Upload
marloes-brilman
View
60
Download
0
Embed Size (px)
Citation preview
Uw werkplek- en datacenterspecialistOntwerpen • Implementeren • Optimaliseren
Citrix & Nutanix: ‘de kracht van de combinatie’
Simple, Secure & Scalable
Agenda
• 12.00 - 13.00 uur Lunch• 13.00 - 13.10 uur Opening & welkom• 13.10 - 13.50 uur Nutanix• 14.00 - 14.45 uur Citrix & AppSense• 14.45 - 15.00 uur Koffiepauze• 15.00 - 15.30 uur Werkplektransformatie• 15.30 - … uur Afsluiting & borrel
Even voorstellen
Arjen VisserDirecteur Sales
Over ICT-Partners
• 80 experts
• Meer dan 15 jaar ervaring• Drie vestigingen
Focus ICT-Partners
• Transities van werkplek- en datacenter infrastructuur
• Architectuur / Roadmapping• Security
• Cloud (services, azure, office 365)• Automation
Partners
Haal meer uit uw werkplek met Citrix & Nutanix!
Door Mahil el Khatib, Nutanix
The Enterprise Cloud CompanyMahil el Khatib, Sr. Systems Engineer
The Best IT Infrastructure IsYou Can’t See
Just Works
Invisible …
Web-Scale: Design Point for Invisible
Design Principles••Unbranded x86 servers: fail-fast systems••No special purpose appliances••All intelligence and services in software••Extensive automation and rich analytics••Distributed everything
Benefits••Linear, predictable scale-out••Always-on systems••Fast innovation in software••Operational simplicity••Lower TCO
You needed VMware.You want Amazon Web Services.
YOU’LL LOVENUTANIX.
The Cloud Era Is Well Underway
“I deployed my applicationin five minutes.”
Rapid Time to Market
“No more time spent on low-level infrastructure
management.”
One-Click Simplicity
“I use and pay for just what I need only when I need it.”
Fractional IT Consumption
“New capabilities are available on a regular basis.”
Continuous Innovation
Why Not AWS For All Workloads?
Predictable Workloads
Elastic Workloads25%
75%
Balance Owning and Renting For Today’s Enterprise Workloads
Spin up and down resources on the public cloud
Lower costs with private cloud infrastructure
Bringing The Cloud To The Enterprise Datacenter
Fractional Consumption
Invisible Operations
Instant Delivery
Frictionless
Tailored SLAs for Every App
Balance Owning and Renting
Data Access and Governance
Choice and Freedom from Lock-in
Control
Continuous Innovation
Complexity with Legacy Infrastructure
x Lifecycle complexityx Resource silosx Support challengesx High costs
++ Automated operations++ Self-service provisioning++ Monitoring and analytics
Network
Virtualization
Compute
Storage Network
Storage
Virtualization
App App
Re-Platforming the Enterprise Datacenter
Integrated, scale-out compute and storage
Virtualization
App App
Storage Controller
Storage Controller
Storage Controller
Storage Controller
Server Server
Storage Controller
Storage Controller
with built-in virtualization and management
Scalable Distributed System Design
VM VM VM CVM
Hypervisor
VM VM VM CVM
Hypervisor
Tier 1 Workloads(running on all nodes)
Nutanix Controller VM(one per node)
VM VM VM CVM
Hypervisor
Distributed Storage Fabric
ü Snapshots ü Clones ü Compression ü Deduplicationü Locality ü Tiering ü Erasure Coding ü Resilience
Node 1 Node 2 Node N
X86 X86 X86
Extensible Storage Fabric
20
CVM
Distributed Storage Fabric
NFS/SMB/iSCSI SMB File Shares
FSVM FSVMFSVM
iSCSI Volume Groups
Bare Metal Apps
FSVM
VM
VM VMVM
CVM CVM CVM
HYPERVISOR HYPERVISOR HYPERVISORHYPERVISOR
Seamless Application and Data Mobility
ü Sizer ü One-click Hypervisor Conversion ü Cross-Hypervisor DR
ü Foundation ü Backup to Public Cloud ü Cross-Hypervisor Backup
App Mobility Fabric
VM VM VM CVM VM VM VM CVM
ESXi
VM VM VM CVM
ESXi
Node 1 Node 2 Node N
Distributed Storage Fabric
X86 X86 X86
ESXiESXiESXi ESXiESXi
AHV AHV AHV
Eliminate Complexity…
Integrated Consumer-Grade Management
IntuitiveBeautifulInsightful
Security-First Design
Full-Stack Security Development Lifecycle
Micro-Segmentation
Encryption
Anti-VirusAnti-MalwareFirewall
KeyManagement
EcosystemSecurity Certifications
Automated Validation and Self-healing
Repeat
Update
Asses
Test
Measure
Report
Hyperconverged >> Enterprise Cloud
Integrated Compute & Storage
Backup & DR Services
VM Storage
Hyperconverged Infrastructure
2012
File Services
Native Virtualization
Multi-hypervisor Support
Hybrid-cloud Services
Machine Intelligence
Systems & Ops Mgmt.
