Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data...

12
Carsten Langerbein, Sr. Systems Engineer

Transcript of Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data...

Page 1: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Carsten Langerbein, Sr. Systems Engineer

Page 2: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

F5 MissionDelivering app-centric services wherever your apps “Go”

PRIVATE CLOUD PUBLIC CLOUD

HYBRID CLOUD

On premises Off premises

ADC FirewallApplication Security

Identity and Access

DDoSProtection

Local LoadBalancing

Application Performance

Secure Web Gateway

Page 3: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

COMPUTE NETWORKING STORAGE

MANUAL ADMINISTRATION

COMPUTE NETWORKING STORAGE

AUTOMATION & ORCHESTRATION SYSTEM

CONTROLLER

TRADITIONAL DATA CENTER PRIVATE CLOUD DATA CENTER

Manual administration of Compute, Networking and Storage

Automation and Orchestration systems driving Compute, Networking and Storage

via Controllers

METERING

Page 4: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

COMPUTE NETWORKING STORAGE

CLOUD AUTOMATION, ORCHESTRATION & MANAGEMENT

Automating & Orchestrating L4-L7 Application Services

Automation and Orchestration systems driving Compute, Networking

and Storage via Controllers

CONTROLLER

Cloud Management & Orchestration ToolsOpenStack, VMWare vRO/vRA, CliQr, Windows Azure Stack, Puppet, Chef, Ansible

SDN ControllersCisco APIC, VMware NSX, Nuage Networks, Contrail

BIG-IP iSeries

(1) (2)

(1) L4-L7 service configuration via SDN controller(2) L4-L7 service configuration via Cloud Mgmt & Orchestration Tools

L4-L7 Application Services

Page 5: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Private Cloud

ADC & Security

Application

Data

Application

Data

ADC & Security AWS Tools

ADC & Security Azure Tools

How about migrating/scaling or adding new apps to a public cloud provider to get the benefits of public cloud : cost, time to market and scale ?

Application

Data

Public Internet

Page 6: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Time to MarketLow initial costs (Pay per use)

Flexible & unlimited capacity growth

• Security: private keys, policy, sensitive data• Storage: cost, data to/from the cloud• Cloud lock-in: policy, data transfer cost• Performance: Higher latency C

ON

S

Private Cloud

ADC & Security

Application

Data

ADC & Security AWS Tools

ADC & Security Azure Tools

Application

Data

PRO

S

New Green App to Azure

Application

Data

Migrate/Scale out Orange App to AWS

Public Internet

Page 7: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

• Security: private keys, policy, sensitive data• Storage: cost, data to/from the cloud• Cloud lock-in: policy, data transfer cost• Performance: Higher latency C

ON

S

ADC & Security AWS Tools

ADC & Security Azure Tools

Unifying your L4-L7 application services and policies across your Private and Public Cloud

deployments (BYOL, Utility Billing)

Private Cloud

ADC & Security

Application

Data

Application

Data

Application

Data

Public Internet

PRO

S

Page 8: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Securing and automating app delivery in public cloud

• F5 Solution for Private–Public Cloud inter-connect• Secure reverse tunnel between Private–Public cloud (SSL keys on BIG-IP in Private Cloud/DC)• Public cloud resources auto-discovered and managed by BIG-IP in Private Cloud/DC

Application Connector

Private Cloud

ADC & Security

App Connector

App Connector

AC

AC

Private keys

Application

Data

Application

Data

Public Internet

Application

Data Secure Reverse Tunnel

Page 9: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

• Security: private keys, sensitive data• Storage: cost, data to/from the cloud• Cloud lock-in: data transfer cost• Performance: Higher latency C

ON

SPrivate keys stored in Private CloudApp front-end via BIG-IP in Private CloudAuto-discovery of Public Cloud resourcesAll resources managed from Private Cloud

Private Cloud

ADC & Security

App Connector

App Connector

AC

AC

Private keys

Application

Data

Application

Data

Public Internet

Application

Data

PRO

S

Secure Reverse Tunnel

Page 10: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Private Cloud

ADC & Security

AC

AC

Application

Storage

ADC & Security

• Security: sensitive data• Storage: cost, data to/from the cloud• Cloud lock-in: data transfer cost• Performance: Higher latency C

