Security and data protection

1 Copyright 2016 FUJITSU

Human Centric Innovation in Action

FujitsuWorld Tour 2016

Security & data protectionWalter De Neve

Security & data protection: in this hyperconnected world how save is your data?


The risks of living in a Digital World

4 BN mobile phones

8 BN people

From 2014 to 2020

Every minute, 19 personshave their identity stolen

639 million

250 million connected cars

220 million connected consumer electronics in 2020

2025: 100% connected 2032: 75% autonomous

12 victims per second impacted by consumer cybercrime

X 500Investments in industry 4.0 to grow by 2020

25 bn connected things in 2020

Today 5bn


What happened in 2015Half a Billion Personal Records Stolen or Lost

55% more Spear-Phishing Campaigns Targeting Employees

35% more Ransomware (e.g. Crypto-lockers)

100 Million Fake Technical Support Scams Blocked

125% more attacks via flaws in browsers and website plugins

Nearly 75 percent of all websites are unpatched and puts us all at risk.

Source: Symantec 2015


Technology in 2016:Poll: which technology will deliver importantBusiness/margin in the year 2016

IoT: 9,06%

Analytics: 9,73%

Cloud: 25,17%

Security: 30,20%

Mobility: 8,72%

Social Business: 2,68%

IaaS, PaaS, SaaS: 14,43%


External & Internal Data-Protection:

DataCoverage

Anti-Virus Anti-Spam Web-filtering

Hacking Crypto lockers Phishing …

DataProtection

Data Integrity Data Backup Data Archive

Data Loss/Theft Los of IP (Int. Prop.) Los of “Brand”/ “Image”

DataCompliance

Regulatory Governance

Firewall Network setup O.S. Security patches

Physical access Removable media Data Access/policies People (int. / ext.) …


SecurityCipher

Firewall

Malware

Mobility

Encryption

Network

WAN Data Value / Access / policy Data out of the Datacenters Physical access Data Loss Prevention Security Information and

Event Management (SIEM)

Data Los - Theft / Data Breaches – by cause:

21% lost laptops and/or copies on other media

15.6% stolen by company employees

14% accident, e.g. accident publishing on a website

12.9% hacking/external attack

11% due to subcontractor (access rights)

It’s more than a Firewall


PalmSecure – secure biometric authentication

Cost

1 The human eye cannot detect palm veins2 A near-infrared sensor detects the vein pattern3 Image processing extracts the vein pattern4 PalmSecure compares the pattern to an encrypted,

pre-registered template


PalmSecure ID Match Platform - Use Cases

Government Border Control Database Management Security

Healthcare Registration Medical Record Access Access Management

Workforce Management Location Access Time Management

Retail Payment Transfer Location Security Loyalty cards

Banking Account Access Fund Transfer Access Management

Entertainment Fitness and SPA Casinos Amusement parks

Aviation Securityaccess control for airport employees


SURIENT: Comprehensive End-to-End Security:

*



DataCoverage



DataProtection



DataCompliance





The value of your data

Time

Value

Medical Information

CRM Information

Billing informationEmail information

Define for each application a clear

“Information Life Cycle Management”


The big picture: internal & external storage

Cloud StorageDASDirect Attached Storage

Local Storage Shared Storage

DX CDJXPY

I. CELVIN: the entry NAS systems 2T up to 24TB

II. PRIMERGY X86-servers delivers more drive-slots (up to 32 slots) for local & software defined storage

III. ETERNUS JX as DAS: JX40 (SAS- 2,5”/3,5”) / JX60 (SAS - 3,5”) for local & software defined storage

IV. ETERNUS DX as scalable “Family concept” with high performance/functionalities/integration

V. ETERNUS CD as scale-out / Cloud-storage based on “Open-Stack”

VI. Flash cards and SSD’s within PRIMERGY & Eternus DX

CELVIN

Local & Software Defined Consolidated

JX40 only As from DX500


On-LineDATA-Protection

Snap

AFA

RAID

Cluster

Encryption

Technology

Mirror

Access Authority Setting for User; RBAC (Role Based Access Control)

