Today we’re going to discuss and review how EMC technologies and solutions can help transform your environment and Accelerate the Journey to your Cloud
We all know that cloud, among many other things, disrupts ITMainly because of the dramatic benefits it can deliver to an organization, in both, cost and efficiency
But, How do we achieve these Cost and Efficiency gains?More than 75% of the 600 IT professionals…During recent CIO Global Cloud Computing adoption survey…Listed Business Agility as their driving force for cloud computing initiatives in their company.When we drilled further into these numbers… we saw a lot of interest around Enabling Hybrid Cloud deployments.Specifically in the areas of: * On-board * Cloud burstSo, Driving business agility across enterprise… IS THE WAY to achieving these Cost and Efficiency gains.
BIOS needs TXT, TPM, VT-d, and VT are correctly enabled in the BIOS setup.
Slide: Intel® Trusted Execution TechnologyIntel TXT is not new technology—it has been available on Intel vPro-branded clients for years. But it is now available for servers—and the use models there are quite compellingIntel® TXT helps prevent software-based attacks on areas that are relatively unprotected today, such asAttempts to insert non-trusted VMM (rootkit hypervisor) Reset attacks designed to compromise platform secrets in memoryBIOS and firmware update attacksLooking at it another way, Intel® TXT enforces control through measurement, memory locking and sealing secrets—essentially isolating the launch time environment. As such, it works cooperatively with Intel® Virtualization Technology (Intel® VT)A TXT-enabled system requires all of the listed components- processor, chipset, TPM, enabled BIOS and enabled Hypervisor (VMM) or Operating system. Without ALL of these components, a trusted launch is not possibleIntel® TXT is providing hardware-based protections in the processor, chipset and 3rd party Trusted Platform Modules (TPMs) that can better resist software attacks, making platforms more robust This helps lower support costs, but also provides higher value capabilities such as enhanced control of workloads via security policy and reporting into security compliance dashboards—we’ll get into that in a moment. First we should review how it works in a more structured manner
As we just discussed, Intel TXT provides high value by enabling trust in the platform—verifying launch time components and enforcing “known good” configurations of the critical software that will control the platformOnce platform trust is established, it gives you a valuable control point for managing and better protecting critical workloads.The three key use models are:Trusted launch – which is the basic verification of platform integrity, with lower risk from critical system malware and reducing support costs and data breach risksThen we have 2 new use models that have even added benefits for virtual and cloud use modelsTrusted pools – aggregation of multiple trusted systems and enabling platform trust status as a data point for security applications to enforce control of workload assignment – such as restricting sensitive VMs to only run on trusted systemsCompliance Support – using TXT hardware capabilities to establish and verify adherence to data protection and control standards—allowing hardware-based reporting of platform trust locally and remotely. This provides new visibility into their data protection capabilitiesWith these, we’ve really extended Intel’s leadership into server security
Slide: Intel® TXT: How it WorksThe first step for TXT is to provision the system—basically establish what the administrator expects as the “known good” configuration of the launch environment. The hashes of this “known good” environment are stored and protected in the TPM. This gives us the basis of our verification, which we can do from power onAt power on we can measure the BIOS and then the Hypervisor and compare these hashed measurements against the “known good” values from the TPMIf there is a mismatch, the environment has been tampered with and the administrator can define policies for enforcement locally and report into virtual, cloud or systems management infrastructure. If the environment matches, then the platform can be said to be in a trusted state, and management tools can expose this for higher level data management useFrom there, Security applications such as Security Incident and Event Managers (SIEM), data management tools and Governance, Risk and Compliance (GRC) consoles can use platfrom trust status to control workloads, supply audit, and so forth. We’ll see this when we look at the popular Intel TXT use models on the next page
Leveraging VMware vCloud Director you can …<Click> <Click>Virtualize common network services such as NAT and DHCP<Click> <Click>Protect individual VMs with vShield Endpoint and offloaded anti-virus<Click> <Click>Leverage vShield App to protect the applications with multi-VM trust zones<Click> <Click>And finally vShield Edge protects the virtual data centers with port-level stateful firewall functionality
With EMC FAST VP, EMC has enhanced its FAST technology to be more automated with sub-LUN tiering and to support file as well as block. This feature works at the storage pool level, below the LUN abstraction. Where earlier versions of FAST VP operated above the LUN level, FAST VP now analyzes data patterns at a far more granular level. As an example, rather than move an 800 GB LUN to Flash drives, FAST VP now identifies and monitors the entire storage pool in 1 GB chunks. As data becomes active, then FAST VP automatically moves only these “hot” chunks to a higher tier like Flash. As data cools, FAST VP also correctly identifies which chunks to migrate to lower tiers and proactively moves them. With such granular tiering, it is now possible to reduce storage acquisition costs while at the same time improve performance and response time. And because FAST VP is fully automated and policy-driven, there is no manual intervention required to make this happen, so you save on operating costs as well.
Today we’re going to discuss and review how EMC technologies and solutions can help transform your environment and Accelerate the Journey to your Cloud
