Building Blocks for a Migration to a Secure Cloud€¦ · Let’s resume … Lift & Shift Migrate &...

transcript

Building Blocks for a Migration to a Secure Cloud

Koert MartensDirector of Technology

koert.martens@kappadata.be

Building Blocksfor a Migration to a Secure Cloud

Migration is of all Times

It’s not the strongest of the species that survives,

nor the most intelligent. It is the one that is most

adaptable to change”

Charles Darwin ®

Evolution must not feel like

Revolution

shocking

Evolution must not feel like

Revolution

but …adapting to the ”next new thing”

can be quite ….

shocking technology

Making the right

Business Decisions

N° 1 Competitive Unique

Business Decisions

Hype vs TrendVisibility

Peak of inflated expectations

Plateau of Productivity

Slope of Enlightenment

Trough of Disillusionment

Technology Trigger

Gartner Hype Cycle

Business Decisions

Learning Curve

Small tests

FirstProjects Expert

Veteran

Business Decisions

Team up with

–Vendor

–Value Add Distributor

–3rd Parties

–Alliances

not only technologydrives changes

Everything, Everyone, Everywhere

Time to market is key

OPEX instead of CAPEX

More for less

Mobility

demands & requirements

Evolving expectations

History repeats itself

“History repeats itself,

first as tragedy,

second as farce”

Karl Marx®

From Mainframe Centralized Compute

to Distributed Compute and Back Again-ish

(or at least hybrid ;-)

Same Same but different

“The lamps are different,

but the light is the same”

Jalaluddin Rumi®

Still another means

to achieve the same goal

Achieving the same goal

From Physical to Virtual

over Private Cloud

to Public Cloud

migrateAnywhere to Anywhere

migrateWhat you expect

–Minimise Downtime (instant cut-over)

–Minimise Risk (testing is key prior to cut-over)

–Minimise Complexity (use 1 tool)

–Maximise Predictability (strict planning)

–Minimise Cost (automation)

what tools are you using?

We present you

Platespin Migration

– Migration tool: anywhere to anywhere

– Planning tool with automation

– Initial copy & incremental replication

– Up to 32 revisions on a single target

– Zero service downtime during replication

– Integrate testing moments

– Minimal service downtime during cutover

– Failsafe / Rollback

Lift & ShiftNew Challenges for your Hybrid Environment

Connectivity

Security

Connectingin a Hybridworld

SD-WAN

Cloud Load Balancing

Balance the Workload

GEO Balance the Workload

GEO Failover

Disaster Recovery

This is

LoadMaster

–Intelligent LoadBalancing (L4 & L7)–resource based / least connections / response times / …

–Application based / Content based / …

–GEO based Load Balancing

–Security features

Application Delivery

What is the Most Critical part of your Network?

Most Critical

http://blogs.gartner.com/andrew-lerner/2016/05/01/sd-wan-turns-2/

What is theMost Expensive part

of your Network?

WAN Cost

http://blogs.gartner.com/andrew-lerner/2016/05/01/sd-wan-turns-2/

MPLS and/or VPN infrastructure

Traditional WAN does not scale!

Servers and Apps are

moved to the Cloud

IaaSSaaSLocal installed Apps are

moved to the Cloud

Internet

WAN architecture for the Hybrid!

MPLS and/or VPN infrastructure

Centralized

Management

Connecting yourIaaS

Express Route

Expensive – No QoS

No visibility (App / Users)

Connecting yourIaaS

Internet

Connecting yourIaaS

Internet

Connecting yourIaaS

Internet

Express Route

Connecting yourIaaS

Internet

Connecting yourIaaS

Internet

We present you

NextGen-F Firewall

–Physical / Virtual / Cloud Firewall

–Centralized Management (Control Center)

–TINA VPN

–Dynamic / Full Mesh VPN

–Visibility (Users / Applications)

–Quality of Service

Can I Really go WithoutMPLS?

And use Internet For myBackbone?

