Upload
hamien
View
216
Download
0
Embed Size (px)
Citation preview
© 2010 IBM Corporation
Security Considerations for Cloud Deployment
IBM Power Systems
Jeff Uehling, IBM i Network & Security Development
IBM - Rochester, MN
© 2010 IBM Corporation
IBM Power Systems
What is Cloud Computing?
Is Cloud Computing really a new concept?
© 2010 IBM Corporation
IBM Power Systems
What is Cloud Computing?… An IT consumption and delivery model
Cloud enables:
– User self-service
– Outsourcing options
– Dynamic scalability
Multiple types of clouds will coexist:
– Private – Deployed Inside a customer’s firewall
– Public – Provided and managed by a 3rd party via subscription
– Hybrid – a mix of Public and Private models based on Workload
An effective cloud deployment is built on a dynamic Infrastructure and should be part of
an overall Data Center transformation plan
Cloud computing is a consumption and delivery model inspired by consumer Internet service and is optimized for IT / Business Services
© 2010 IBM Corporation
IBM Power Systems
© 2010 IBM Corporation
Clouds enable a broad spectrum of deployment options
© 2010 IBM Corporation
IBM Power Systems
Cloud Differentiators… There are Many!
Weeks or Months Seconds to Minutes
Time to Deploy a Server
Negotiate & Commit Year-long Contract Select from Catalog & Pay As You Go
Commitment to use Service
$K-$M in Infrastructure → $$ per IT hour No or Low Upfront → ¢ per IT hour
Necessary Upfront Investment $
© 2010 IBM Corporation
IBM Power Systems
IT Benefits from Cloud Computing are Real…
Increasing speed and flexibility
Reducing
costs
Results from IBM cloud computing engagements
Source: Based on IBM and client experience.
Test provisioning Weeks Minutes
Change management Months Days/hours
Release management Weeks Minutes
Service access Administered Self-service
Standardization Complex Reuse/share
Metering/billing Fixed cost Variable cost
Server/storage utilization 10–20% 70–90%
Payback period Years Months
© 2010 IBM Corporation
IBM Power Systems
Agents End Users Support
Community
Crowdsourcing
Customer Care Payments Int. Risk Mgmt.
Retail Banking Trade & SC Finance Payments Mobile Banking Front Office Optimization
InfrastructureServices
PlatformServices
ApplicationServices
BusinessServices
PeopleServices
Data Mgmt. Virtualization Workload Mgmt SLA & Capacity Provisioning Security Monitoring
Dynamic Provisioning Process & Policy Mgmt. Problem & Change Mgmt.
Service Cloud Business & Operations Support
Fulfillment Assurance Billing
Mashup ServerEnd User Interaces Service/SoftwareCatalogs
Open Foundation (WS Framework, Service Bus)
B2B
Partn
ers
hip
s
Exp
erience
Managem
ent.
Industry Frameworks & Information Foundation
Distributed Cloud Computing Services
Cloud technologies can offer operational expense reductions and improved service at all layers
© 2010 IBM Corporation
IBM Power Systems
Infrastructure Services
Platform Services
Application Services
Business Services
2000 2006
BCRS
ISSC/SO
Live
‘People’ Services
2009
Serv
ice C
loud L
ayers
MBPS(eHR, LBPS, etc.)
ISS
Live Mesh
Static, dedicated, outsourced Network-delivered, off-premises Shared, automated, dynamic
Cloud: because the majority of IT cost is in people, Cloud Computing is becoming popular at the higher layers
© 2010 IBM Corporation
IBM Power Systems
What Cloud Services are available today?
Hundreds… Thousands… growing by the day!
