security and billing for azure pack - cloud cruiser · security and billing for azure pack ......
TRANSCRIPT
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Presented by 5nine Software and Cloud Cruiser
Security and Billing for Azure Pack
© 2015 Cloud Cruiser | www.cloudcruiser.com
Paul ZinnSenior Product ManagerCloud Cruiser
[email protected]@pzmusician
Symon PerrimanVP of Business Development
5nine Software
[email protected] @SymonPerriman
Meet our Speakers
2
© 2015 Cloud Cruiser | www.cloudcruiser.com
Key Topics for Today
3
● Understanding Windows Azure Pack
● Security & Protection for Windows Azure Pack
● Chargeback & Billing for Windows Azure Pack
● Integrating Solutions for Windows Azure Pack
● Discussion
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Understanding Windows Azure Pack
poll #1
© 2015 Cloud Cruiser | www.cloudcruiser.com
Windows Azure Pack
Windows Azure Pack
Customers
IT Admin
9
© 2015 Cloud Cruiser | www.cloudcruiser.com
Azure Pack Services
Web Platform application
Services (PaaS)
Infrastructure
Services (IaaS)Reliable
Messaging
Service Management REST API
Virtual Networking
SQL Server & MySQL
Database(DBaaS)
5nine Cloud Security (SECaaS)
Cloud Cruiser
10
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Security & Protection forWindows Azure Pack
poll #2
© 2015 Cloud Cruiser | www.cloudcruiser.com
Meet 5nine Software
● Founded in 2009
● Headquartered in Chicago, with staff in an additional 14 regions worldwide, including 9 MVPs
● More than 68,000 Hyper-V users globally, representing companies and datacenters of all sizes
● The #1 leading solutions provider of security & management applications for Hyper-V
● 5nine Cloud Security – Agentless firewall, antivirus, and intrusion detection security
for Hyper-V, System Center and Azure Pack
● 5nine Manager - Integrated Hyper-V and Cluster Management for SMBs
● 5nine V2V Easy Converter - Free VMware to Hyper-V virtual machine migration tool
● Visit www.5nine.com for more info9x .
© 2015 5nine Software Inc. | www.5nine.com12
© 2015 Cloud Cruiser | www.cloudcruiser.com
A Suite of Virtualized Security Tools for Hyper-V
● Security designed specificallyfor Hyper-V virtual machines, disks, networks and hosts● Regulation now have requirements for virtualization
● Hackers now know how to exploit virtualization
● Firewall
● Antivirus / Antimalware
● Active Network Detection
● Intrusion Detection
● Standard datacenter securitypractices are still needed● Physical security, BitLocker, VPN, Active Directory, etc.
© 2015 5nine Software Inc. | www.5nine.com13
© 2015 Cloud Cruiser | www.cloudcruiser.com
Automatically & Immediately Protect Everything
● Hosted environments are never secure
● A single security breach can ruin your reputation and business
● Security for virtualized environments is different
● It is impossible to guarantee security
using traditional “endpoint protection”
● Requires installation
● Slows deployment
● Complicates management
● Virtualized environments are dynamic
● Virtual machines
● Virtual disks
● Virtual networks
© 2015 5nine Software Inc. | www.5nine.com14
© 2015 Cloud Cruiser | www.cloudcruiser.com
How 5nine Cloud Security Works
© 2015 5nine Software Inc. | www.5nine.com15
© 2015 Cloud Cruiser | www.cloudcruiser.com
Host-Based Protection for Firewall, AV/AM & IDS
© 2015 5nine Software Inc. | www.5nine.com16
© 2015 Cloud Cruiser | www.cloudcruiser.com
Host-Based Protection for Firewall, AV/AM & IDS
© 2015 5nine Software Inc. | www.5nine.com17
© 2015 Cloud Cruiser | www.cloudcruiser.com
Abstract & Hide Security from Users
● The public is “renting” your hardware
● Remove the burden of security from the tenants
● Manage security for the tenants
● Update signatures for the tenants
● Ensure the tenants cannot disable security
– Accidently
– Purposely with bad intentions
● Centrally manage security
● Cisco Snort
18
© 2015 Cloud Cruiser | www.cloudcruiser.com
Guarantee Isolation & Resource Access
● Isolation and privacy is critical in a cloud
● An admin should not access a tenant’s VM
● A VM cannot affect the host
● A VM cannot affect another VM
● Use Quality of Service (QoS) or throttling for
memory, CPU, network & storage bandwidth
● Avoid Denial of <Resource> attacks
© 2015 5nine Software Inc. | www.5nine.com19
© 2015 Cloud Cruiser | www.cloudcruiser.com
Protect All Virtual Networks
● Traditional security protect traffic between hosts
● Does not protect traffic between VMs on the same host
● Threats can spread if one tenant becomes infected
● Virtual Network Types
● External
● Internal
● Private
Network Security
Appliance
© 2015 5nine Software Inc. | www.5nine.com20
© 2015 Cloud Cruiser | www.cloudcruiser.com
Use a Single Solution for all VMs
● Intercept traffic before it gets to the VM
● Manage traffic at the network protocol level
● TCP, UDP, GRE, ICMP, IGMP, etc.
