- ization Stack Root Partition Drivers Guest Partition Hypervisor VM 1 (Admin) VM 2VM 3 Hardware Drivers Virtualization Stack “The fact is, the absolute last place you want to see drivers is in the hypervisor, not only because the added abstraction layer is inevitably a big performance problem, but because hardware and drivers are by definition buggier than "generic" code that can be tested.” Linus Torvalds, https://lists.linux-foundation.org/pipermail/desktop_architects/2007-August/002446.html

11

12

13 Portals & Reporting 3 rd Party Solutions

14 Event Mgmt Service Desk Asset/CMDB Configuration Virtual Security Storage Server Network IT Silos VM Provisioning Process Monitor Service request Stop VM Update request Update request Update & close request Clone new VM Update properties Remove from Ops Manager Test VMDeploy Applications Verify Application Add to Ops Manager Create CI Retire CI Create incident Detach Storage Detach Network Adapter 123 4 5

15

16 DataData Perimeter / Access ApplicationApplication HostHost NetworkNetwork  Windows security model for access control and auditing  System Center Data Protection Manager for data availability  Windows security model for access control and auditing  System Center Data Protection Manager for data availability  User identification & authorization  Application-layer malware protection  User identification & authorization  Application-layer malware protection  Host boundaries enforced by external hypervisor  Host malware protection  Host boundaries enforced by external hypervisor  Host malware protection  VLANs and packet filters in network fabric  Host firewall to supplement & integrate IPSec isolation  Controlled access to portals / services using UAG  Controlled outbound access using TMG  Controlled access to portals / services using UAG  Controlled outbound access using TMG Layer Defenses  Patch Management  Application / Host hardening  Patch Management  Application / Host hardening

17

18 123 4 5678

19

20

21

22 Data Center’s Physical Servers Guest OS Data-Center Network

23

24

25

26

27

28

Download ppt "BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud."

Similar presentations

A Flexible Cloud-Computing Platform Focus on solving business problems

A Flexible Cloud-Computing Platform Focus on solving business problems
Open ticket. Populate with data gathered Event Validation Gather CI service data, check for known outages Update event with ticket # Resolve incident.

Open ticket. Populate with data gathered Event Validation Gather CI service data, check for known outages Update event with ticket # Resolve incident.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Dan Stolts Chief Technology Strategist Microsoft Corporation Blog: Managing and Monitoring Critical Infrastructure.

Dan Stolts Chief Technology Strategist Microsoft Corporation Blog: Managing and Monitoring Critical Infrastructure.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Tom Yarmas CTO – Cloud Technologies U.S. Public Sector Cloud Computing: How to do it right!

Tom Yarmas CTO – Cloud Technologies U.S. Public Sector Cloud Computing: How to do it right!
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.

Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.

1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
Optimize the Business with Microsoft Datacenter Services 2.0 John Morello Lead Architect Microsoft Corporation AAP315.

Optimize the Business with Microsoft Datacenter Services 2.0 John Morello Lead Architect Microsoft Corporation AAP315.
Security in the Cloud: Can You Trust What You Can’t Touch? Rob Johnson Security Architect, Cloud Engineering Unisys Corp.

Security in the Cloud: Can You Trust What You Can’t Touch? Rob Johnson Security Architect, Cloud Engineering Unisys Corp.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
Virtualization and the Cloud

Virtualization and the Cloud
© 2009 IBM Corporation ® IBM Software Group Introduction to Cloud Computing Vivek C Agarwal IBM India Software Labs.

© 2009 IBM Corporation ® IBM Software Group Introduction to Cloud Computing Vivek C Agarwal IBM India Software Labs.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.
Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.

Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.
Opalis Cross-Silo Orchestration Kaj Wierda, Sr. Program Manager System Center X-Platform & Interop Data Center Management with.

Opalis Cross-Silo Orchestration Kaj Wierda, Sr. Program Manager System Center X-Platform & Interop Data Center Management with.
Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.

Be Smart, Use PwrSmart What Is The Cloud?. Where Did The Cloud Come From? We get the term “Cloud” from the early days of the internet where we drew a.
M.A.Doman 2011. Model for enabling the delivery of computing as a SERVICE.

M.A.Doman Model for enabling the delivery of computing as a SERVICE.
Cloud computing Tahani aljehani.

Cloud computing Tahani aljehani.

Similar presentations

Ads by Google