SlideShare ist ein Scribd-Unternehmen logo

Ransomware: The Defendable Epidemic

Sagi Brody
Sagi Brody

slides as presented on 11/14/17 @ Blackstone Steakhouse

Technologie
1 von 28
Downloaden Sie, um offline zu lesen
18 Services Ransomware: The Defendable Epidemic
8 Full Cyber & Business Continuity Protection Proactive Reactive Proactive solutions are not enough Vendor neutrality, transparency, and integration is required Working together, true per application & automated Recovery-as-a-Service can emerge What does a real BCDR strategy look like? Threat monitoring & mitigation Disaster Recovery & IT Resiliency Orchestration
3 Production environments are complex. DR Strategy must match. Disaster Recovery is strategy. Consider: ➢ Production workloads ➢ Security ➢ 3rd party services ➢ Hybrid & Multi-cloud ➢ Accountability, ownership, appetite, and recourse for failure ➢ Possibly “All or Nothing” Disaster Recovery is not: ➢ Replication software that you purchase ➢ “Set it and forget it” ➢ Static ➢ About replicating data…
4 Disaster Recovery Ownership Models ➢Customer to Customer (Secondary NOC) ➢Customer to Managed Cloud Provider ➢Customer to IaaS public clouds ➢Managed Cloud Provider with DRaaS ➢IaaS public to IaaS public ➢Hybrid: Colocation + Managed Cloud + Network + More..
17 Business Considerations Ownership & Accountability: ➢ Buy vs Build ➢ Recourse should the solution not work? ➢ Recourse should a data breach occur? ➢ SLAs for RTO/RPO? ➢Provider: Contract/SLA/BAA ➢ Monitoring / Alerting integrations ➢ Who owns failback? ➢ HW/SW - Capex/Opex Testing considerations ➢ “Application Centric” ➢ Runbook per application ➢ Shift testing to application owners, not IT ➢ “Real test” ➢ Preparation time
17 Fully Inclusive Disaster Recovery Considerations HV Replication Data Copy Storage Native Replication Physical Servers non-x86 platforms (IBM i, P, Z) Application based replication Always-on Infrastructure (Authentication & Applications) Network Integration & Consumption - VPN, MPLS, 3rd party, DNS IT Resiliency Orchestration - Data Loss Prevention - Ransomware Recovery
17 ➢ Recovery site integration: ➢ Site-to-Site, Site-to-Client VPN ➢ MPLS / VPLS integration ➢ Point-to-Point, L2 stretch (e-line), L3, possible encryption ➢ SD-WAN ➢ Interconnection Fabric ➢ Internal traffic shift ➢ iBGP/eBGP swing ➢ Internal route injection ➢ DNS ➢ Subnet alignment ➢ Network Overlay via SDP / NAC software ➢ External traffic shift ➢ DNS ➢ Proxy services ➢ BGP swing Full DR - (The Weeds) ➢Cybersecurity considerations ➢ Security at recovery site “as-good” as production? ➢ If not, new attack vector(s) at recovery ➢ Is existing security monitoring inclusive of recovery site? ➢ Is MSSP fully accountable for recovery site? ➢ Any network exposure when failed over? ➢Storage ➢Vendor native replication ➢ NFS/CIFS replication ➢ RDMs / non-VM
25 DRaaS: More than just VM Replication “Bring me your legacy, your insecure, your flat network design…”
17 Match Application Criticality to Solution Tier 0 Applications Tier 1 Applications Tier 2 Applications Tier 3 Applications 48 Hours+ $ 24 Hours $$ 1 Hour $$$ Synchronous $$$$ Common Components (Network, Runbook, Integrations, Accountability, Contract) Recovery Point & Recovery Time Objectives Application Criticality
17 Tier 0 Applications Tier 1 Applications Tier 2 Applications Tier 3 Applications Backups-as-a-Service Disaster-Recovery Lite Disaster-Recovery Ransomware-Recovery Service <-> Criticality Match Application Criticality to Solution Common Components (Network, Runbook, Integrations, Accountability, Contract)
27 Webair BCDR Offerings • Backups-as-a-Service • Backups-as-a-Service to Azure • Disaster-Recovery-as-a-Service • Disaster-Recovery-as-a-Service to Azure • Ransomware-Recovery-as-a-Service • IBM DRaaS Services
27 BCDR Services ➢Backups-as-a-Service ➢ Offsite data / backup requirement ➢ Long term retention requirements, or: ➢ Single copy offsite (in the cloud) ➢ Insurance policy to “spin up” via DR-Lite service ➢ Disaster-as-a-Service ➢ Ability to instantly recovery from Ransomware and issues related to Humans, Applications, Infrastructure ➢ Fully managed failover AND fallback (confidence) ➢ Per Application functionality ➢ Max 30 days of “instant-on” capability ➢ Ransomware-Recovery-as-a-Service ➢ Integration with existing cybersecurity initiatives, software, services ➢ Automated failover based upon intrusion detection ➢ Utilize Replica to improve production environment’s security
17 Offsite Backups Considerations ➢ Local Backups Platform & Support - Vmware, HyperV, Physical Servers, NFS/CIFS ➢Costs Software Storage Frontend/Backend Restores & Data transfer Operations Infrastructure (Always on) ➢ Connectivity Latency - Duration of Backup & Restores Capacity - Acceleration & Synthetics ➢ DIY Infrastructure or Managed Service - Accountability ➢ Number of copies ➢Security Encryption + Dedup, Contracts, BAAs & SLAs Private Connectivity, Air Gapped - “Data center within a data center”
