Upload
jody-spoor
View
29
Download
0
Embed Size (px)
Citation preview
EMEA DSG Solutions LabMulti Purpose Lab
Jody Spoor, Sr Enterprise Solutions Architect EMEA, Dell Security
22015-10-28
Software Group
EMEA DSG Solutions Lab – The Goal• A flexible multi purpose lab built on Dell technology and latest
Windows Versions
• Ability to test interoperability with newest Windows Versions
• Ability to provide workshops onsite without having to bring equipment
• Overcome the struggle where for a training, pupils need to install a number of VMs
• Showcase Dell Connected Security Solution sets
Software Group
EMEA DSG Solutions Lab - Design• Three major parts:
– Core and Shared Services– Workshop Pods– Demo Pods
• Four separate planes– Management Plane– Data Plane– Out of Band Management– Access Plane
Software Group
EMEA DSG Solutions Lab – Workshop Pods• Flexible Workshop Pods to provide workshops / Training
without the need to bring equipment or to do onsite setups
• Each pod has 5 Subpods with each– Dell SonicWALL NGFW or NGFW HA Pair– Management PC– Active Directory– Client PC– Dell SonicWALL Virtual Appliances
• Each pod has a Controller / Instructor PC– Can access the entire Pod and help pupils
Software Group
EMEA DSG Solutions Lab – Workshop Pods• Each Subpod is behind it’s own WAN Emulator
– To emulate Different type of WANs (DSL,T1, E1 etc)
• Each Subpod has 5 VLANs
• 6 Pods available:– 2x 5x NSA 2600 with SMB-SRA VA– 2x 5x NSA 3600 with SMB-SRA and WXA– 2x 5x NSA 6600 HA with EX-SRA and WXA
Software Group
EMEA DSG Solutions Lab – Demo Pods• Solutions sets to Demo Dell Solutions
• 11 Dell SonicWALL NGFW pods for Dell Solutions involving NGFW
• 1 SuperMassive 10400 Demo setup
• 1 FireWALL Sandwich Demo Setup
• Flexible Infrastructure to add other Demo’s without NGFW
Software Group
EMEA DSG Solutions Lab – Demo Pods• Solution Demos Available:
– Authentication Partitioning and Single Sign-On› Multi Active Directory Setup
– CFS 4.0 › CFS 4.0 Beta and CFS School Example Demo Setup
– Email Security Multi Tenancy› Email Security Multi Tenancy Demo Setup
– Dell Defender Integration› Dell Defender Integration with Dell NGFW, Dell SMA and Dell SRA
– Dell RISK Analytics› CAM RISK Analytics engine with Dell NGFW› Cloud Access Manager with Dell NGFW DPI-SSL
Software Group
EMEA DSG Solutions Lab – Demo Pods• Solution Demos in the making:
– Dell Change Auditor› Dell Change Auditor with Dell NGFW and Dell SMA
– Dell SonicWALL WXA and NGFWINPROGRESS› Dell SonicWALL WAN Acceleration with Dell SonicWALL Next Gen Firewall
– Dell One Identity › Dell One Identity with Cloud Access Manager› Dell One Identity with Dell SonicWALL Next Gen Firewall› Dell One Identity with Dell SonicWALL Secure Mobile Access
– Dell EMM and Dell SonicWALL Secure Mobile Access INPROGRESS› Dell SMA setup with EMM
Software Group
EMEA DSG Solutions Lab – Demo Pods• Solution Demos in the making:
– Email Security, Anti Phish, Anti Spam, Anti Spoof INPROGRESS› Dual Email Security setup to show DMARC and DKIM anti spoof
– Dell Privileged Account Management› Dell TPAM with Dell NGFW and Dell SMA
– Dell SonicWALL Firewall Sandwich› Dell SonicWALL Next Gen Firewall and Dell PowerConnect
– Dell SonicWALL, Dell KACE and Dell EMM INPROGRESS
– Dell One IDAM and Dell EMM
– And more to come
Software Group
EMEA DSG Solutions Lab – POC Services• Services available for on site POCs
– Global Management SystemINPROGRESS
– Splunk to be created
– TBD
Software Group
EMEA DSG Solutions Lab – Core and Shared Services• Solid, Redundant and Flexible Core
– Built on Dell Networking (S and N series)
– Built on Dell Hardware (PowerEdge R Series)
– Built on a combination of ESX and Hyper-V
• Core Services – Microsoft Active Directory High Availability parent domain with 2 child domains
– Microsoft SQL 2012 MS-SQL High Availability Cluster
– Microsoft Exchange 2013 Exchange High Availability Cluster, dedicated CASS and Edge-Transport
– Microsoft Windows Server Update Service WSUS High Availability Cluster
– Microsoft Distributed File Share Service DFS High Availability Cluster
– Microsoft SharePoint 2013 SharePoint multi site server
Software Group
EMEA DSG Solutions Lab – Core and Shared Services• Shared Services
– Microsoft Active Directory Dedicated Child domains for Demo and Workshop pods
– Microsoft SQL 2012 Hosting WSUS, Password Manager, CAM, DellOne
– Microsoft Exchange 2013 and Outlook Web Access 2013 Dedicated servers for parent and demo domain
– Microsoft WSUS Managing updates for Windows Clients and Servers (50+)
– Microsoft SharePoint SharePoint instance for Demo Pods
– Dell Password Manager Shared between Parent and Child Domains
– Dell Defender Shared between Parent and Child Domain
– Citrix Citrix instance for Demo Pods
– Ubuntu DNS Highly Scalable DNS architecture, forwarders for AD
Software Group
EMEA DSG Solutions Lab – Core and Shared Services• Microsoft Active Directory
– Currently 7 Active Directories and expanding› EMEA-DSG.Lab Core AD› Demo.EMEA-DSG.Lab Child AD for Demo Setups› Workshop.EMEA-DSG.Lab Child AD for Workshop Pods
› DomainA.Local AD for Authentication Partitioning Demo› DomainB.Local AD for Authentication Partitioning Demo› sonicwall.serveexchange.com AD for Email Security Demo› dellsecurity.securitytactics.com AD for Email Security Demo
– Additional 30 ADs planned for WorkShop Pods.