© 2010 IBM Corporation
IBM Power Systems
Platform-as-a-Service
Software-as-a-Service
Servers Networking Storage
Middleware
Collaboration
Business Processes
CRM/ERP/HR
Industry Applications
Data Center Fabric
Shared virtualized, dynamic provisioning
Database
Web 2.0 ApplicationRuntime
JavaRuntime
DevelopmentTooling
Computing on
Demand
Developer Cloud
Market Examples
IBM Examples
Cloud Delivery Examples
Infrastructure-as-a-Service
© 2010 IBM Corporation
IBM Power Systems
Top private workloads
Database, application and
infrastructure workloads emerge as most appropriate for a
Private offering
� Data mining, text mining, or other analytics
� Data warehouses or data marts
� Business continuity and disaster recovery
� Test environment infrastructure
� Long-term data archiving/preservation
� Transactional databases
� Industry-specific applications
� ERP applications
Top public workloads
Infrastructure and
collaboration workloads emerge as most appropriate
for a Public offering
� Audio/video/Web conferencing
� Service help desk
� Infrastructure for training and demonstration
� WAN capacity and VoIP infrastructure
� Desktop
� Test environment infrastructure
� Storage
� Data center network capacity
� Server
© 2010 IBM Corporation
IBM Power Systems
Cloud Usage Models
1. End User to Cloud - Application running on the cloud with access for end-users
2. Enterprise to Cloud to End-user (Interoperability) -Applications running in the public cloud – access from employees and customers
3. Enterprise to Cloud (Integration) - Cloud application integrated with internal IT capabilities
4. Enterprise to Cloud to Enterprise (Interoperability) - Cloud application running in the public cloud and interoperates with partner applications (supply chain)
5. Enterprise to Cloud (Portability) - Cloud application running in the cloud – flexibility to move to a different cloud provider in the future or in-house
6. Private (intra) Clouds - Interoperability / integration within elements of a private cloud and between a private cloud and a traditional environment
© 2010 IBM Corporation
IBM Power Systems
Model 1: End User to Cloud
� What is it ?
– Application running in the cloud with access for end-users
� Scenarios :
– Get new Web app provisioned worldwide quickly (e.g., the next facebook, linkedin, gmail, etc …)
– Don’t need IT infrastructure, flexible acquisition
Public Cloud
ApplicationApplication
© 2010 IBM Corporation
IBM Power Systems
Model 2: Enterprise to Cloud to End-user
� What is it:– Deploy cloud based application specifically
for the cloud – access for employees and for customers
� Scenarios:– Online sales through catalog, needs to link
back into enterprise systems for fulfillment • web app and shopping cart in cloud,
fulfillment inside existing enterprise systems
– Two sub-models• End User is employee in the Enterprise
(e.g., Travel Expense Account application)
• End User is Web customer outside the Enterprise (e.g., online sales)
Enterprise IT (Traditional,
Private Cloud or Hybrid)
External
Internal
Public Cloud
ApplicationApplication
© 2010 IBM Corporation
IBM Power Systems
Model 3: Enterprise to Cloud (Integration)
� What is it?
– Cloud application – integrated with internal IT capabilities
� Scenarios :
– Typical approach of integrate with existing on premises and off-premises capabilities or other cloud application (customer list, access control, data)
External
InternalIntegrate with
existing on
premise
capabilities
Public Cloud B
Application /
Data
Application /
Data
Enterprise IT (Traditional,
Private Cloud or Hybrid)
© 2010 IBM Corporation
IBM Power Systems
Model 4: Enterprise to Cloud to Enterprise
� What is it?– Cloud application running in the
public cloud – interoperate with partner applications (supply chain)
� Scenarios :– Brokers, common function providers
(e.g., supply chain, broadcast recall to multiple customers, broadcast RFP to suppliers, “classic” B2B)
Large manufacturer B
External
Internal
Public Cloud
Application Application
Large manufacturer A
© 2010 IBM Corporation
IBM Power Systems
Model 5: Enterprise to Cloud (Portability)
� What is it?
