From Datacenter to Device: Security in the Enterprise 2012 and Beyond

© 2010 VMware Inc. All rights reserved

From Datacenter to Device: Security in the Enterprise 2012 and Beyond

Dr. Stephen Herrod, CTO

February 27, 2012

2

The New Reality for Users

Apps & Data Everywhere

Diverse Access Points

Browser

Windows

Mac

iOS

Android

Universal App Catalog and

Workflow

Broker

Entitlements, Policies and Reporting

SaaSServices

WindowsLegacy Apps

Data Services

Mobile Apps

3

The New Reality

Diverse Apps Diverse Access

Browser

Windows(Physical)

Mac(Physical)

iOS

Android

EnterpriseApp Catalog and

Workflow

Management

Broker


SaaSServices

WindowsLegacy Apps

Data Services

Mobile Apps

4

The New Reality


Browser

Windows(Physical)

Mac(Physical)

iOS

Android


Workflow

Management

Broker


SaaSServices

WindowsLegacy Apps

Data Services

Mobile Apps

sherrod

5

The New Reality


Browser

Windows(Physical)

Mac(Physical)

iOS

Android


Workflow

Management

Broker


SaaSServices

WindowsLegacy Apps

Data Services

Mobile Apps

6

The New Reality

7

Server +Network +

Storage

8

Hardware Density and Cost/Perf

Trends Driving the Evolution of the Datacenter

9% 14%22%

33%42%

51%59%65%69%

% Virtualized (Installed workloads WW)

9

0

20

40

60

80

'96 '97 '98 '99 '00 '01 '02 '03 '04 '05 '06 '07 '08 '09 '10 '11 '12 '13

Physical Server Installed Base (Millions)Logical Server Installed Base (Millions)

Millions Installed Servers

WW Installed Physical and Logical Servers

VMs decoupling

from HW

Projected 80 million VMs in 2014

Source: IDC, Game Changing Virtual Technology : The Evolution of Virtualization and the Cloud, 2011

Installed Base of VMs is Rapidly Growing

10

Convergence is Happening on Many Fronts

Convergence on x86 processors Network, storage, encryption, graphics

functions increasingly integrated into general purpose CPUs

Converged IO 40Gb, 100Gb bandwidthEliminates dedicated IO, HBA costs

Increases responsibility for intelligent management of the shared pipe

Converged systems Integrated compute, storage, IO, management in a box

Intelligently managed by software Scalable, Lowered OPEX

11

The Result? Hyper-density!

In 2014, a single rack could hold ~20,000 VMs! • Run a 5,000 employee company on a rack the size of a dorm fridge!

New opportunities• All applications on a common infrastructure

• Including many infrastructure functions that today require specialized hardware.

New challenges!• Today’s security model breaks

12

Why is it breaking?

Port-Based Security Desktop Access

HTTP/S Tunnelling• RPC• Git• IMAP• Dropbox• …

Mobile

1 Density behind the switch

More (and Fewer!) Ports to Protect2

Virtualization and Mobility3

13

3. Virtualization and Mobility

14

The New Model

15

Defense in Depth

Protect the VM Content

16

Defense in Depth

Protect the Logical Apps

17

Defense in Depth

Protect the Logical Datacenter

18

2 More app context = better security!

Efficient use of resources

Simplified, more integrated management

A Challenge and an Opportunity for Vendors!

3

4

1 Existing investments hold

Documents

From Datacenter to Device: Security in the Enterprise 2012 and Beyond