Software Group
EMEA DSG Solutions Lab – Statistics&Components• Dell networking [12]
– 4x Force10 S60– 2x Force10 S5000– 2x PowerConnect N3024– 4x PowerConnect N3038
• Dell Security NGFW [63]– 4x SuperMassive 9600 2x Perimeter, 2x Firwewall Sandwich– 4x TZ 6003x Demo Pods, 1x Out of Band– 20x NSA 2600 2x Perimeter, 10x Workshop Pods, 8x Demo Pods– 14x NSA 3600 10x Workshop Pods, 4x Demo Pods– 20x NSA 6600 20x WorkShop Pods (HA Pairs)– 1x SuperMassive 10400 Demo Pod
• Dell Security SMA [5]– 2x SMA EX-6000 Access Layer– 1x SMA Virtual Appliance SMA Demo– 1x CMS Virtual Appliance SMA Demo– 1x SMA 400
Software Group
EMEA DSG Solutions Lab – Statistics&Components• Dell Servers [11]
– 11x PowerEdge R series
• ESXi Hosts [9]– 9x ESX 5.5 2x Services, 2x Workshop Pods, 4x Demo Pods, 1x PoC
• Hyper-V [8]– 4x Hyper-V on physical hardware Services, GMS Demo and traffic generators– 4x Hyper-V on ESXi Email Security and Authentication Partitioning Demos
• Servers (Excluding above Hyper-V) [43 windows, 4 Ubuntu]– 26x Windows 2012R2 for Services 26x Virtual– 2x Windows 2012R2 for WorkShop 2x Virtual, this will be expanded with another 90 (30
Hosts with each a DC and an SSO agent)– 12x Windows 2012 R2 for Demos 12x Virtual and expanding– 3x Windows 2012 R2 for DevTest 3x Virtual– 4x Ubuntu
• Clients [11]– 8x Windows 8.1 8x Virtual– 3x Windows 10 3x Virtual, this will be expanded with another 30
Software Group
EMEA DSG Solutions Lab – Statistics&Components• Dell SonicWALL Virtual Appliances [62]
– 20 SMB-SRA for Workshops– 20 WXA for Workshops– 10 EX-SRA for Workshops– 2 Email Security for Services and Demo– 1 SMA for Demo– 1 SMA CMS for Demo– 1 SMB SRA for Demo– 4 Global Management Systems for POCs– 2 WXA for Production and Demo– 1 WXA for Demo
• Other Dell Virtual Appliances [2]– TPAM DPA– KACE 1000
• Other Non-Dell Virtual Appliances [31]– 31 WANemulator
Software Group
Skytap and DSG Solutions Lab• What is it NOT?
– EMEA DSG Solutions Lab is NOT a replacement for SkytapSkytap is a valuable tool to quickly Spinup Demos and to run POCsSkytap is ideal for the IDAM PreSales engineers and ArchitectsWith Skytap, flexible full read-write demos can be built
• What is it?– EMEA DSG Solutions Lab can be used as an Add-On to the Skytap
demos.– EMEA DSG Solutions Lab hosts a number of read-only demos
showing Dell Software Solution sets and integrations
Software Group
Skytap and DSG Solutions Lab• What can NOT be done with Skytap?
– Certain Dell Software Solutions can not be hosted in Skytap. E.g. Next Generation Firewalls
– Build complex Customer like Setups that include diverse routed networks
– Always on Demos, Skytap does not allow always on Demos
• DSG Solutions Lab and Skytap integration– We are looking for the ability to integrate Skytap demos with the
EMEA DSG Solution Lab– This will allow to quickly build add-ons in Skytap to EMEA DSG
Solution Demos and Workshop Pods– This requires a Site to Site VPN between Skytap and EMEA DSG
Solutions Lab, this is currently being investigated