HCI++
2014+
Enterprise Cloud
Cloud Automation
Self Service
Network Segmentation
Object Storage
Application Ecosystem
Container Services
2016+
Hyperconverged Infrastructure
IntegratedCompute & StorageBackup & DR Services
VM Storage
VxRailCisco HyperFlexHewlett Packard Enterprise
Block Services
Network Visualization
Application Mobility
Hyper-VPrism
Deduplication
Innovating at the Speed of The Cloud
vSphere supportScale-out storage
KVM Support
Multi-cluster Management
Backup to AWSBuilt-in Virtualization
VM High AvailabilityBackup to AzureVM Flash ModeErasure Coding
Product Launch
2.53.0
3.54.0
4.14.5
4.6Major New Features in the Nutanix Enterprise Cloud Platform
2011 2012 2013 2014 2015
VM-centric Backup + DRNon-disruptive Upgrades
Compression
4.7
4x Faster PerformanceIntegrated File Services
AMF Hypervisor ConversionPrism Pro with X-Fit
2016
Block ServicesContainer SupportWhat-If Planning &
more..
Broad Ecosystem Support
Guest Operating Systems
Windows Server
Applications and
Technology
Hardware Platforms
Powering All Workloads and Use Cases
VDI
Branch Office
Data Protection & Disaster
Recovery
Big Data
Private & Hybrid Clouds
Collaboration and UC
Enterprise Applications
Thank You
&One more thing……………
TAC CentersNBD Depots
Durham
Amsterdam
24x7x365“Follow the Sun”
Support
97%Customer
Satisfaction
+90Net Promoter
Score
70+Countries
Languages
7WW Support
Centers
Global Support Overview
San Jose
Sydney
Bangalore
TokyoBeijing
Haal meer uit uw werkplek met Citrix & Nutanix!
Door Bert Jansema, ICT-Partners
Bert Jansema
Introductie
Werkplek 2.0
Werkplek 2.0• Technische realisatie (SBC, VDI, virtualisatie)
• Informatie altijd beschikbaar door internet en massacommunicatie• Mobiliteit: werkplek op kantoor, thuis en onderweg
• Security is een vakgebied
• Virtuele teams• Voice command & response• Nieuwe projectietechnieken (glas, holo)• Artificial Intelligence • Virtual Reality• Augmented Reality• Instant data analyse• Volledige persoonlijke afstemming
Werkplek 2020
Gas los!! Terug naar…
ICT ondersteunend, flexibel en onzichtbaar
• Bereiken:• Access anywhere anytime anyway• Consistente user experience
• Rekening houdend met:• Vraagfluctuatie, onvoorspelbare groei• Snel evoluerende bedreigingen
• In de greep houden van:• Kosten!• technische complexiteit
SIMPLESCALABLE SECURE
W2K12
Citrix Flexcast Management Architecture (FMA)
Applicaties&Desktop
XenApp Server(Controller&Delivery)
W2K12
Applicaties&Desktop
XenApp Server(Controller&Delivery)
W2K12
Applicaties&Desktop
XenApp Server(Controller&Delivery)
DeliveryController
W2K12
Applicaties&Desktop
DeliveryAgent
W2K16
Applicaties&Desktop
DeliveryAgent
Win10
Applicaties&Desktop
DeliveryAgent
XenApp IMA XenDesktop FMA
SimpleScalable
Citrix Studio
Simple
MachineCatalogsDeliveryGroupsPolicyLoggingAdministratorsControllersHostingLicensingStoreFrontApp-VPublishing
Citrix Director
Simple
HDX Protocol• Intelligente redirection• Adaptive compression• Data de-duplication
SimpleScalable Secure
• Any Cloud Hybrid Cloud Provisioning• Amazon Web Services• Windows Azure• Citrix CloudPlatform
• Any Device• Citrix Receiver voor Windows, IOS, Android, Linux
• Any App• Published Apps (XenApp)• VDI (XenDesktop)• Remote PC
SimpleScalable
Long Term Service Release
• Lagere TCO door hoge kwaliteit van de releases en voorspelbare onderhoudsintervallen
• Voorspelbaar onderhoud door cumulatieve update packs• 5 jaar “gewoon” support en 5 jaar extended support• Voorwaarde is dat alle Citrix componentversies LTSR compliant zijn
