© 2010 vmware inc. all rights reserved from datacenter to device: security in the enterprise 2012...
TRANSCRIPT
© 2010 VMware Inc. All rights reserved
From Datacenter to Device: Security in the Enterprise 2012 and Beyond
Dr. Stephen Herrod, CTO
February 27, 2012
2
The New Reality for Users
Apps & Data Everywhere
Diverse Access Points
Browser
Windows
Mac
iOS
Android
Universal App Catalog and
Workflow
Broker
Entitlements, Policies and Reporting
SaaS
Services
Windows
Legacy Apps
Data
Services
Mobile
Apps
3
The New Reality
Diverse Apps Diverse Access
Browser
Windows
(Physical)
Mac
(Physical)
iOS
Android
Enterprise
App Catalog and Workflow
Management
Broker
Entitlements, Policies and Reporting
SaaS
Services
Windows
Legacy Apps
Data
Services
Mobile
Apps
4
The New Reality
Diverse Apps Diverse Access
Browser
Windows
(Physical)
Mac
(Physical)
iOS
Android
Enterprise
App Catalog and Workflow
Management
Broker
Entitlements, Policies and Reporting
SaaS
Services
Windows
Legacy Apps
Data
Services
Mobile
Apps
sherrod
5
The New Reality
Diverse Apps Diverse Access
Browser
Windows
(Physical)
Mac
(Physical)
iOS
Android
Enterprise
App Catalog and Workflow
Management
Broker
Entitlements, Policies and Reporting
SaaS
Services
Windows
Legacy Apps
Data
Services
Mobile
Apps
6
The New Reality
7
Server +Network +
Storage
8
Hardware Density and Cost/Perf
Virtualiz
atio n New App
Architectur
es
Trends Driving the Evolution of the Datacenter
9%14%
22%33%
42%51%
59%65%69%
% Virtualized (Installed workloads WW)
9
0
20
40
60
80
'96 '97 '98 '99 '00 '01 '02 '03 '04 '05 '06 '07 '08 '09 '10 '11 '12 '13
Physical Server Installed Base (Millions)Logical Server Installed Base (Millions)
Millions Installed Servers
WW Installed Physical and Logical Servers
VMs decoupling
from HW
Projected 80 million VMs in 2014
Source: IDC, Game Changing Virtual Technology : The Evolution of Virtualization and the Cloud, 2011
Installed Base of VMs is Rapidly Growing
10
Convergence is Happening on Many Fronts
Convergence on x86 processors Network, storage, encryption, graphics
functions increasingly integrated into general purpose CPUs
Converged IO 40Gb, 100Gb bandwidth
Eliminates dedicated IO, HBA costs
Increases responsibility for intelligent management of the shared pipe
Converged systems Integrated compute, storage, IO, management in a box
Intelligently managed by software
Scalable, Lowered OPEX
11
The Result? Hyper-density!
In 2014, a single rack could hold ~20,000 VMs!
• Run a 5,000 employee company on a rack the size of a dorm fridge!
New opportunities
• All applications on a common infrastructure
• Including many infrastructure functions that today require specialized hardware.
New challenges!
• Today’s security model breaks
12
Why is it breaking?
Port-Based Security Desktop Access
HTTP/S Tunnelling• RPC• Git• IMAP• Dropbox• …
Mobile
1 Density behind the switch
More (and Fewer!) Ports to Protect2
Virtualization and Mobility3
13
3. Virtualization and Mobility
14
The New Model
15
Defense in Depth
Protect the VM Content
16
Defense in Depth
Protect the Logical Apps
17
Defense in Depth
Protect the Logical Datacenter
18
2 More app context = better security!
Efficient use of resources
Simplified, more integrated management
A Challenge and an Opportunity for Vendors!
3
4
1 Existing investments hold