SD-WANThe new Trend

« The emergence of public cloud computing has rederedtraditional enterprise WAN architectures to be suboptimal, from a price and performance perspective »

« SD-WAN is a new approach to support branch office connectivityin a simplified and cost-effective manner ».

SD-WANThe new Trend

… SD-WAN is the optimum replacement for MPSL …

SD-WAN Key Components

Lightweight replacement of traditionalWAN routers to terminate carriers

(MPLS / LTE / Internet / …)1http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/

Load sharing traffic across multiple VPN / WAN Connections, dynamically, basedon policies & application requirements2

http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/

Easy management, configuration and orchestrations of WANs3

http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/

Provides Secure VPN and integratesadditional network services

(Firewall / WAN Optimization / …)4http://blogs.gartner.com/andrew-lerner/2015/07/07/sdwan/

Meet your

NextGen-F Cloud-

Enabled SD-WAN

Firewall

1 Replacement for WAN Router

PUBLIC CLOUDVIRTUALPHYSICAL

Small – F18 (1.0 Gbps)

Enterprise (40 Gbps)

Optional 3G / 4G

Integrated ADSL

2 Dynamic Load Sharing on Multi VPN

TINA VPN - 1 tunnel on multiple WANs Simultaneous

Become immune to bandwidth fluctuations (VOIP & VIDEO)

Dynamic Bandwidth & Latency Detection (v7.1)

Adaptive QoSBandwidth first

Latency first

3 Easy Management & VPN Orchestration

Control Center – Enterprise Centralized Management

Distributed Policies & Configurations

Graphic VPN design – Simple Dynamic / Full Mesh VPN setup

Zero Touch Deployment – Easy and Fast Rollout in Dispersed Networks

4 Additional Features besides VPN

NextGen Firewall – Users & Applications for Control & Visibility

Email & Web Security

Advanced Malware Protection – Barracuda ATP with Sandboxing

WAN Optimization

Securing theCloud

FIREWALL

SECURITY IS NOT A SHAREDRESPONSIBILITY

Public Cloud Security

Azure / Amazon / Google

are responsible of the Cloud

You are responsible in the Cloud

Application

TAKE OWNERSHIP

NextGen-F Firewall

–Intrusion Detection & Prevention

–DDoS & GEO Security

–Malware Protection

–Advanced Threat Protection

–Botnet & Spyware Protection

–Web & Email Security

–Application Control

–User Identity Awareness

Sandboxing by itselfis not efficient

Barracuda Advanced Threat Protection

Advanced Threat Signatures

Behavioral & Heuristic Analysis

Static Code Analysis

CPU Emulation-Based Sandboxing

ADVANCED THREAT

PROTECTION

Barracuda Advanced Threat Protection

Accept / Allow File

Deny / Reject File

A FIREWALL IS

LoadMaster

SSL Security (certificate)

Caching

Offloading

Reverse Proxy

Make your Web Application Secure

–WAF is Underrated

–OWASP top 10

Where Infrastructure meetsWeb Developers

Web Application Firewall

Take a LoadBalancer ADC

Focus on Web Traffic

Accelerate traffic

Add Identity & Access Management

Add Dedicated Web Security Features

Vulnerability Scanner

Scan your Customer’s website

Receive detailed Report

Inform the Customer

Sell WAF

Barracuda Automates Web Security

Recurring Scan

Scan your WAF protected

Website on a regular

basis from Barracuda

Cloud Service

MitigateWAF

Vulnerability Overview

Risk Report

Set Active or Passive Mitigation

Auto-Fixable

Reporting

Let’s resume …

Lift & Shift

Migrate & Planning

Anything to Anything

Cloud Enabled

SD-WAN

Firewall

Central Management

LoadBalancer ADC

GEO & Failover

Multi-Application

Incl. WAF

Dedicated WAF

High-End Security

Vulnerability Scan

Auto Mitigation

THANKYOU

Together Strong in a changing world

#KappaData2020

Building Blocks for a Migration to a Secure Cloud€¦ · Let’s resume … Lift & Shift Migrate &...

Documents