17 Backups-as-a-Service is not Disaster Recovery! ➢ Webair DR-Lite Add-on for BaaS ➢ Ability to spin up backed up VMs on-demand ➢ 15 Minute RPO / 24 hour RTO ➢ Yearly testing ➢ Self Service Portal: Spin up / Shutdown VMs Console VMs & manage networks Download / Restore backups for failback ➢Always-on Networking: Reduces RTO to minutes to on-demand (minutes) Network pre-planning and pre-configuration ➢Cost Metric: Storage only
17 True Disaster-Recovery Considerations ➢ Application consumption (Network) ➢ Failback ➢ Application Consistency ➢ “Managed”assistance? ➢ Multiple Platforms on same LAN ➢ “Managed Testing” ? ➢ Journal and Change Data ➢ On-Demand testing & access ➢ Infrastructure Performance ➢ Utilization of Replica ➢ Security - SLA / BAA / MSA / Encryption ➢ Cost Metrics - Per server, storage, data transfer, operations, infrastructure, declaration of DR, failback, network..
17 ➢ True DRaaS gets us: ➢ Per Application Failover/Failback ➢ Network Consumption Automation ➢ “Rewind” Ability via journal ➢ Use of replica environment ➢ Confidence to use it ➢ API & Automation ➢Still needed.. ➢Security at Recovery site must be as good as production: ➢ Ownership from 1 security firm ➢ Same SIEM, firewalls, tools, procedures ➢ DDoS Monitoring & Mitigation ➢ Reduce security event exposure ➢ Non-intrusive to production DRaaS for Automated Ransomware-Recovery
17 Ransomware Recovery Considerations Webair Ransomware Recovery-as-a-Service
25 Hybrid Configurations ➢ Utilize existing hardware, licenses ➢ Shift legal/security ownership where needed ➢ Reduce demands on internal teams ➢ Take advantage of partner experience ➢ Shared runbook responsibilities ➢ “Future-proof” investment - mix/match later as needed ➢ “Hardware appliance and management as a service”
17 DRaaS: It’s really about the network..
17 ➢Network topology a blocker to DR strategy? ➢ Leapfrog the network and overlay.. ➢ Utilize NAC (Network Access Control) or SDP tools to shift traffic per endpoint ➢ SDP: Software Defined Permiter ➢ “Zero Trust” model - endpoint software locks down all traffic ➢ All traffic is routed through Gateway ➢ Gateway enforces network security ➢“Tag” users, applications, device types, locations ➢ Build global security policies via single pane of glass for entire organization ➢ Think of a specific tunnel being built to per use-case / flow ➢ Global visibility into user & application consumption ➢ API / Automation available Shifting traffic: A better way
17 ➢ Cool. What’s that have to do with DR? ➢ “Shift” application traffic from location A —> B via software defined policies ➢ Physical network agnostic ➢ Future proof - Network, locations, clouds can all change ➢ Part of automated runbook, APIs ➢ Alignment issues, network topology issues go away ➢ Security solution - May be part of larger organization security ➢Requirements ➢ Organization must adopt the solution ➢ DR Solution or DRaaS provider must support it (Webair does!! :) ) ➢ Internal traffic only - Doesn’t help with internet facing applications Shifting Traffic: A better way
2 Enterprise Private Cloud Enterprise Public Cloud Disaster Recovery-as-a-Service Hybrid Colocation Backups-as-a-Service Full Stack Management Cloud Storage Hyperscale Network Connectivity
25 Fully managed web apps & cloud infrastructure Business Continuity & Disaster Recovery Our History: Down the Stack
Webair maintains a global network of state-of-the-art data center facilities that offer top-tier Colocation solutions featuring modular power options, superior architecture and access to DDoS-protected bandwidth, as well as superior connectivity to a multitude of leading carriers. Hong Kong 9 Hong Kong Data Center Locations
Tier 3 rated, SOC1, SOC2, CJIS, HIPAA, PCI-DSS, NYS DFS 500, Open-IX Compliance 400 Cabinet / 8MW Capacity 3 Generators / 7+ days fuel runtime AWS, Azure, Google on-premises DDoS monitoring and mitigation on-premises Eco-system of managed services on-premises Tax-Exempt and Hydro-Electric “green” power allocation from NYPA Outside 25 mile NYC “blast zone” with Manhattan Bypass fiber routes BCDR seats on-premises LIRR train station on-premises 10 Webair NY1
Hybrid Colocation 10 ➢Coloation is not about space and power ➢ Ecosystem of managed services behind the firewall ➢ Mix & match based on risk, capex/opex, platform changes ➢ Revenue Portability - Phased approach to cloud & future proof
20 Dedicated Private Cloud ➢Completely dedicated and physically segmented hypervisors and networking ➢Direct vCenter access to manage cloud environment ➢VMware Orchestrator configured to allow for API-based automation and control ➢Connect cluster to on-premises vCenter, allowing for seamless workload moves ➢Options for physically dedicated SAN storage ➢Connect to customer networks via MPLS, direct connectivity & cross-connects, bypassing the internet ➢Customize hardware on request ➢Higher levels of encryption available ➢Ability to customize hypervisors and versions Enterprise Virtual Private Cloud (E-VPC) ➢Dedicated resource pool with ability to burst ➢Compliance reporting of compute configuration ➢Historical and real-time resource utilization ➢Console access ➢Ability to create custom templates Public & Private Compliance Cloud & Storage
13 On premise vs Public cloud: A better way Webair Direct Access Cloud Erate Eligible

