Building Blocks for a Migration to a Secure Cloud€¦ · Let’s resume … Lift & Shift Migrate &...

Kappa Data 2020 - all rights reserved ©

Building Blocks for a Migration to a Secure Cloud

Koert MartensDirector of Technology

[email protected]


Building Blocksfor a Migration to a Secure Cloud


Migration is of all Times

It’s not the strongest of the species that survives,

nor the most intelligent. It is the one that is most

adaptable to change”

Charles Darwin ®

Evolution must not feel like

Revolution


shocking

Evolution must not feel like

Revolution

but …adapting to the ”next new thing”

can be quite ….


shocking technology

Making the right

Business Decisions

N° 1 Competitive Unique


Business Decisions

Hype vs TrendVisibility

Time

Peak of inflated expectations

Plateau of Productivity

Slope of Enlightenment

Trough of Disillusionment

Technology Trigger

Gartner Hype Cycle


Business Decisions

Learning Curve

Demo

Small tests

FirstProjects Expert

Veteran


Business Decisions

Team up with

–Vendor

–Value Add Distributor

–3rd Parties

–Alliances


not only technologydrives changes

Everything, Everyone, Everywhere

Time to market is key

OPEX instead of CAPEX

More for less

Mobility

demands & requirements

Evolving expectations


History repeats itself

“History repeats itself,

first as tragedy,

second as farce”

Karl Marx®

From Mainframe Centralized Compute

to Distributed Compute and Back Again-ish

(or at least hybrid ;-)


Same Same but different

“The lamps are different,

but the light is the same”

Jalaluddin Rumi®

Still another means

to achieve the same goal


Achieving the same goal

From Physical to Virtual

over Private Cloud

to Public Cloud


migrateAnywhere to Anywhere


migrateWhat you expect

–Minimise Downtime (instant cut-over)

–Minimise Risk (testing is key prior to cut-over)

–Minimise Complexity (use 1 tool)

–Maximise Predictability (strict planning)

–Minimise Cost (automation)


what tools are you using?


We present you


Platespin Migration

– Migration tool: anywhere to anywhere

– Planning tool with automation

– Initial copy & incremental replication

– Up to 32 revisions on a single target

– Zero service downtime during replication

– Integrate testing moments

– Minimal service downtime during cutover

– Failsafe / Rollback


Lift & ShiftNew Challenges for your Hybrid Environment

Connectivity

Security


Connectingin a Hybridworld

AD

C

ADAPT

BANDW

MP

LS

SD-WAN

WAN

OPT

VPN

TIN

A

DY

NA

MIC

ME

SH

$$


Cloud Load Balancing

Balance the Workload

L4/L7



GEO Balance the Workload



GEO Failover

Disaster Recovery


This is


LoadMaster

–Intelligent LoadBalancing (L4 & L7)–resource based / least connections / response times / …

–Application based / Content based / …

–GEO based Load Balancing

–Security features

Application Delivery


What is the Most Critical part of your Network?


Most Critical

http://blogs.gartner.com/andrew-lerner/2016/05/01/sd-wan-turns-2/


What is theMost Expensive part

of your Network?


WAN Cost

http://blogs.gartner.com/andrew-lerner/2016/05/01/sd-wan-turns-2/


MPLS and/or VPN infrastructure

Traditional WAN does not scale!

Servers and Apps are

moved to the Cloud

IaaSSaaSLocal installed Apps are

moved to the Cloud

Internet

FW


WAN architecture for the Hybrid!

MPLS and/or VPN infrastructure



Centralized

Management

CC


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r

Express Route

MPLS

Expensive – No QoS

No visibility (App / Users)


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r

Internet


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r

Internet

VPN


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r

Internet

VPN

Express Route


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r VPN

Internet

Internet


Connecting yourIaaS

We

b T

ier

Ap

p T

ier

Da

tab

ase

Tie

r VPN

Internet

Internet

FW


We present you


NextGen-F Firewall

–Physical / Virtual / Cloud Firewall

–Centralized Management (Control Center)

–TINA VPN

–Dynamic / Full Mesh VPN

–Visibility (Users / Applications)

–Quality of Service


Can I Really go WithoutMPLS?