– Cloud application and/or data running in the cloud – flexibility to move to a different cloud provider in the future or in-house
� Scenarios:
– Flexibility and choice to change application
platform suppliers
– “Write once, run anywhere” External
Internal
Public Cloud B
Application /
Data
Application /
Data
Public Cloud A
Application /
Data
Application /
Data
Application /
Data
Application /
Data
Move to
another cloud
Move in-
house
Enterprise IT (Traditional,
Private Cloud or Hybrid)
© 2010 IBM Corporation
IBM Power Systems
Model 6: Private (intranet) Cloud
� What is it?
– A “private” cloud-based service, offers many of the benefits of a public cloud computing environment. The difference is that data and processes are managed within the organization.
� Scenarios:
– The enterprise would leverage a private cloud to provide Self-service capabilities, real-time infrastructure.
– Interoperability / integration within elements of a private cloud and between a private cloud and a traditional environment
External
Internal
Private Cloud
On-Premise or Off Premise
Storage (SAN/NAS)
OS Images (Virtual / Physical)
Database Schema /Instances
© 2010 IBM Corporation
IBM Power Systems
We Have Control
It’s located at X.
It’s stored in server’s Y, Z.
We have backups in place.
Our admins control access.
Our uptime is sufficient.
The auditors are happy.
Our security team is engaged.
Who Has Control?
Where is it located?
Where is it stored?
Who backs it up?
Who has access?
How resilient is it?
How do auditors observe?
How does our security team engage?
Today’s Data Center Tomorrow’s Public Cloud
So what type of business and security challenges does cloud computing introduce?
© 2010 IBM Corporation
IBM Power Systems
Security is a top concern with cloud computing…
69%
54%
53%
52%
47%
Security/privacy of company data
Service quality
Doubts about true cost savings
Performance / Insufficient responsiveness over network
Difficulty integrating with in-house IT
Source: IBM Market Insights, Cloud Computing Research
What, if anything, do you perceive as actual or potential barriers to acquiring public cloud services?
The Tale of two studies shows that Security is the number one inhibitor to customers adopting cloud technologies.
Source: Oliver Wyman Interviews
© 2010 IBM Corporation
IBM Power Systems
Gartner’s security risks of cloud computing
Data Segregation
Data Recovery
Investigative Support
Regulatory Compliance
Data Location
Privileged User Access
Disaster Recovery
Gartner: Assessing the Security Risks of Cloud Computing, June 2008
© 2010 IBM Corporation
IBM Power Systems
Risks introduced by cloud computing
LessControl
DataSecurity
Security Management
Compliance Reliability
Over where the information is
located and stored, who has
access and backups, how is it
monitored & managed
including resiliency Control needed to manage
firewall and security
settings for applications
and runtime environments
in the cloud
Concerns with high
availability and loss of
service should outages
occur
Challenges with an
increase in potential
unauthorized exposure
when migrating workloads
to a shared network and
compute infrastructure
Restrictions imposed
by industry regulations
over the use of clouds
for some application
© 2010 IBM Corporation
IBM Power Systems
Top 10 factors for a secure Cloud Infrastructure
� Data Protection
� Access and Identity
� Application Provisioning & Deprovisioning
� Application & Environment Testing
� Service Level Agreement
� Vulnerability Management
� Business Resiliency
� Audit & Governance
� Cross Border Protection
� Intellectual Property & Export Laws
© 2010 IBM Corporation
IBM Power Systems
What are the Risks
� Policy and Organizational Risk - Things that may directly degrade the ability of the consumer organization to conduct business in efficient manner
� Legal Risk - Things that may put the consumer organization in breach of the law or that may prevent compliance with specific legal mandates
� Technical Risk - Things that may disrupt normal operations of the consumer organization or cause loss of value over intangible assets (data, reputation, etc.)