© 2015 5nine Software Inc. | www.5nine.com21
Hyper-V Guest OS List: aka.ms/HyperVGuestOS
© 2015 Cloud Cruiser | www.cloudcruiser.com
Use a Single Solution for all VMs
● Intercept traffic before it gets to the VM
● Manage traffic at the network protocol level
● TCP, UDP, GRE, ICMP, IGMP, etc.
Server• Windows Server 2016• Windows Server 2012 R2• Windows Server 2012• Windows Server 2008 R2• Home Server 2011• Small Business Server 2011• Windows Server 2003
tenant• Windows 10• Windows 8.1• Windows 8• Windows 7• Windows Vista• Windows XP
Linux & UNIX• CentOS• Debian• FreeBSD• Oracle Linux• Red Hat RHEL• SUSE• Ubuntu
© 2015 5nine Software Inc. | www.5nine.com22
Hyper-V Guest OS List: aka.ms/HyperVGuestOS
© 2015 Cloud Cruiser | www.cloudcruiser.com
Active Detection of Incoming Threats
● Immediately identify incoming threats
● Unencrypted traffic
● HTTP (more coming soon)
● Automatically alert admins
● PowerShell
● Event Logs
© 2015 5nine Software Inc. | www.5nine.com23
© 2015 Cloud Cruiser | www.cloudcruiser.com
Fast AV Scanning with No Performance Impact
● Agent-based scanning causes “scanning storms”
● Decreases VM performance for all tenants
● Reduces VM density on the hosts
● 5nine uses its proprietary
Change Block Tracking (CBT) driver
● Scan only changed
blocks on the disk
● Scan up to 70x faster
© 2015 5nine Software Inc. | www.5nine.com24
© 2015 Cloud Cruiser | www.cloudcruiser.com
Automate Security Task Management
● PowerShell support
● Task scheduling
● Enables scalability
● Ensures consistent SLAs
● Eliminates human error
● For tasks with high resource
utilization, stagger the action
to avoid performance impact
© 2015 5nine Software Inc. | www.5nine.com25
© 2015 Cloud Cruiser | www.cloudcruiser.com
Hyper-V Hosts & Clusters SQL Server
5nine Cloud Security Management Server / VM
Redundant Management Group
SQL Server
SQL Cluster
Branch Office
SQL Server
5nine Sync
5nine Cloud Security Management5nine Console | 5nine PowerShell | Azure Pack Extension | SCVMM
Enterprise High-Availability for Security
© 2015 5nine Software Inc. | www.5nine.com26
© 2015 Cloud Cruiser | www.cloudcruiser.com
Protection from Inbound, Outbound & Internal Threats
Hyper-V Hosts
SQL Server
5nine Cloud Security Management Server / VM
Public Internet
0
10
20
30
40
50
60
70
80
90
100
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Normal Traffic
0
10
20
30
40
50
60
70
80
90
100
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Unusual Traffic
© 2015 5nine Software Inc. | www.5nine.com27
© 2015 Cloud Cruiser | www.cloudcruiser.com
System Center Virtual Machine Manager Plugin
● Centralized virtualization security management through SCVMM
● Full 5nine Cloud Security integration
● Integration with the SCVMM Console, Network Services & Logical Switch
● Free add-on for 5nine Cloud Security
© 2015 5nine Software Inc. | www.5nine.com28
© 2015 Cloud Cruiser | www.cloudcruiser.com
Azure Pack Security as a Service (SECaaS)
● Azure Pack allows you to run Azure IaaS services in your datacenter
● Improved security for your infrastructure and your tenants
● Differentiate & monetize your services by offering “secure VMs”
● Simplify security management for tenants through on/off buttons
● Firewall, Active Network Detection & Intrusion Detection
● Preconfigure firewall templates for different VM roles
● Free add-on for 5nine Cloud Security
© 2015 5nine Software Inc. | www.5nine.com29
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Demo: 5nine Cloud Security
© 2015 Cloud Cruiser | www.cloudcruiser.com
How to Acquire 5nine Cloud Security
● www.5nine.com or [email protected]
● Cloud Security: http://www.5nine.com/CloudSecurity
● Licensing options
● Licensed per 2 CPUs
● Flexible pricing based on VM density
● Service provider licenses (per VM / month or per VM / year)
● Includes the Kaspersky Lab or ThreatTrack plus Cisco Snort license
● Sales direct or through resellers, distributors,
partners & solution integrators
31
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Chargeback & Billing forWindows Azure Pack
© 2015 Cloud Cruiser | www.cloudcruiser.com
Meet Cloud Cruiser
● Founded in 2009
● Headquartered in Silicon Valley
● Industry-leading financial management solution for hybrid cloud
● Customers include the largest enterprises and service providers in the world
33
© 2015 Cloud Cruiser | www.cloudcruiser.com
Cloud Cruiser Overview
● Cost analytics for the hybrid cloud
● Single solution to price, bill for cloud usage, and optimize spend
● Broadest scope of collectors
● Most sophisticated cloud analytics
34
© 2015 Cloud Cruiser | www.cloudcruiser.com
Cloud Cruiser Overview
● Cost analytics for the hybrid cloud
● Deep partnership with Microsoft
● First embedded partner solution for Windows Azure Pack
● Plus integrations to Azure public cloud, System Center, Hyper-V
35
© 2015 Cloud Cruiser | www.cloudcruiser.com
Cloud Cruiser Overview
● Cost analytics for the hybrid cloud
● Deep partnership with Microsoft
● Integrations to industry-leading public/private clouds, apps,
databases, and more
36
© 2015 Cloud Cruiser | www.cloudcruiser.com
SINGLE TENANT MULTI TENANT
Azure
HYBRID CLOUD
WAP
Windows Azure Pack (WAP)
Manage usage and costs of WAP resources, such as VMs, website and database instances
$
Azure Azure Public
Manage IT spend across your public cloud assets like compute, storage, data, networking, & apps
$
Financial Management for Microsoft Hybrid Cloud
37
poll #3
© 2015 Cloud Cruiser | www.cloudcruiser.com
Microsoft customer needs
Improve forecasting
Compare costs across clouds
Implement chargeback/billing
Match supply and demand
57%of total surveyed
59%of public cloud users
44%of cloud adopters
47%of cloud adopters
Microsoft Ignite May 2015 Survey Results38
© 2015 Cloud Cruiser | www.cloudcruiser.com
Why is this so hard?
