a strategic approach to cloud security to accelerate cloud adoption
DESCRIPTION
32nd Asia Pacific Advanced Network (APAN) chapter was their first ever meeting in South Asia. Cisco leveraged this opportunity to sponsor and participate in this 5-day event hosted by ERNET India. The event consisted of of tutorials, technical presentations and demonstrations covering advanced network technologies.Anil Nileshwar paper on Cloud Security received an overwhelming responseTRANSCRIPT
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 11CyberSpace 2009
A Strategic Approach to Cloud Security
Anil Nileshwar
Director – Network and Data Center Services
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 2© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 2
Cisco
FY11 revenues: $43.2 Bn
Leader in Infrastructure Solutions, Architectures
Networking, Data Center, Virtualization, Cloud, Collaboration, Video
Wide geographic presence
Highly virtualized infrastructure, Cloud ready
Very progressive internal IT and Security teams
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3
Cloud – where is it?
© 2006 Cisco Systems, Inc. All rights reserved.
“…significant increase in customers'
interest in cloud computing between 2009
and 2010-most of respondents indicated
interest in 2010, up from only 10% in 2009”
- Infonetics
“Security is one of the top barriers to cloud
computing.” Forrester
Employees will find a way to use new technologies!
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 4© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 4
Cloud Security – the lighter side!
No Brakes!
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 5© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 5
Evolving Enterprise Architecture Landscape
Development
Partners on VDI *
(Cloud/Any Device)
CITEIS Users
(Cloud)
Internal Private
Cloud
Any Device
Scenarios
Perimeter
Management
Development
Partners on VDI *
(Cloud/Any Device)
Social Networking/
External Storage
(Cloud/Collaboration)
External/
Hybrid Cloud
Borderless
Access
Scenarios
Multi-tenancy, Policy &
Regulatory Compliance
(Cloud/Collaboration)
WebEx & Connect
(Collaboration)
Salesforce.com
(Cloud – SaaS)
Customers,
Channels &
Manufacturing
Any Device
Scenarios
Collaborative
Platforms
Wave 1 , 2 , 3
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 6© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 6
Cloud – Levels of Impact“Trusted” Internal Externalizing TrendDMZ
We Need to Fundamentally Rethink Elements of Service Delivery & Security Models
-Collaboration & Client Interaction
-SaaS/XaaS/PaaS Opportunities
-Data Mgmt/Monitoring/Forensics
- Increasing Export of Corporate IP
-External Personas of Internal Users
-Varying AuthC/Z Capabilities
-“Any Device” w/ External Services
- Increasingly “Untrusted” Clients
AssetsPersonal Mobile
“Unknown” Laptop
Corporate Mobile/PC
“Unknown” Mobile/PC
Users”Unknown”
UserCorp User
“Non-Corp” Users
Data
Critical IP
Exported Data
Services
Internal Service
Externalized Service
Service Dependencies
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 7© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 7
Common Security Concerns
Increasing attack surface
Multi-tenancy/ Shared environments
Ownership and responsibilities
…
Need a strategic and architectural approach to Cloud Security
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 8© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 8
Architecture – Some Considerations
Logical separation
Automation
Scalability and performance
Policy consistency
Authentication and access control
These areas are the focus of a lot of innovation today
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 9© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 9
Cisco SecureXContext Aware Security Framework
Secure Cloud Infrastructure• Adaptive Security Appliance
• Nexus Virtual Switch
• Virtual Security Gateway
Cloud Security Services• ScanSafe Web Security and Web Filtering
• IronPort Cloud, Managed, and Hybrid Email Security
• Registered Envelope Service for Email Encryption
• Security Intelligence Operations
Secure Cloud Access
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 10© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 10
Cloud Security – Conclusion
Summary: Embrace and Adapt, Do not wait!
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 11© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 11
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Next StepsFor Cloud Computing
Share your IT priorities
Visit Cisco booth and tick-your priorities in our feedback
form
Contact Cisco rep-Vinod Patani – [email protected] ; 9899105886
Anil Nileshwar , [email protected]
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 13© 2008 Cisco Systems, Inc. All rights reserved.CyberSpace 2009 13
Q & A