Security and Billing for Azure Pack - Cloud Cruiser · Security and Billing for Azure Pack ... Simplify security management for tenants through on/off buttons Firewall, Active Network

© 2015 Cloud Cruiser | www.cloudcruiser.com© 2015 Cloud Cruiser | www.cloudcruiser.com

Presented by 5nine Software and Cloud Cruiser

Security and Billing for Azure Pack

© 2015 Cloud Cruiser | www.cloudcruiser.com

Paul ZinnSenior Product ManagerCloud Cruiser

[email protected]@pzmusician

Symon PerrimanVP of Business Development

5nine Software

[email protected] @SymonPerriman

Meet our Speakers

2


Key Topics for Today

3

● Understanding Windows Azure Pack

● Security & Protection for Windows Azure Pack

● Chargeback & Billing for Windows Azure Pack

● Integrating Solutions for Windows Azure Pack

● Discussion


Understanding Windows Azure Pack

poll #1

© 2015 Cloud Cruiser | www.cloudcruiser.comDevelopment Management DataIdentity Virtualization


Microsoft Azure

Microsoft Azure

IT Admin

Customers

6


Windows Azure Pack - Tenant

Customers

IT Admin

7


Windows Azure Pack - Admin

Customers

IT Admin

8


Windows Azure Pack

Windows Azure Pack

Customers

IT Admin

9


Azure Pack Services

Web Platform application

Services (PaaS)

Infrastructure

Services (IaaS)Reliable

Messaging

Service Management REST API

Virtual Networking

SQL Server & MySQL

Database(DBaaS)

5nine Cloud Security (SECaaS)

Cloud Cruiser

10


Security & Protection forWindows Azure Pack

poll #2


Meet 5nine Software

● Founded in 2009

● Headquartered in Chicago, with staff in an additional 14 regions worldwide, including 9 MVPs

● More than 68,000 Hyper-V users globally, representing companies and datacenters of all sizes

● The #1 leading solutions provider of security & management applications for Hyper-V

● 5nine Cloud Security – Agentless firewall, antivirus, and intrusion detection security

for Hyper-V, System Center and Azure Pack

● 5nine Manager - Integrated Hyper-V and Cluster Management for SMBs

● 5nine V2V Easy Converter - Free VMware to Hyper-V virtual machine migration tool

● Visit www.5nine.com for more info9x .

© 2015 5nine Software Inc. | www.5nine.com12

http://www.5nine.com/cloudsecurity

http://www.5nine.com/manager

http://www.5nine.com/v2vconverter

http://www.5nine.com/


A Suite of Virtualized Security Tools for Hyper-V

● Security designed specificallyfor Hyper-V virtual machines, disks, networks and hosts● Regulation now have requirements for virtualization

● Hackers now know how to exploit virtualization

● Firewall

● Antivirus / Antimalware

● Active Network Detection

● Intrusion Detection

● Standard datacenter securitypractices are still needed● Physical security, BitLocker, VPN, Active Directory, etc.



Automatically & Immediately Protect Everything

● Hosted environments are never secure

● A single security breach can ruin your reputation and business

● Security for virtualized environments is different

● It is impossible to guarantee security

using traditional “endpoint protection”

● Requires installation

● Slows deployment

● Complicates management

● Virtualized environments are dynamic

● Virtual machines

● Virtual disks

● Virtual networks



How 5nine Cloud Security Works



Host-Based Protection for Firewall, AV/AM & IDS



Host-Based Protection for Firewall, AV/AM & IDS



Abstract & Hide Security from Users

● The public is “renting” your hardware

● Remove the burden of security from the tenants

● Manage security for the tenants

● Update signatures for the tenants

● Ensure the tenants cannot disable security

– Accidently

– Purposely with bad intentions

● Centrally manage security

● Cisco Snort

18


Guarantee Isolation & Resource Access

● Isolation and privacy is critical in a cloud

● An admin should not access a tenant’s VM

● A VM cannot affect the host

● A VM cannot affect another VM

● Use Quality of Service (QoS) or throttling for

memory, CPU, network & storage bandwidth

● Avoid Denial of <Resource> attacks



Protect All Virtual Networks

● Traditional security protect traffic between hosts

● Does not protect traffic between VMs on the same host

● Threats can spread if one tenant becomes infected

● Virtual Network Types

● External

● Internal

● Private

Network Security

Appliance



Use a Single Solution for all VMs

● Intercept traffic before it gets to the VM

● Manage traffic at the network protocol level

● TCP, UDP, GRE, ICMP, IGMP, etc.


