Visibility in the Cloud

  • View

  • Download

Embed Size (px)


  1. 1. Visibility In The Cloud
    20th-October, IPExpo London
    Paul Reeve
    Channel Sales and Business Development
  2. 2. Wait, Ive seen this before somewhere
  3. 3. Time Shared Computing
  4. 4. Time Sharing Computing
  5. 5. The Underlying Economics of Cloud Computing
    Has less to do with
    Computing Power
    But more to do with
    Ubiquitous broadband access to the Internet
    Low cost of wide area networks
  6. 6. Cloud Computing is about moving seams and changing the nature of the seams
    Before Cloud Computing, a seam defined two distinct computing platforms but both werecontrolled by the organization.
    Our Big Computers
    Our Little Computers
    Seams require security and monitoring.Security and monitoring starts with visibility.
  7. 7. New Seams
    Old seams were based on
    computing platforms within an
    New seams are based on
    applications between different enterprises
    Seams still require visibility
  8. 8. The need is for application-based visibility
  9. 9. And so emerged the SLA
    Question:How do you know if the SLA is being delivered?
    Answer:Visibility at the seams
  10. 10. Cloud Service Provider
    - Must know that service is delivered securely as promised
    - Only way to know is to establish data capture infrastructure at the seam
    Service Provider
    Data Capture Infrastructure
    Data Capture Infrastructure
    - Must know that service is delivered securely as promised
    - Only way to know is to establish data capture infrastructure at the seam
  11. 11. What is Data Capture Infrastructure?
    Why is it important?
  12. 12. Question:What Happens If Face Recognition Software Is Served By A Substandard Camera?
    Expensive, Sophisticated Software is
    Datacom Systems Inc. Confidential
  13. 13. Analysis Starts with Proper Data Capture

    Rich Schultz/Associated Press
    Flights Out of Newark Airport Halted for Possible Security Breach
    Passengers waited after a security breach shut down a terminal at the Newark Liberty International Airport on Sunday.
    Published: January 3, 2010
    Newark Airport's Security Cameras Were Broken
    Airport Owns the Cameras but Says the TSA is Supposed to Report Them Broken
    By AARON KATERSKYJan. 5, 2010
    Port Authority installs camera alarms at Newark airport after security breach
    ByMike Frassinelli/The Star-Ledger
    February 25, 2010, 4:00PM
    Unfortunately, the importance of data capture is realized after an event
  14. 14. The Same is True in Networking
    We tend to be fascinated with and focus on the analysis software.
    but overlook the importance of the data capture infrastructure that feeds the analysis software
  15. 15. Optimal Network Analysis is .
    A division of labor between hardware and software
    The best security is always a combination of hardware and software.
    Paul Otellini, CEO Intel
    20-Sept. Wall Street Journal,
    comment on combining Intel hardware with McAfee software
  16. 16. How Data is Captured for Analysis
    The actual data is not captured but rather copied by either:
    1.A general-purpose network element
    or a
    2.A purpose-built network element
    Span Port from a Router
    SPAN stands for switch port analyzer
    TAP stands for test access port
  17. 17. Data Capture is first about getting a 100% reliable copy of the data.
    Data Capture Infrastructure will perform a combination of these three functions:
    Data from multiple links aggregated for one tool to analyze
    Data from a single link is regenerated for multiple tools
    Data is reduced to the essential packets for specialized analysis
  18. 18. Data Capture Infrastructure Works in Tandem with Analysis Tools
    Analysis Tool
    Analysis Tool
    Analysis Tool
    Data Capture Infrastructure
    Foundation for Network Security
    Aggregation and Filtering
    Production Network Traffic
    Data Capture Infrastructure not only copies the traffic but prepares the copied traffic for more efficient performance by the analysis tools
  19. 19. SPAN vs. TAP
    A TAP can be placed closer to the seam between the enterprise and the cloud service provider
    • Easily mis-configured
    • 20. Consumes a port and CPU
    • 21. Dropped if the router is stressed
    • 22. Not scalable
    • 23. VLAN tags stripped out
    • 24. Corrupt packets are dropped
    • 25. True picture of the traffic including layer 1 and 2
    • 26. Permanent port that doesnt affect traffic
    • 27. Visibility into full duplex links
    • 28. Every packet delivered in order
    • 29. Scalable through regeneration and multiple ports
    • 30. VLAN tags and corrupt packets captured
  20. Data Capture Infrastructure
    Should be placed at the seam between the enterprise and cloud service provider
    Is the most reliable way to confirm SLA compliance
    Requires planning as with any other network deployment
    Increases the efficiency of analysis tools
  21. 31. Thank You
    Paul Reeve
    GCH Test & Computer Services Ltd
    Stand 832