Simple
Gemiddelde Citrix omgeving
Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)Citrix ShareFile and file services
Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)Citrix ShareFile and file services
Citrix Provisioning Services
Citrix Provisioning Services
• Stream van ‘image’ (vDisk) naar meerdere machines tegelijkertijd• Maakt gebruik van PXE boot technologie• Sterke afhankelijkheid van goede netwerk-setup, DHCP• Sizing is van groot belang (failover/caching)
Mooie oplossing, maar redelijk complex
Citrix Machine Creation Services
Citrix Machine Creation Services
• Functionaliteit van PVS met……• …..Eenvoud van MCS
• Gebruik bestaande hypervisor functies• Geen afhankelijkheid van PXE en DHCP• Geen additionele componenten• Eenvoudige updates
Numberofvirtualdesktops
SANPerformance
MCS op traditionele SAN?
MCS op Nutanix
Voordelen van MCS op Nutanix?
Verdere vereenvoudiging vandeMCSarchitectuur!
Eenvoudige configuratie in XenDesktop Studio maakt het leven eenvoudiger:
Meerdere kopieënvanimages
Onderhoud vanmeerderedatastores
IOproblemen
Meer voordelen van MCS Nutanix!
GereduceerdeOpstarttijden
Betereschaalbaarheid
VMmigratie
Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)Citrix ShareFile and file services
HP, Dell, Cisco, Lenovo
Cisco, HP, Arista, Mellanox
Qlogic, Emulex
EMC, NetApp, HP, Dell, HDS
Cisco, Brocade
VMware, Microsoft, XenServer
Cisco, HP, Arista, Mellanox
VMware, Microsoft
Simplifying the XenDesktop Infrastructure Stack
Network
Scale out compute and storage
Virtualization
Network
Virtualization
Compute
SAN Fabric
Storage
AHV
Nutanix
Citrix – Nutanix IntegrationProduction
ReadyforAHVIntegratedManagement FastProvisioning
NovTax torunCitrixonNutanix FullyintegratedwithDesktopStudioUI
Highspeedimageupdatesandoperations
IncludesNutanixstandardbenefits• Shadowclonesandboot-stormhandling• Rapidtroubleshootingandclearopsline-of-sight• Linearscalingandpay-as-you-growconsumptionmodel
Native Citrix Studio Integration
Going distributed simplifies things..Before After
Linearly Scaling Virtual Desktop InfrastructureV
Ms
(Des
ktop
s)
• Scale incrementally one node at a time• Protect infrastructure investment by eliminating forklift upgrades• Scale storage capacity & performance linearly
Pay-as-you-grow
Number of Nodes
Citrix XenDesktop/XenApp on Nutanix AHV
VM VM VM
VM VM VM
VM
VM
VM
VM
AHV
Nutanix AHV is
Citrix XenApp/XenDesktopCitrix NetScaler VPX*Citrix ShareFileCitrix Cloud
CitrixStoreFront
XenDesktop Delivery Controller
AHV
Citrix Sharefile & File services
SQL Server & Infra /network services
Citrix Studio, Director
VM
CitrixNetScaler VPX
Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)Citrix ShareFile and file services
“SET THE USER FREE” e n d p o i n t s e c u r i t y s i m p l i f i e d
AppSense now part of the LANDESK family
zonder concessies aan veiligheid en beheersbaarheid
IT’S NEVER OR
I.T. MANAGED
USER MANAGED
Mobile
VIRTUALPHYSICAL AND
UNMANAGEDMANAGED AND
BYODCOPE AND
PERSONAL APPSCORPORATE APPS AND
PERSONAL DATACORPORATE DATA AND
ALWAYS AND
I.T. MANAGED
USER MANAGED
Users want to Personalize their workspace and access their Data. IT wants to manage Policy, Privilege, Performance and Analytics for each user. Combined, these elements define User DNA™
Workspace Management
IT Settings
User Settings+
= User DNA™
AppSense unlocks User DNA™
so IT can manage it independently.