Empfohlen

Automated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionAutomated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionSagi Brody
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmwareAnton An
 
F5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureF5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureDSorensenCPR
 
Big Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsBig Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsSteven_Jackson
 
DNS Security (DNSSEC) With BIG-IP Global Traffic Manager
DNS Security (DNSSEC) With BIG-IP Global Traffic ManagerDNS Security (DNSSEC) With BIG-IP Global Traffic Manager
DNS Security (DNSSEC) With BIG-IP Global Traffic ManagerDSorensenCPR
 
F5 DNS Solution for CSPs
F5 DNS Solution for CSPsF5 DNS Solution for CSPs
F5 DNS Solution for CSPsF5 Networks
 
CloudFounders_CloudStart-2015
CloudFounders_CloudStart-2015CloudFounders_CloudStart-2015
CloudFounders_CloudStart-2015Ambarish Pawar ?
 
Intelligent DNS Scale
Intelligent DNS ScaleIntelligent DNS Scale
Intelligent DNS ScalePeter Silva
 

Empfohlen

Automated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionAutomated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionSagi Brody
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmwareAnton An
 
F5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureF5 and Infoblox deliver complete secured DNS infrastructure
F5 and Infoblox deliver complete secured DNS infrastructureDSorensenCPR
 
Big Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsBig Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsSteven_Jackson
 
DNS Security (DNSSEC) With BIG-IP Global Traffic Manager
DNS Security (DNSSEC) With BIG-IP Global Traffic ManagerDNS Security (DNSSEC) With BIG-IP Global Traffic Manager
DNS Security (DNSSEC) With BIG-IP Global Traffic ManagerDSorensenCPR
 
F5 DNS Solution for CSPs
F5 DNS Solution for CSPsF5 DNS Solution for CSPs
F5 DNS Solution for CSPsF5 Networks
 
CloudFounders_CloudStart-2015
CloudFounders_CloudStart-2015CloudFounders_CloudStart-2015
CloudFounders_CloudStart-2015Ambarish Pawar ?
 
Intelligent DNS Scale
Intelligent DNS ScaleIntelligent DNS Scale
Intelligent DNS ScalePeter Silva
 
F5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks
 
Top 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes SenseTop 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes SenseF5 Networks
 
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...Maichino Sepede
 
F5 beyond load balancer (nov 2009)
F5 beyond load balancer (nov 2009)F5 beyond load balancer (nov 2009)
F5 beyond load balancer (nov 2009)Information Technology
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Cisco Canada
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...solarisyourep
 
Disaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsDisaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsOVHcloud
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Get more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPGet more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPF5NetworksAPJ
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 
Cloud computing
Cloud computingCloud computing
Cloud computingRohith Shankar
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPROIDEA
 
Optimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using CloudflareOptimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using CloudflareMeghan Weinreich
 
VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story VMworld
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesWinston Morton
 
F5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKSF5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKSMarco Essomba
 
Wp ipam infoblox
Wp ipam infobloxWp ipam infoblox
Wp ipam infobloxislamet
 
An Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm SolutionAn Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm SolutionPT Datacomm Diangraha
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 

Weitere ähnliche Inhalte

Was ist angesagt?