Encrypted transmission by SSL/https, SSH Server Keys support

Ensure security by audit logs Data Encryption by Storage

Systems and SED-Disks

Security within Eternus DX

http://www.google.be/url?url=http://imgkid.com/family-icon.shtml&rct=j&frm=1&q=&esrc=s&sa=U&ei=h-AKVePHHM_jaq3GgrAE&ved=0CDEQ9QEwDjgo&sig2=sma8bPvLefPVzq-XH8kN4g&usg=AFQjCNHiFevaXlRAzIo-R30nUxm5nPxsOA


On-LineDATA-Protection

Snap

AFA

RAID

Cluster

Encryption

Technology

Mirror

Data Block Guard Cache Data protected on

NVRam Drive Patrol / Hot-Spare Reverse Connection Supported RAID levels Snap-shot / Replication Fast Recovery for RAID-6 Cluster Setup

Protection within Eternus DX

Topics about On-Line Storage




DataCoverage



DataProtection



DataCompliance





Why data protection is so important!

70% of downtime is planned (backup windows, software patches, hardware changes)

80% of unplanned downtime (30%) goes along with data corruption(virus, Crypto-Lockers, Hacking, wrong patch, administration error, user error, software error)

High Availability helps against 74% of downtimes

For 24% of downtimes data protection (Read backup) is a must

Even for the 76%: If a disaster occurs, high availability only is not good enough

High Availability does not replace data protection.


Each technology has its own place

Backup on Tape Backup ApplianceBackup on Disk

TapeLow cost - High

capacityVaulting mediaAutomated / robot-

systemsMechanical problems ?Streaming ?

DiskSoftware Compr. /

DedupFlexible streamingDirect availableStill expensiveElectricity / Cooling

cost ?

Backup ApplianceOpt. concept /

performance Inside compr. / DedupSimplicity D2D or

D2D2TSPOCOptimized costs / TCO


The big discussion about “RTO – RPO – Retention”

RPOAmount of Lost Data

in time

Business Requirements vs. CostLost Data Cost

Downtime

Cost

Data Availabilit

y Cost

System availability and downtime cost are a key metric for RTO

Data Availability and Lost Data Cost provide a key metric for RPO

Snapshot Recovery Management provides cost-effective recovery

System Availabilit

yCost

Amount of time requiredto resume business

RTO0Time

Costs


COMPREHENSIVE DATA & INFORMATION PLATFORM

Public Cloud Private or Managed Cloud On Premise

Recovery & Protection Cloud & Virtual Information Mgmt Mobile IT Ops & Analytics

HW Snapshot Mgmt

Next Gen Backup

Active ArchiveGovernance & Compliance

Legal eDiscovery

Records Retention

Replication

Deduplication

VM Recovery & Protection

VM Lifecycle

VM Management

Endpoint Protection

File Sync & Share

Endpoint Data Security

IT Ops Reporting

Workflow & Self-Service

Log & File Analytics

Machine Data Analytics

Classification Operations Automation Analytics

Physical

Virtual

Mobile

Private

Hybrid

SaaS

Public M

Public A

Platform Infrastructure Resources

Common Data-Protection Platform

Multi Tenant


Software License form & cost

Agents CPU/Core based Back-End Front End

Perfect for consolidation

All functionalities Flexible …

Simple management All functionalities Flexibility

Traditional Modulair Simple

environments …

Cost efficiency Medium retention

period Flexible…

Windows Linux Unix Oracle SQL .. Total capacity

of On-Line storageBased on numberof CPU’s in totalconfiguration

Total capacity of backup appliance


Off-LineDATA-Protection

Snap

De-Dup

Softw.