And use Internet For myBackbone?


SD-WANThe new Trend

« The emergence of public cloud computing has rederedtraditional enterprise WAN architectures to be suboptimal, from a price and performance perspective »

« SD-WAN is a new approach to support branch office connectivityin a simplified and cost-effective manner ».


SD-WANThe new Trend

… SD-WAN is the optimum replacement for MPSL …


SD-WAN Key Components

Lightweight replacement of traditionalWAN routers to terminate carriers

(MPLS / LTE / Internet / …)1http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/



Load sharing traffic across multiple VPN / WAN Connections, dynamically, basedon policies & application requirements2

http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/



Easy management, configuration and orchestrations of WANs3

http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/



Provides Secure VPN and integratesadditional network services

(Firewall / WAN Optimization / …)4http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/


Meet your

NextGen-F Cloud-

Enabled SD-WAN

Firewall


1 Replacement for WAN Router

PUBLIC CLOUDVIRTUALPHYSICAL

Small – F18 (1.0 Gbps)

Enterprise (40 Gbps)

Optional 3G / 4G

Integrated ADSL


2 Dynamic Load Sharing on Multi VPN

TINA VPN - 1 tunnel on multiple WANs Simultaneous

Become immune to bandwidth fluctuations (VOIP & VIDEO)

Dynamic Bandwidth & Latency Detection (v7.1)

Adaptive QoSBandwidth first

Latency first


3 Easy Management & VPN Orchestration

Control Center – Enterprise Centralized Management

Distributed Policies & Configurations

Graphic VPN design – Simple Dynamic / Full Mesh VPN setup

Zero Touch Deployment – Easy and Fast Rollout in Dispersed Networks


4 Additional Features besides VPN

NextGen Firewall – Users & Applications for Control & Visibility

Email & Web Security

Advanced Malware Protection – Barracuda ATP with Sandboxing

WAN Optimization


Securing theCloud


Public Cloud Security

Azure / Amazon / Google

are responsible of the Cloud

You are responsible in the Cloud

Data

Application


TAKE OWNERSHIP


NextGen-F Firewall

–Intrusion Detection & Prevention

–DDoS & GEO Security

–Malware Protection

–Advanced Threat Protection

–Botnet & Spyware Protection

–Web & Email Security

–Application Control

–User Identity Awareness


Sandboxing by itselfis not efficient


Barracuda Advanced Threat Protection

Advanced Threat Signatures

Behavioral & Heuristic Analysis

Static Code Analysis

CPU Emulation-Based Sandboxing


ADVANCED THREAT

PROTECTION

Barracuda Advanced Threat Protection

Accept / Allow File

Deny / Reject File


A FIREWALL IS


LoadMaster

SSL Security (certificate)

Caching

Offloading

Reverse Proxy

WAF


Make your Web Application Secure

–WAF is Underrated

–OWASP top 10

Where Infrastructure meetsWeb Developers


Web Application Firewall

Take a LoadBalancer ADC

Focus on Web Traffic

Accelerate traffic

Add Identity & Access Management

Add Dedicated Web Security Features


Vulnerability Scanner

Scan your Customer’s website

Receive detailed Report

Inform the Customer

Sell WAF


Barracuda Automates Web Security

Recurring Scan

Scan your WAF protected

Website on a regular

basis from Barracuda

Cloud Service

MitigateWAF

Vulnerability Overview

Risk Report

Set Active or Passive Mitigation

Auto-Fixable

Reporting


Let’s resume …

Lift & Shift

Migrate & Planning

Anything to Anything

Cloud Enabled

SD-WAN

Firewall

Central Management

LoadBalancer ADC

GEO & Failover

Multi-Application

Incl. WAF

Dedicated WAF

High-End Security

Vulnerability Scan

Auto Mitigation


THANKYOU

Together Strong in a changing world

#KappaData2020

Building Blocks for a Migration to a Secure Cloud€¦ · Let’s resume … Lift & Shift Migrate &...

Documents

Transcript of Building Blocks for a Migration to a Secure Cloud€¦ · Let’s resume … Lift & Shift Migrate &...