Sep 10, 2012 - Drivers for Long Distance Workload Migration. 2. Business Continuity ... data centers that represent a se
Long Distance Workload Migration Secure Data Access and Movement Between Clouds
Mark Lesher Sr. Director EMC2 Cloud Infrastructure Solutions
September 10
1
Drivers for Long Distance Workload Migration Business Continuity Resource Locality Follow the Sun Dynamic Scaling Data Center Migration Motivated by ODCA usage model 2
Enabler for Long Distance Workload Migration Business Continuity
Collaboration
Resource Locality Follow the Sun Dynamic Scaling
Mobility
Availability
Data Center Migration
3
Federated Data Access With EMC VPLEX Site A - Active
Site B - Active
Active-Active Data Access Federated AccessAnywhere
Utilize resources at both sites Move and share data nondisruptively
Have the exact same information In two separate locations Accessible at the same time
VPLEX Enablers AVAILABILITY
MOBILITY Cluster A
Federated AccessAnywhere
Maintain availability and non-stop access by mirroring across locations Zero RPO/RTO Eliminate storage operations from failover
COLLABORATION
Cluster B
Federated AccessAnywhere
Move and relocate VMs, applications, and data over distance Active-active data centers
Federated AccessAnywhere
Enable concurrent read/write access to data across locations
Disaster avoidance
Instant and simultaneous data access over distance
Data center migration
Streamline workflows
Workload rebalancing
Secure, Long Distance Workload Migration with EMC, RSA, Intel, and HyTrust EMC ODCA Booth #110
6
Demonstration 1. Non-disruptive and secure workload migration between two data centers that represent a service provider IaaS cloud environment using EMC VPLEX and stretched clusters 2. Secure Boot of VMware ESXi 5.1 hosts and verification by Intel Trusted Execution in bios against “known good” whitelist 3. Active enforcement of security policy compliance related by HyTrust* security appliance. 4. Enhanced auditing capabilities with RSA’s* Solution for Cloud Security and Compliance
EMC* VPLEX* Virtualization LIVE MIGRATION POSSIBLE IF USING VSPHERE*, OVM*, XEN*, IBM LPAR*, OR HYPER-V*
Cluster or Virtual Host Layer NATIVE CLUSTER or VIRTUALIZATION
NATIVE CLUSTER OR VIRTUALIZATION
Physical Host Layer SITE A
SITE B
Virtual Storage Layer AccessAnywhere* A
LINK
Physical Storage Layer
A
Policy Enforcement – HyTrust Appliance § Verifies platform integrity, ensuring the hypervisor is hardened and the virtual infrastructure is trusted § Enforces consistent access and authorization policies covering all access methods § Provides granular, userspecific, audit-quality logs § Enables strong, multi-factor authentication Provides complete visibility into and control over who accesses the infrastructure, defends the integrity of the infrastructure, and validates all changes requested.
RSA Solution for Cloud Security and Compliance Guided Remediation Automated Measurement Agent
Device Discovery + Configuration Measurement
RSA Archer eGRC alerts
VMware-specific Controls RSA enVision
10 Intel® Trusted Execution Technology (Intel® TXT)
Events Brought into Compliance Dashboard
11 Intel® Trusted Execution Technology (Intel® TXT)
Bringing It All Together
Site 1
Site 2
EMC AccessAnywhere™
1
Non-disruptive workload migration across distance using EMC* VPLEX*
2
Trusted Launch – Secure boot of host and verification of launch time components
3
Trusted Pools – Enable Intel® TXT trusted hosts to be grouped into clusters of trusted resources
4
True security policy enforcement across cloud environments using HyTrust* Appliance
5
Overall compliance reporting with RSA* Archer eGRC
12 Intel® Trusted Execution Technology (Intel® TXT)
Where to see more - Wednesday 3:30PM RM 2008
Take Control of your Cloud: Solutions to Meet Security and Compliance Needs Raghu Yeluri, Principal Engineer, Intel Corporation Hemma Prafullchandra, CTO/SVP Products, HyTrust, Inc. John McAuley, Principal Solutions Consultant, EMC Corporation
SECS005
Thank You
14