Cloud

Encryption

Technology

Retention close integration between HW & SW Tape is pushed out but still a good

media Customers are reducing the retention

period Backup- / Archive -license-cost Customers open to install a dual

vendor policy Applications has major Export

functionalities Cloud (BaaS) becomes an alternative

for a second backup copy On-line storage is reliable with

snapshot and backup integration

Topics about Backup & Archive



Tape Libraries

ETERNUS CS: your Data Protection Platform

Scalability – Flexibility & Cost efficiency Disk-2-Disk & Disk-2-Disk-2-Tape Deep integration with Data Protection SW ETERNUS CS8000-V6.1

Unified Data Protection Appliance Cluster / Media Life Cycle Management Backup / Archive / De-Dup / Worm

ETERNUS CS800-S6 General target De-Dup appliance Optimized Replication & Encryption n-to-n Backup SW-functionality Integration / OST

ETERNUS CS200c-S2 Back-End capacity based Appliance

Powered by CommVault Simpana

*

** *

ETERNUS CS200 / CS800ETERNUS CS8000

* = Project based

+=


PRIMERGY servers incl. partner SW & components

TX1310 TX1330 TX150 TX2540TX2560

1-2

CPU

Sock

ets

4+ C

PU

Sock

ets

Rack Servers

Tower Servers

Scale-out Servers Blade

Servers

RX1330RX2520

RX2530

RX2560

RX2540

RX4770

CX400CX420

BX400BX900

PQ2800B2

PQ2800E2

BS2000TX1320

A comprehensive Data-Center portfolio

JX40/JX60JBOD system

LTTape Storage

ETERNUS CSData Protection

Appliances

Cooperation with storage partners

ETERNUS DXDisk Storage

Software&

Services

CELVIN

ETERNUS CDCloud StorageHyper Scale-

Out

*

http://mediaportal.ts.fujitsu.com/pages/view.php?ref=35781&search=rx2560&order_by=field12&sort=DESC&offset=0&archive=0&k=

http://www.google.com/url?url=http://en.wikipedia.org/wiki/File:DataCore_Logo.jpg&rct=j&frm=1&q=&esrc=s&sa=U&ei=XRzyU9a-J7Sp7Aag6IC4CQ&ved=0CBYQ9QEwAA&usg=AFQjCNFVrrSkY1J1NA8I_7PpbcgSVk41hg


Reference Architectures and Integrated Solutions

Integrated Solution for High Availability

FUJITSU PRIMEFLEXCluster in the BOX

Up to 25/50/100 VM’s

Hypervisor-Converged Storage

FUJITSU PRIMEFLEXVSAN Ready Nodes

Hyper-Converged Integrated System

FUJITSU PRIMEFLEX for VMware

EVO:VSAN – Cx

Up to 16 / 64 x 100 VM’sEVO-SDDC next generation

Reference Architectures for Virtualization

FUJITSU PRIMEFLEXVIRTUALIZATION

vShape

25 - 200 VM’s200 - 800 VDI’s(200 / 2.400 VM’s with vShape-Enterprise)

Private Cloud Reference Architecture

Dynamic Infrastructures for

VMware vCloud

Above 500 VM’s

http://mediaportal.ts.fujitsu.com/pages/view.php?ref=28571&search=!collection3&offset=0&order_by=field12&sort=DESC&archive=0&k=






Solutions from Fujitsu: Benefits

Efficiency High Performance Lower TCONo Risk

High-efficiency performance

High-efficiency power Full monitoring &

man. Integr. Flash as performance

accel. …

Pre-Configured / Installed

Full certified / documented

Single point of contact Single point of

responsibility …

Flexibility Scale up & Scale

out Ready to Run Reference

Architecture …

No large upfront investments

No specialized skillset needed

Optimized Software Licenses

Optimized maint. Cost …


Tailor-made to support your business

Business-Centric Storage

Business-Centric Integrated Systems

Forget about the issues of slow data flows or

unnecessary capacity and find the flexibility to scale

storage to suit ongoing needs.

Help you align your server capabilities with the priorities ofyour business

lines.

Simply and securely enhance or replace IT while continue

to focus on enterprise success instead.

Business-Centric Computing



Let’s go for Action