Hyper-V Guest OS List: aka.ms/HyperVGuestOS

aka.ms/HyperVGuestOS


Use a Single Solution for all VMs

● Intercept traffic before it gets to the VM

● Manage traffic at the network protocol level

● TCP, UDP, GRE, ICMP, IGMP, etc.

Server• Windows Server 2016• Windows Server 2012 R2• Windows Server 2012• Windows Server 2008 R2• Home Server 2011• Small Business Server 2011• Windows Server 2003

tenant• Windows 10• Windows 8.1• Windows 8• Windows 7• Windows Vista• Windows XP

Linux & UNIX• CentOS• Debian• FreeBSD• Oracle Linux• Red Hat RHEL• SUSE• Ubuntu


Hyper-V Guest OS List: aka.ms/HyperVGuestOS

aka.ms/HyperVGuestOS


Active Detection of Incoming Threats

● Immediately identify incoming threats

● Unencrypted traffic

● HTTP (more coming soon)

● Automatically alert admins

● Email

● PowerShell

● Event Logs



Fast AV Scanning with No Performance Impact

● Agent-based scanning causes “scanning storms”

● Decreases VM performance for all tenants

● Reduces VM density on the hosts

● 5nine uses its proprietary

Change Block Tracking (CBT) driver

● Scan only changed

blocks on the disk

● Scan up to 70x faster



Automate Security Task Management

● PowerShell support

● Task scheduling

● Enables scalability

● Ensures consistent SLAs

● Eliminates human error

● For tasks with high resource

utilization, stagger the action

to avoid performance impact



Hyper-V Hosts & Clusters SQL Server

5nine Cloud Security Management Server / VM

Redundant Management Group

SQL Server

SQL Cluster

Branch Office

SQL Server

5nine Sync

5nine Cloud Security Management5nine Console | 5nine PowerShell | Azure Pack Extension | SCVMM

Enterprise High-Availability for Security



Protection from Inbound, Outbound & Internal Threats

Hyper-V Hosts

SQL Server

5nine Cloud Security Management Server / VM

Public Internet

0

10

20

30

40

50

60

70

80

90

100

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Normal Traffic

0

10

20

30

40

50

60

70

80

90

100

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Unusual Traffic



System Center Virtual Machine Manager Plugin

● Centralized virtualization security management through SCVMM

● Full 5nine Cloud Security integration

● Integration with the SCVMM Console, Network Services & Logical Switch

● Free add-on for 5nine Cloud Security



Azure Pack Security as a Service (SECaaS)

● Azure Pack allows you to run Azure IaaS services in your datacenter

● Improved security for your infrastructure and your tenants

● Differentiate & monetize your services by offering “secure VMs”

● Simplify security management for tenants through on/off buttons

● Firewall, Active Network Detection & Intrusion Detection

● Preconfigure firewall templates for different VM roles

● Free add-on for 5nine Cloud Security



Demo: 5nine Cloud Security


How to Acquire 5nine Cloud Security

● www.5nine.com or [email protected]

● Cloud Security: http://www.5nine.com/CloudSecurity

● Licensing options

● Licensed per 2 CPUs

● Flexible pricing based on VM density

● Service provider licenses (per VM / month or per VM / year)

● Includes the Kaspersky Lab or ThreatTrack plus Cisco Snort license

● Sales direct or through resellers, distributors,

partners & solution integrators

31


mailto:[email protected]

http://www.5nine.com/CloudSecurity


Chargeback & Billing forWindows Azure Pack


Meet Cloud Cruiser

● Founded in 2009

● Headquartered in Silicon Valley

● Industry-leading financial management solution for hybrid cloud

● Customers include the largest enterprises and service providers in the world

33


Cloud Cruiser Overview

● Cost analytics for the hybrid cloud

● Single solution to price, bill for cloud usage, and optimize spend

● Broadest scope of collectors

● Most sophisticated cloud analytics

34




● Deep partnership with Microsoft

● First embedded partner solution for Windows Azure Pack

● Plus integrations to Azure public cloud, System Center, Hyper-V

35




● Deep partnership with Microsoft

● Integrations to industry-leading public/private clouds, apps,

databases, and more

36


SINGLE TENANT MULTI TENANT

Azure

HYBRID CLOUD

WAP

Windows Azure Pack (WAP)

Manage usage and costs of WAP resources, such as VMs, website and database instances

$

Azure Azure Public

Manage IT spend across your public cloud assets like compute, storage, data, networking, & apps

$

Financial Management for Microsoft Hybrid Cloud

37

poll #3


Microsoft customer needs

Improve forecasting

Compare costs across clouds

Implement chargeback/billing

Match supply and demand

57%of total surveyed

59%of public cloud users

44%of cloud adopters

47%of cloud adopters

Microsoft Ignite May 2015 Survey Results38


Why is this so hard?