� Transitional Risk - Things that may temporarily put the consumer organization’s “traditional” infrastructure and operations under increased risk
© 2010 IBM Corporation
IBM Power Systems
Policy and Organizational Risk
5 INTRINSIC RISKs
1. Resource sharing and pooling - Data (intangible assets) can not be tied to physical assets (tangible HW resources), assets must be referenced by their content not their supporting media or storage location
2. Network accesses - Porous perimeter, authorization & authentication become more important issues
3. Service elasticity and scalability - Grow-on-demand and pay-as-you-go can backfire. Seemingly infinite capacity may not be so under attack.
4. On-demand self-service - Hijacking of the consumer’s control plane (user interface.
5. Measured service - Economic denial of service, depletion of service quota
© 2010 IBM Corporation
IBM Power Systems
Legal Risks
� E-discovery and Subpoena - Where is the evidence that I need to hand out? Intangible assets cannot be mapped to physical assets or geographical locations. Service provider may not be cooperative. Resources are pooled and shared so they can’t be “taken” without affecting co-tenants and/or service provider operations.
� Change of jurisdiction - Which privacy (Data protection ) and security laws are applicable when intangible assets and processes are outsourced to service providers with distributed data centers across several continents? Do national laws local to the service provider’s data center supersede those local to consumer’s organization?
� Data protection - It can be difficult for the cloud customer (in its role of datacontroller) to effectively check the data processing that the cloud provider carries out, and thus be sure that the data is handled in a lawful way. Conflicting data encryption standard requirements, lack of notification of data breaches by the service provider, storage of data collected unlawfully by co-tenants .
© 2010 IBM Corporation
IBM Power Systems
Technical Risks
� Isolation failure - Break out of the VM, storage compartment, virtual network, VPN, etc.
� Compromise of the management interface - Hijack of the consumer organization’s cloud computing infrastructure, loss of control plane (user interface).
� Data leakage – Data Leakage to co-tenants (Intra-cloud ) or from the cloud
� Insecure data lifecycle management - Insecure or ineffective deletion of data, loss of consistency, data duplication
� Economic denial of service - Depletion of quota vs. runaway service costs vs loss of efficiency
� Coarse access control - Insufficient granularity to implement authentication, authorization or auditing controls
� Conflicting Provider- Consumer security standards - Provider can’t meet the consumer organization’s security requirements
© 2010 IBM Corporation
IBM Power Systems
Transitional Risks
� Disruption of endpoint security - Cloud applications that require installation of client-side components or use of specific desktop applications may weaken the consumer’s security posture
� Credential Leakage - Improper lifecycle management of credentials needed to access cloud applications. Shared access for “testing purposes”, open access to cloud user interface
� Punctured perimeter - Punching “temporary holes” in network filtering rules. Network IDS with lost visibility, tunneling.
� Transitive trust - Internal/ legacy applications suddenly made to transitively trust the cloud. Reuse of credentials, hard-coded passwords, certificates, etc.
© 2010 IBM Corporation
IBM Power Systems
Security complexities raised by virtualization
New complexities:
�Dynamic relocation of VMs
�Increased infrastructure layers to manage and protect
�Multiple operating systems and applications per server
�Elimination of physical boundaries between systems
�Manually tracking software and configurations of VMs
Risk depends on cloud type
�Public cloud riskiest (mixed tenants)�Private cloud least risky (BAU)
– but places higher demands on the company
�Hybrid (private + public) provides a balanced solution
– sensitive data stays private– public cloud used for non-sensitive
data. Can be always or just for demand spikes
•1:1 ratio of OSs and applications per server
•1:Many ratio of OSs and applications per server
•Additional layer to manage and secure
© 2010 IBM Corporation
IBM Power Systems
Low-risk Mid-risk High-risk
Mission-critical workloads, personal
information
Business Risk
