APAC Big Data &
Cloud Summit 2013
Greg Brown
VP and CTO: Cloud and Internet of Things
McAfee – An Intel Company
August 20, 2013
15 billion connected devices2
>1500 exabytes of cloud
data traffic1
>3 billion connected users1
1400 exabytes of data
stored/processed via clouds3
Growth Drives Need to Adopt Cloud Computing
2
1. Cisco Global Cloud Index Nov 2011
2. Intel ECG “Worldwide Device Estimates Year 2020 - Intel One Smart Network Work” forecast
3. IDC “Extracting Value from Chaos” June 2011 http://www.emc.com/digital_universe.
Public
Cloud
Private
Cloud Hybrid Cloud (Public + Private)
35% by 20155 Today: 7%
2014: 23%
Today: 14%
2014: 42%
Why Cloud? An Intel IT example
Agility: Provision new resources
90 days 15 minutes
Efficiency: Asset utilization
10% >60%
Cost Savings:
$9M savings in last 2 years
IT Survey Results
>40% of IT operations4 >40% of IT operations4
By 2015
4. ODCA global member survey, Oct 2011, N=63
5. Gartner, Dec 2010, N=55 The Road Map From Virtualization to Cloud Computing (G00210845)
Security is Top Barrier to Cloud Adoption
3
Avoid putting workloads with
compliance mandates in cloud1
57% Lack of visibility inhibiting
private cloud adoption1
61% Lack of control over data key concern for
public cloud adoption1
55%
Behind firewall
Highly controlled
Mature security tools
HR
Mfg
Traditional Data Center
Multi-tenant, shared
Virtualized
Auditing difficult
Private/Public Cloud
User & Intelligent Devices
Ensure right people access right data
Protect against new types of malware
Email, web traffic at risk
Potential data loss
Networks
1. source: McCann “what’s holding the cloud back?” cloud security global IT survey, sponsored by Intel, May 2012
IT Pro survey of key concerns:
The Cloud Drives New Security Needs
4
Challenges
Reduced physical control, visibility
Increased multi-tenancy
Reduced effectiveness/efficiency of existing security toolbox
Increased attack surface
Traditional Data Center Virtualized and Private
Cloud Data Center Public Cloud Data Center
IT Security Policy
Mf.
HR
Mfg
VMM
Sales
Mfg
HR Company
C
Company
B
Company
A
Public Cloud
Data Center
COMPANY A COMPANY B COMPANY C
Virtualized & Private
Cloud Data Center
New Security for a Virtual Cloud World
5
VMM
Sales
HR
MFG
Company
C
Company
B
Company
A
Learn more about how Intel® TXT and
McAfee ePO security solutions work
together.
Secure Cloud Data Centers
Infrastructure & data protection, audit/compliance
Common Security Standards & Broad Industry Collaboration
Secure the Devices
Identity, device integrity &
data protection
2 1
3
4
Foundation of Client to Cloud Security
6
Cloud Security Mission: Worry-Free Cloud Computing In next 4 years, make cloud security equal to or better than traditional best in class enterprise security
Hardware-enhanced security + software & services key to achieve mission
Public/Private Clouds (Servers, Network, Storage)
User & Intelligent
Devices
Secure the Connections Apps, data, traffic
Private
Public
McAfee Strategy – Customer Value Proposition
7
Elastic and Efficient Security across the Infrastructure
(compute, storage and network)
Protect Sensitive Data where-ever it goes
(Physical, Virtual and Cloud, SaaS or IaaS)
Centralized and Simplified Security Management in
dynamic datacenter environments
Create Trust by attesting to the security posture of the
workload in the cloud
McAfee Strategy – Customer Value Proposition
8
Elastic and Efficient Security across the Infrastructure
(compute, storage and network)
Discover
all your workloads and provide complete
security visibility
Secure
each workload with the desired policies
on-premise and off-premise
Grow
your infrastructure into the cloud with
automatic provisioning of security policies
Know what and where all the
workloads are
Protect workloads and ensure
compliance
Extend workloads securely into the
cloud
Protect The Appropriate Security for a Workload
9
S e r v e r s
Protect Boot Attestation in the ePO Tree
10
Intel Trusted Execution Technology (TXT) provides Boot Attestation
Boot your hypervisor from a “trusted” image
• Determine trust worthiness of the hypervisor boot using Intel TXT by
validating the Firmware/BIOS and the VMM image that booted
• Display the boot trust status in ePolicy Orchestrator
• Create policies based on this status – e.g. create a “secure VM” policy
that alerts the ePO administrator if a critical VM is running on an
untrusted hypervisor
Grow AWS Data Center Connector
August 21, 2013 11
1. Choose the Cloud Provider
to connect with
2. Name your connection and
enter cloud credentials
3. Monitor/manage
security of your
cloud workloads
from ePO
Grow with confidence
• Discover and secure cloud machines
automatically through the AWS Data
Center Connector
• Dynamically update new instances as
you scale up and discard old ones as
you scale down
• Auto-populate or manually enter the
cloud machine location/provider in
ePO tags
• Ensure an identical security posture
between your on-premise and cloud-
based workloads