Personalization
Policy
Privileges
Performance
Data Access
Analytics
User DNA™ is stored, managed and distributed from a central AppSense database, leveraging the AppSense platform. IT gets granular, contextual control allowing User DNA™ to follow the user, creating a seamless workspace experience.
AppSenseDatabase
Physical Virtual Cloud
Workspace Management
Creating a Balanced Portfolio
PatchManagement
Endpoint SecurityConfiguration Management
Physical, Virtual& Mobile
ServiceManagement
AssetManagement
User Environment Management
Security
An
alyt
ics
and
Das
hb
oard
s
EnvironmentManagement
PrivilegeManagement
ApplicationControl
File & ProfileMigration
PROTECTProtects against zero-day attacks by preventing malicious software from executing
CONTROL EXECUTIONApply precise control over how authorized applications execute and whether applications can launch other applications to prevent stealth rootkits from infiltrating your enterprise systems.
RANSOMWARE CONTINUOUS TO RISERansomware is not going away any time soon, because the business model offers high reward for minimal effort. Compared to 2015’s 29 ransomware families, 79 new families already emerged this year
PREVENTPrevents malware from running when your host system reboots. Also locks down the registry until rights are approved by the IT administrator
01
02
03
04
Protect Against Ransomware
Source: TrendLabs 2016 Security Roundup
Common Security Weakness
§ Almost all forms of attack use privilege escalation when installing malware that needs administrative privileges.
§ Phishing, which continues to be the most common front end for damaging attacks, is used to obtain user credentials from which to start the escalation, and phishing succeeds because of poor hygiene in application and privilege management.
85% of all Critical vulnerabilities documented in the report can be mitigated by removing admin rights *2015 Microsoft Vulnerabilities Report
99.5% of all vulnerabilities reported in Internet Explorer in 2015 could be mitigated by removing admin rights *2015 Microsoft Vulnerabilities Report
86% of reported vulnerabilities come from 3rd party applications. *National Vulnerability Database
In 2015, Microsoft Windows represented the most targeted software platform, with 42 percent of the top 20 discovered exploits directed at Microsoft platforms and applications. *HP
Cyber Risk Report 2016
Malware Monetization and Application Vulnerabilities
The average ransom discovered to date in 2016 stands at US$679, up from $294 in 2015 *ISTR Ransomware & Business, Symantec
Feb 2016, the Hollywood Presbyterian Medical Center(HPMC) paying the attackers’ demand of US$17,000
Missing Patches
• Third Party• MS Office• Adobe• Java
01Dangerous Applications
• Media• Runtimes• Web browsers
02
Misconfigured User Access
• Admin rights• Least Privilege• Password
Management
03
Unprotected Data
• Sensitive Data• Unencrypted• Multiple
Storage
04
Endpoint Security Threats
Patching
• Clear visibility on all endpoints
• Effective Detection
• Automatic Policy Enforcement
• Single Management Console 01
Unhazardous Applications
• Minimize exposure
• Automatic uninstall
• Application Whitelist/Blacklist
• EPC for remote connections02
Proper User Access
• Remove Admin rights
• Determine Least Privilege
• Automate Elevation
• User self-service Portal
03
Data Protection
• Enable Data Encryption
• Automated Scans
• Protect External
Media• Backup and
Recovery
04
Endpoint Security Best Practices
By AppSense
CATCHPATCHMATCH
Strategic Approach & Benefit
MITIGATES AT LEAST
OF TARGETED CYBER INTRUSIONS• National Security Agency, Information Assurance Guidance, www.nsa.gov/ia/mitigation_guidance/• Australian Government Department of Defence, Strategies to Mitigate Targeted Cyber Intrusions,www.asd.gov.au/infosec/mitigationstrategies.htm
PATCHApplications and Operating System
CATCHMalicious software with
a Whitelist
MATCHThe Right People with
the Right Privileges
Introducing…AppSense Endpoint Security
§ Privilege Management§ Application Control with Trusted Ownership™§ Granular Exceptions§ Prescriptive Security Analytics § Automated Patch Management