Need for Security Assurance
Low
High
Training, testing with non-sensitive
data
Today’s clouds are primarily here:
● Lower risk workloads
● One-size-fits-all approach to data protection
● No significant assurance
● Price is key
Tomorrow’s high value / high risk workloads need:
• Quality of protection adapted to risk
● Direct visibility and control
● Significant level of assuranceAnalysis &
simulation with public data
Different cloud workloads have different risk profilesOne-size does not fit-all
© 2010 IBM Corporation
IBM Power Systems
IBM’s Cloud Portfolio
Consulting Services in support of Cloud Computing
Smart Business Offerings:comprehensive cloud solutions for infrastructure workloads
Workloads available on multiple delivery models... with embedded service management
Infrastructure services & technologies enabling cloud computingServices● Security● Resiliency optimization (BCRS)● Data Center● Tivoli Live Monitoring
Technologies● Tivoli Service Automation Manager● WebSphere Hypervisor Edition
● Infrastructure Strategy & Planning● Strategy & Change Services for Cloud Adoption● Strategy & Change Services for Cloud Providers
● Testing Services for Cloud ● Networking Strategy & Optimization
Development and Test
Desktop Infrastructure Storage Analytics Collaboration
Maintenance
© 2010 IBM Corporation
IBM Power Systems
IBM Cloud Services Portfolio
Smart business on the IBM cloud
IBM Smart Business Services
IBM Smart Business Systems
Standardized services on the IBM cloud
Preintegrated, workload-optimized systems
Private cloud services, behind your firewall, built and/or managed by IBM
IBM Lotus LiveIBM Lotus®
iNotes®
IBM CloudBurst™ family
IBM Smart Business Test Cloud
IBM Smart Business Desktop Cloud
IBM Smart Business Storage Cloud
Analytics Collaboration Development and test
Desktop and devices
Infrastructurestorage
IBM Smart Analytics System
Smart Business for Small or Midsize Business (backed by the IBM Cloud)
Infrastructurecompute
IBM Computing on Demand
IBM Information Protection Services
Business services
BPM BlueWorks (design tools)
IBM Smart Business Desktop Cloud
IBM Smart Analytics Cloud
Smart business expense reporting on the IBM cloud
IBM Information Archive
Smart Business Development and Test on the IBM Cloud (beta)
Global Technology Services
Smart Business End User Support
© 2010 IBM Corporation
IBM Power Systems
Cloud Solutions for Power Systems
� Cloud services definition and provisioning
� Software full lifecycle management
� Policy creation and enforcement
Tivoli Service Automation Manager (TSAM)
Tivoli Provisioning Manager (TPM)
IBM Systems Director and VMControl
� Power System Pools simplicity
� Policy-based workload resilience
� Best-practices image management
� Automated SAN provisioning
� Best-of-breed Power Systems Virtualization
� Sharing and dynamic allocation of resources across environments
� Multi-OS support: AIX, i, Linux
Tivoli Storage Productivity Center (TPC)
� Simplified SAN management
� Integration with VMControl for automated disk provisioning
SAN Volume Controller (SVC)
� IBM DS5000, DS8000, XIV; EMC; HDS
� Heterogeneous storage management
� Decoupling of physical and virtual storage
� Pooling for increased virtualization
© 2010 IBM Corporation
IBM Power Systems
Current IBM i strengths
Strengths - stands out in multi-tenant
Good Isolation� Object-based architecture� IBM i enforced Security and encryption� Database schema and IASP isolation� System Director � WebSphere – separate enterprise applications – role-based security� Memory Pools� Subsystems� Processor Pools� Group Profiles� Active Memory Sharing� …
In short, a multi-user, multi-app OS from day 1
© 2010 IBM Corporation
IBM Power Systems
IBM i Hosting Environment
V
Application-level multi-tenancy
Tenant Tenant
Data center floor
Infrastructure
Operating System
AP
Application
Single app.
servicing
multi
tenants
Data Platform
One application
Stack per tenant
IV
Platform-level multi-tenancy
Tenant
App App
Tenant
Data center floor
Infrastructure
Operating System
AP
Data Platform
Data center floor
III
Operating System-level multi-tenancy
Tenant
App
AP
App
AP
Tenant
Infrastructure
Operating System
Data Platform
One AP
Stack for each
tenant
II
Shared Hardware multi-tenancy
Tenant
App
AP
App
AP
Tenant
Data center floor
OS OS
Infrastructure
DP DP
One OS
stack for
each tenant
Shared
Dedicated
Legend:I
Physical-level or isolated multi-
tenancy
Tenant
App
AP
Infrastr.