ON

SSensitive data securely stored in ColoColo brings app closer to end usersMoving data in/out colo at low cost

Low latency towards all public cloud providers

Application

Data

Application

Data

Application

Data

App Connector

App Connector

Public Internet

Colo Facility

Public CloudXChangePrivate

Interconnect

Extend your Private Cloud into Colo Facility

PRO

S

Secure Reverse Tunnel

Page 11: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Private Cloud

ADC & Security

AC

AC

Application

Storage

ADC & Security

Application

Data

Application

Data

Application

Data

App Connector

App Connector

Public Internet

Colo Facility

Public CloudXChangePrivate

Interconnect

Extend your Private Cloud into Colo Facility

Secure Reverse Tunnel

SilverlineServices

Page 12: Carsten Langerbein, Sr. Systems Engineer€¦ · •Security: private keys, policy, sensitive data • Storage: cost, data to/from the cloud • Cloudlock-in: policy, data transfer

Data Policy: Implementation

Data Policy: Implementation

Drive your Business Growth through Cisco Data Center · IOT Cisco Cloud Apps • Duo • Umbrella • Cloudlock • Tetration SaaS • Stealthwatch Cloud • Cloud Email Security

Drive your Business Growth through Cisco Data Center · IOT Cisco Cloud Apps • Duo • Umbrella • Cloudlock • Tetration SaaS • Stealthwatch Cloud • Cloud Email Security

Data Quality Policy - sunderlandccg.nhs.uk

Data Quality Policy - sunderlandccg.nhs.uk

Data Standards Policy Part 2 Data Entry

Data Standards Policy Part 2 Data Entry

ENVS 355 Data, data, data Models, models, models Policy, policy, policy.

ENVS 355 Data, data, data Models, models, models Policy, policy, policy.

Data Protection Policy and General ... - Cistermiser Keraflo€¦ · Data Protection Policy and General Data Protection Regulations (GDPR) Compliance Data Protection Policy and Procedures

Data Protection Policy and General ... - Cistermiser Keraflo€¦ · Data Protection Policy and General Data Protection Regulations (GDPR) Compliance Data Protection Policy and Procedures

Data Protection Policy and, Data Breach Response

Data Protection Policy and, Data Breach Response

Policy and Data Analysis

Policy and Data Analysis

April 2010 MRC Data Sharing Policy Peter Dukes Policy Lead – Data Sharing & Preservation.

April 2010 MRC Data Sharing Policy Peter Dukes Policy Lead – Data Sharing & Preservation.

Micro-data policy search

Micro-data policy search

Контроль облачных сред с помощью CloudLock

Контроль облачных сред с помощью CloudLock

GINIE Data Policy Workshop

GINIE Data Policy Workshop

Data for policy makers

Data for policy makers

DATA RETENTION POLICY

DATA RETENTION POLICY

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock

NSW Data & Information Custodianship Policy Data and... · NSW Data & Information Custodianship Policy v1.0 Page 4 of 20 1. The NSW Data & Information Custodianship Policy defines

NSW Data & Information Custodianship Policy Data and... · NSW Data & Information Custodianship Policy v1.0 Page 4 of 20 1. The NSW Data & Information Custodianship Policy defines

Data Privacy Policy - dwnld.aws.tecalliance.com

Data Privacy Policy - dwnld.aws.tecalliance.com

Cisco Cloudlock protect your cloud data - BRINEL...Gartner said CASB is essential for all companies *Gartner Research Paper: Mind the SaaS Security Gaps Published: 19th May 2016 CASB

Cisco Cloudlock protect your cloud data - BRINEL...Gartner said CASB is essential for all companies *Gartner Research Paper: Mind the SaaS Security Gaps Published: 19th May 2016 CASB

MRC Data Sharing Policy Peter Dukes Policy Lead – Data Sharing & Preservation

MRC Data Sharing Policy Peter Dukes Policy Lead – Data Sharing & Preservation

Integrated Intrusion Detection Services for z/OS ......signatures IDS policy Service policy Service policy IDS policy IDS signature files IDS event data IDS event data Data is read

Integrated Intrusion Detection Services for z/OS ......signatures IDS policy Service policy Service policy IDS policy IDS signature files IDS event data IDS event data Data is read