39
Complex pricing required for different services, bundles, promotions, and customers
No consistency across vendor bills and internal spreadsheets –big manual effort
complex financial models
Hard to scale as you acquire more customers
No ability to map consumption to organizational structure (departments, divisions, projects)multiple clients
Diverse cloud offerings plus managed services, such as
security, backups, help desk
Mix of public, private, and traditional IT services
multiple services
service providers enterprises
© 2015 Cloud Cruiser | www.cloudcruiser.com40
Cost Management for Enterprises & Service Providers
EnterpriseService
ProvidersA
NA
LYTI
CS
FOU
ND
ATIO
N
AUTOMATED CHARGEBACK
BUDGETS & ALERTS
DECISION ANALYTICS
TRENDS & FORECASTS
SELF-SERVICE REPORTING
AUTOMATED BILLING
PROFIT ANALYSIS
CUSTOM DASHBOARDS
MULTI-SOURCE COLLECTORS
FLEXIBLE DATA TRANSFORMATION
FLEXIBLE PRICING
COST TRANSPARENCY
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Demo: Cloud Cruiser
© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com
Integrating Solutions forWindows Azure Pack
© 2015 Cloud Cruiser | www.cloudcruiser.com
Benefits of Adding Cloud Cruiser & 5nine Software
• Completes the Microsoft cloud solution stack with best-in-class IT
financial management and security
• Protects your cloud investment
• Automates security and financial controls which saves money,
time, & risk
• Provides 24x7 visibility into the health of your cloud
• Improves customer satisfaction and trust
• Provides additional revenue opportunities
43
© 2015 5nine Software Inc. | www.5nine.com
© 2015 Cloud Cruiser | www.cloudcruiser.com
Case Study: Monetizing Value-added Services
44
Track and bill for 5nine security products, such as
firewall and intrusion detection
© 2015 Cloud Cruiser | www.cloudcruiser.com
Resources
45
• Cloud Cruiser Product Overview: http://www.cloudcruiser.com/product/
• Cloud Cruiser for Azure Pack: http://www.cloudcruiser.com/partners/microsoft/
• Microsoft Virtual Academy: Cloud Cruiser for Azure
Pack:http://www.cloudcruiser.com/resource/video-microsoft-partner-solutions-
cloud-cruiser-express-for-windows-azure-pack/
• Datasheet: Cloud Cruiser for Windows Azure Packhttp://www.cloudcruiser.com/wp-content/uploads/2013/10/Solution-
Brief_Microsoft-Azure-Pack1.pdf
• Webcast: Microsoft Hybrid Cloud: Best of Both
Worldshttp://www.cloudcruiser.com/resource/webcast-microsoft-hybrid-cloud-best-
both-worlds/
Cloud Cruiser
• 5nine Cloud Security: http://www.5nine.com/CloudSecurity
• 5nine Cloud Security Azure Pack Extension: http://www.5nine.com/5nine-security-for-hyper-v-product.aspx#Azure
• Microsoft Virtual Academy: 5nine Cloud Security
for Azure Pack: https://channel9.msdn.com/Series/Windows-Azure-Pack-Partner-
Solutions/10
• Whitepaper: Challenges of Securing Hosted
Hyper-V Multi-Tenant Environments: http://www.5nine.com/Docs/Brien_Posey_Securing_Hosting_Hyper_Environ
ment.pdf
• Upcoming webinars: www.5nine.com/webinars
5nine Software
© 2015 5nine Software Inc. | www.5nine.com
© 2015 Cloud Cruiser | www.cloudcruiser.com
Thanks for joining us today! Let’s connect!
46
www.5nine.com
@5nine_Software
www.cloudcruiser.com
@CloudCruiserInc
© 2015 5nine Software Inc. | www.5nine.com
Cloud Cruiser 5nine Software