App
AP
Infrastr.
Tenant
Data center floor
OS OS
DP DP
One server
stack for
each tenant
• PowerVM
• PowerHA
• Systems Director
• Apache web servers
• WebSphere Application Servers
• IBM i subsystems
• Subsystems, Memory Pools
• Threads, Users/Groups
• Validation lists
• DB2 for i
• Independent Storage Pools
• Schema isolation
Enabling Technology
IBM i performs very well hereIBM i performs well here
© 2010 IBM Corporation
IBM Power Systems
IBM i Vision toward Cloud Enablement
Past
Present
Potential Future
enhancements
� Physical systems
� Internal storage
� Static resource partitions
� Manual setup
� Physical media install
� Licensing per core
� Backups
� Virtual resources
� External storage w/ VIOS and SAN
� Dynamic resources for partitions
� Network install and backups
� Scripted partition creation
� Licensing per core
� HA
� Partition mobility
� Partition hibernation
� Image (partition) provisioning/cloning
� Virtualized everything
� Workflow automation
� More granular licensing
� Flash copy checkpoints and snapshots
� HA
© 2010 IBM Corporation
IBM Power Systems
What is IBM CloudBurst?
– A complete, pre-packaged cloud environment. Includes both hardware and software
– CloudBurst on Power is slated for 4Q 2010 delivery (v2.1)
Market splash:
– The IBM CloudBurst solution on Power is planned to provide everything you need for a private cloud environment including Tivoli service management software, storage, network and the most efficient platform for cloud computing with Power Systems, enabling customers to rapidly realize the benefits of cloud computing
© 2010 IBM Corporation
IBM Power Systems
IBM Cloudburst – an Integrated Cloud solution
Tivoli Service Automation
Manager (TSAM)
IBM Cloudburst
�Orchestration of Cloud operations
�Integration point for service mgmt capabilities
�Service catalog and templates
�Automated provisioning of virtual systems
�Monitor both physical and virtual server environments
Monitoring
�Make management system DB highly available
High Availability
�Provide metering and accounting for cloud services
�Enable integration to billing systems if needed
Usage and Accounting
�Enhanced management of the virtual environment
Virtualized HW Management
�Energy management of the hardware infrastructure
Energy Management
“Built for Purpose” Cloud Solution
�Preinstalled and configured on IBM hardware
Server, Storage, Network HW
© 2010 IBM Corporation
IBM Power Systems
2010
2009
Optimized for Development & Test Workloads
IBM CloudBurst 1.1
IBM CloudBurst 1.2
Key Enhancements� Expand HW Platform to
Power Systems,iDataplex, and System Z
� Cloud Analytics and Dashboard capabilities
� Cloud capacity Planning� Enhanced security &
resiliency options� Compliance reporting
options� Integration with public
cloud offerings
IBM CloudBurst Roadmap
Capabilities� System X BladeCenter HW;
scalable and modular� GTS CloudBurst QuickStart
Services� Request, Deploy and Manage
VMWare virtual environments� Energy Utilization metrics� Backup and Recovery
IBM CloudBurst
Future
Optimized for ProductionWorkloads
IBM WebSphere CloudBurst Appliance
New Enhancements� Energy metrics integrated with IT
service management system� Accounting, usage and metering � High availability configuration� Enhanced security options� Integrated with WebSphere
CloudBurst
Delivered!
New!
© 2010 IBM Corporation
IBM Power Systems
Thank you!
For more information, please visit:ibm.com/cloud
Or, contact me: Jeff [email protected]