Regain Control of ApplicationsRegain control of applications running across the business without locking down your users
Use cases – Security and beyond
• Deploy all users as standard users
• Assign privilege to individual applications based on user roles and needs
• Prevent execution of unauthorized applications
Productivity & Security
Control Panel –uninstall program
Task Manager –kill process
Regedit / Command
Action Example Solution
Install Applications
Change Configurations
Remove Patches & Uninstall Software
Defeat Security Tools
control.exeDenied Application:
Denied Application:
cmd.exeregedit.exe
taskmgr.exeDenied Application:
Application Control:
System Level Visibility
System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Intelligence
System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by :Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures
Control
System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by: Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures
Network Access Control - Application TerminationApplication Control - URL Redirection - Rights Management – Self Elevation –
Win Store App Control
Prevent & Awareness
System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by means of Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures
Quarantine Block Warn Dialogue Monitor Educate
Network Access Control - Application TerminationApplication Control - URL Redirection – Privilege Management – Self Elevation –
Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)
Response
System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by: Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures
Quarantine Block Warn Dialogue Monitor Educate
Auditing / Monitoring Advanced Reporting Application Admin Rights Discovery Evidentiary Forensics License Management
Network Access Control - Application TerminationApplication Control - URL Redirection - Rights Management – Self Elevation –Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)
AppSense Endpoint SecurityAllows desktop and InfoSec teams to protect endpoints and enable regulatory compliance without degrading the user experience.
ProtectionIdentify and block unauthorized applications from runningAutomate Microsoft and third-party application patch assessment and deploymentEnforce software licensing and ensure complianceDetect suspicious endpoint behaviour
User Experience & ProductivityManage user privileges and policies at a highly granular levelAllow user self-elevationMonitor admin rights and self-elevation trends
UserSettings
Apps
UserSettings
Apps
UserSettings
Apps
UserSettings
Apps
UserSettings
Apps
Vragen
Citrix Productportfolio• Citrix XenApp• Citrix XenDesktop• Citrix XenServer• Citrix XenClient• NetScaler• NetScaler Gateway• NetScaler CloudBridge• Provisioning Server• XenMobile• Citrix Receiver• ShareFile• GoToMyPC
Een succesvolle werkplektransformatie
Door Jan van Pijkeren, VPProjects
Handreiking voor een succesvolle transitie
Jan van Pijkeren - Projectmanager
Waar begin ik?
Afbeelding: http://www.huffingtonpost.com
BC
Afbeelding: http://hollandrodendaily.org/business-case-template/
De Business Case staat en nu?
Afbeelding: https://nl.wikipedia.org/wiki/Project
Volgens Prince2:
Afbeelding: http://www.bkkc.nl/nieuws/2013-april/maak-een-concreet-plan-van-je-ideeen-voor-de-impul
Wat staat er in?
WaaromWat is het doel?
WatWelk eindproduct ga je maken?
HoeOp welke manier ga je het doen?
WieWelke mensen gaan meedoen?
Welke middelenWelk materiaal, welk materieel?
WanneerWat is het tijdpad van het project?
Een praktijk voorbeeld
Van methodiek naar aanpak
Afbeelding: http://www.projectcartoon.com/about/
Wat kan Pitz voor u betekenen?
Afbeelding: http://www.topchange.nl/opleiding-project-management/
Afsluiting
Onze oplossingen
ICT-Partners helpt u succesvol te zijn met uw ICT. Wij ontwerpen, implementeren en optimaliseren ICT-omgevingen met de nieuwste
technologieën, die bijdragen aan continuïteit, stabiliteit en kostenbesparing.
Bedankt!
ICT-PartnersVosselmanstraat 27311 CL ApeldoornT 055 528 22 22E [email protected]
Hoofdweg 2909765 CN PaterswoldeT 050 364 31 02E [email protected]