39

Complex pricing required for different services, bundles, promotions, and customers

No consistency across vendor bills and internal spreadsheets –big manual effort

complex financial models

Hard to scale as you acquire more customers

No ability to map consumption to organizational structure (departments, divisions, projects)multiple clients

Diverse cloud offerings plus managed services, such as

security, backups, help desk

Mix of public, private, and traditional IT services

multiple services

service providers enterprises

© 2015 Cloud Cruiser | www.cloudcruiser.com40

Cost Management for Enterprises & Service Providers

EnterpriseService

ProvidersA

NA

LYTI

CS

FOU

ND

ATIO

N

AUTOMATED CHARGEBACK

BUDGETS & ALERTS

DECISION ANALYTICS

TRENDS & FORECASTS

SELF-SERVICE REPORTING

AUTOMATED BILLING

PROFIT ANALYSIS

CUSTOM DASHBOARDS

MULTI-SOURCE COLLECTORS

FLEXIBLE DATA TRANSFORMATION

FLEXIBLE PRICING

COST TRANSPARENCY


Demo: Cloud Cruiser


Integrating Solutions forWindows Azure Pack


Benefits of Adding Cloud Cruiser & 5nine Software

• Completes the Microsoft cloud solution stack with best-in-class IT

financial management and security

• Protects your cloud investment

• Automates security and financial controls which saves money,

time, & risk

• Provides 24x7 visibility into the health of your cloud

• Improves customer satisfaction and trust

• Provides additional revenue opportunities

43

© 2015 5nine Software Inc. | www.5nine.com


Case Study: Monetizing Value-added Services

44

Track and bill for 5nine security products, such as

firewall and intrusion detection


Resources

45

• Cloud Cruiser Product Overview: http://www.cloudcruiser.com/product/

• Cloud Cruiser for Azure Pack: http://www.cloudcruiser.com/partners/microsoft/

• Microsoft Virtual Academy: Cloud Cruiser for Azure

Pack:http://www.cloudcruiser.com/resource/video-microsoft-partner-solutions-

cloud-cruiser-express-for-windows-azure-pack/

• Datasheet: Cloud Cruiser for Windows Azure Packhttp://www.cloudcruiser.com/wp-content/uploads/2013/10/Solution-

Brief_Microsoft-Azure-Pack1.pdf

• Webcast: Microsoft Hybrid Cloud: Best of Both

Worldshttp://www.cloudcruiser.com/resource/webcast-microsoft-hybrid-cloud-best-

both-worlds/

Cloud Cruiser

• 5nine Cloud Security: http://www.5nine.com/CloudSecurity

• 5nine Cloud Security Azure Pack Extension: http://www.5nine.com/5nine-security-for-hyper-v-product.aspx#Azure

• Microsoft Virtual Academy: 5nine Cloud Security

for Azure Pack: https://channel9.msdn.com/Series/Windows-Azure-Pack-Partner-

Solutions/10

• Whitepaper: Challenges of Securing Hosted

Hyper-V Multi-Tenant Environments: http://www.5nine.com/Docs/Brien_Posey_Securing_Hosting_Hyper_Environ

ment.pdf

• Upcoming webinars: www.5nine.com/webinars

5nine Software


http://www.cloudcruiser.com/product/

http://www.cloudcruiser.com/partners/microsoft/

http://www.cloudcruiser.com/resource/video-microsoft-partner-solutions-cloud-cruiser-express-for-windows-azure-pack/

http://www.cloudcruiser.com/wp-content/uploads/2013/10/Solution-Brief_Microsoft-Azure-Pack1.pdf

http://www.cloudcruiser.com/resource/webcast-microsoft-hybrid-cloud-best-both-worlds/

http://www.5nine.com/CloudSecurity

http://www.5nine.com/5nine-security-for-hyper-v-product.aspx#Azure

https://channel9.msdn.com/Series/Windows-Azure-Pack-Partner-Solutions/10

http://www.5nine.com/Docs/Brien_Posey_Securing_Hosting_Hyper_Environment.pdf

http://www.5nine.com/webinars


Thanks for joining us today! Let’s connect!

46

[email protected]

www.5nine.com

@5nine_Software

[email protected]

www.cloudcruiser.com

@CloudCruiserInc


Cloud Cruiser 5nine Software

mailto:info@5ninecom


mailto:[email protected]

http://www.cloudcruiser.com/

Documents

Security and Billing for Azure Pack - Cloud Cruiser · Security and Billing for Azure Pack ... Simplify security management for tenants through on/off buttons Firewall, Active Network