Security and Compliance in the converged Data Center

1
Security and Compliance in the converged Data
Center

• Ran Nahmias
• Dir. Virtualization Cloud Solutions

2
Presenter
Ran Nahmias Director, Virtualization and Cloud
Solutions Net Optics, Inc. Over 15 years of
experience in networking, security, desktop and
server virtualization in engineering, product
management and deployment roles for market
leaders such as Check Point Software
Technologies, Nice Systems, Microsoft and Net
Optics.
3
Agenda

• Data Center in 2011
• Virtualization in the Data Center
• Monitoring and Compliance in virtualized areas of
  the Data Center

4
Data Center trends and predictions for 2011

• Data Centers will continue to grow
• in 2011 exponential growth of data
• will necessitate expansion.
• Virtualization deployment increasing
• year over year in data centers.
• According to Garter, over 30 of x86 architecture
  servers workloads running on VMs
• Industry figures describe up to 60
  virtualization in data centers. 20-25 seems
  more realistic in average (some areas higher,
  some areas not virtualized at all)

5
Convergence _at_ the Data Center
Hypervisor Virtual Servers
Physical Servers

• Most enterprise data centers now have physical
  servers and infrastructure as well as virtual
  environment.
• Physical still bigger than virtual but the gap
  is shrinking

6
The visibility challenge in the hybrid data
center
Hypervisor Virtual Servers
Physical Servers
VM-1
VM-2
VM-3
Server 1
Server 2
Server 3
VMWare ESX

• Current monitoring tools deployed on physical
  networks
• Traffic from VMs to external peers visible on
  wired network
• Inter-VM traffic hidden from wired network and
  the deployed tools

7
Hypervisor Virtual Stack Monitoring Challenge
ESX Host

• Online provider of prescription refills
• Confidential data entered by patient and
  processed for verification
• Flow must adhere to HIPAA Security and Privacy

• Online store on Web server
• Customer makes a purchase and provides credit
  card details
• Card being processed
• Flow must adhere to PCI compliance

• Example E-commerce solution in a box
• Regulated, confidential transaction data
  transferring unmonitored

7
8
The goal increasing visibility, extending wire
capabilities
Hypervisor Virtual Servers
Physical Servers
VM-1
VM-2
VM-3
Server 1
Server 2
Server 3
VMWare ESX

• Lack of visibility blocker for certain
  deployments
• The virtual network traffic must be exposed
• Turn the RED into BLUE

9
Increasing visibility into the virtual networks

• Solution should provide complete visibility to
  virtual network traffic
• Virtual environment performance cannot be
  affected negatively
• The same stringent compliance regulations must be
  enforced across the converged infrastructure
• Ideally, the solution integrates with
  virtualization technologies, does not require
  architectural changes and has small foot print
  and no significant performance effect.

10
Network traffic convergence unifying the
Hypervisor Virtual Servers
Physical Servers
VM-1
VM-2
VM-3
Server 1
Server 2
Server 3
VMWare ESX
11
Thank You
Net Optics, Inc. www.netoptics.com 408.737.7777