Hybrid Infrastructure Integration v1

Preview:

Citation preview

Our journey today

VPCVPNBackup & archive Storage

expansion

Common workloads in hybrid infrastructure

What is hybrid infrastructure?

Connectivity

Integrated

AWS Direct Connect

Authentication

Enterprise integration

FederationOperations monitoring

Start

On-premise resources

Data center

Cloud services

Cloud infrastructure

Workload Migration

and integration

Enterprise

management tools

Access/authentication

control integration

Connectivity

VPC subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

VirtualGateway

https://aws.amazon.com/vpc/faqs/#C9

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/

VPC_VPN.html

Corporate data center

Users

Data center router

Servers

Internet

IPSec VPN

http://aws.amazon.com/directconnect/

Corporate data center

Users

VPC subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

Data center router

Customer router

Servers

AWS Direct Connectlocation

AWS Direct Connect routers

VirtualGateway

VPC Subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

http://aws.amazon.com/directconnect/

Corporate data center

Users

Data center router

Customer Router

Servers

IPSec VPN

AWS Direct Connectlocation

AWS Direct Connect routers

VirtualGateway

http://aws.amazon.com/microsoft/whitepapers/ad-reference-

architecture/

Active Directory Replication

Corporate data center

Users

AD.Domain

Servers

Domain controller

Domain controller

VPC subnet

Availability Zone

Security group

VirtualGateway

Domain controller

VPC subnet

Availability Zone

Security groupType Port Number

TCP54, 88, 135, 137, 139, 389, 445, 464, 636, 3268, 3269, 5722, 49152-65535

UDP53,67,123, 138, 389, 445, 464, 2535, 5355, 49152-65535

Replication

http://aws.amazon.com/directoryservice/

AWS Directory ServiceConnect

Corporate data center

Users

AD.Domain

Servers

Domain controller

VPC subnet

Availability Zone

Security group

VirtualGateway

VPC subnet

Availability Zone

Security group

AWS federation/account governance

Financial users, controllers SOC/AuditorsGlobal AWS admin

Billing account

Software development

Non-prodaccount #1

Production account #1

User managementaccount

Security / Auditaccount

Non-prodaccount. #2

App ownersDevOps teams

Security/auditProductionDev/test/sandboxFinancial

Consolidated Billing, Billing Alerts

Read-only access for all accounts

Operations Monitoring

VPC subnet

Availability Zone

Security group

VPC subnet

Availability Zone

Security group

VirtualGateway

Corporate data center

Users

Data center router

UpdateServers

Connectivity

CloudTrail

CloudWatch

SIEMAggregator

Corporate data center

Amazon Simple Storage Service

Amazon Glacier

Applicationserver

Virtualserver

Fileserver

Databaseserver

Backupsystem

AWS Storage Gateway

iSCSI

Symantec Net Backup

Veeam Backup & Replication

Cloud ONTAP Secure Cloud-

Integrated Backup

AWS Marketplace Partners

Corporate data center

Amazon Simple Storage Service

Applicationserver

Virtualserver

Fileserver

Databaseserver

Storageappliance

AWS Storage Gateway

iSCSI

Cloud ONTAP Secure Cloud-

Integrated Backup

Panzura Global NAS

TwinStrata CloudArray

AWS Marketplace Partners

Recommended