F5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks
 
Top 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes SenseTop 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes SenseF5 Networks
 
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...Maichino Sepede
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Cisco Canada
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...solarisyourep
 
Disaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsDisaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsOVHcloud
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Get more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPGet more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPF5NetworksAPJ
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationPCCW GLOBAL
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPROIDEA
 
Optimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using CloudflareOptimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using CloudflareMeghan Weinreich
 
VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story VMworld
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesWinston Morton
 
F5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKSF5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKSMarco Essomba
 
Wp ipam infoblox
Wp ipam infobloxWp ipam infoblox
Wp ipam infobloxislamet
 

Was ist angesagt? (20)

F5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS ScaleF5 Networks Intelligent DNS Scale
F5 Networks Intelligent DNS Scale
 
Top 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes SenseTop 10 Reasons Why F5 Makes Sense
Top 10 Reasons Why F5 Makes Sense
 
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
VxRail Appliance - Modernize your infrastructure and accelerate IT transforma...
 
F5 beyond load balancer (nov 2009)
F5 beyond load balancer (nov 2009)F5 beyond load balancer (nov 2009)
F5 beyond load balancer (nov 2009)
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
 
Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?Thinking about SDN and whether it is the right approach for your organization?
Thinking about SDN and whether it is the right approach for your organization?
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...
 
Disaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsDisaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacements
 
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview VMworld 2013: VMware Compliance Reference Architecture Framework Overview
VMworld 2013: VMware Compliance Reference Architecture Framework Overview
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
 
Get more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IPGet more versatile and scalable protection with F5 BIG-IP
Get more versatile and scalable protection with F5 BIG-IP
 
BIG IP F5 GTM Presentation
BIG IP F5 GTM PresentationBIG IP F5 GTM Presentation
BIG IP F5 GTM Presentation
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
 
Optimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using CloudflareOptimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
Optimizing Speed & Security of Oracle Commerce Sites Using Cloudflare
 
VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story VMworld 2013: SDDC is Here and Now: A Success Story
VMworld 2013: SDDC is Here and Now: A Success Story
 
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud ServicesZoura Subscribed 2013 LinkBermuda Metered Cloud Services
Zoura Subscribed 2013 LinkBermuda Metered Cloud Services
 
F5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKSF5 GTM HEALTH CHECKS
F5 GTM HEALTH CHECKS
 
Wp ipam infoblox
Wp ipam infobloxWp ipam infoblox
Wp ipam infoblox
 

Ähnlich wie Ransomware: The Defendable Epidemic

An Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm SolutionAn Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm SolutionPT Datacomm Diangraha
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesAngel Villar Garea
 
Secure SDN
Secure SDNSecure SDN
Secure SDNAPNIC
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptA
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloudVan Pham
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloudsree raj
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingRevathi Ram
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptA
 
Virtualize Application Security Today - Hardware is No Longer Needed.pptx
Virtualize Application Security Today - Hardware is No Longer Needed.pptx Virtualize Application Security Today - Hardware is No Longer Needed.pptx
Virtualize Application Security Today - Hardware is No Longer Needed.pptxAvi Networks
 
VMware: my jsme “software defined”
VMware: my jsme “software defined”VMware: my jsme “software defined”
VMware: my jsme “software defined”MarketingArrowECS_CZ
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraRogerChaucaZea
 

Ähnlich wie Ransomware: The Defendable Epidemic (20)

An Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm SolutionAn Easy Way to Adopt Hybrid Cloud, Datacomm Solution
An Easy Way to Adopt Hybrid Cloud, Datacomm Solution
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
cloud computng
cloud computng cloud computng
cloud computng
 
cloud computing
cloud computingcloud computing
cloud computing
 
Secure SDN
Secure SDNSecure SDN
Secure SDN
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloud
 
Cloud
CloudCloud
Cloud
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud
CloudCloud
Cloud
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloud
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloud
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloud
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Lect15 cloud
Lect15 cloudLect15 cloud
Lect15 cloud
 
Virtualize Application Security Today - Hardware is No Longer Needed.pptx
Virtualize Application Security Today - Hardware is No Longer Needed.pptx Virtualize Application Security Today - Hardware is No Longer Needed.pptx
Virtualize Application Security Today - Hardware is No Longer Needed.pptx
 
VMware: my jsme “software defined”
VMware: my jsme “software defined”VMware: my jsme “software defined”
VMware: my jsme “software defined”
 
Cloud introduction
Cloud introductionCloud introduction
Cloud introduction
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 

Mehr von Sagi Brody

Ransomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceRansomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceSagi Brody
 
Combating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationCombating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationSagi Brody
 
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Sagi Brody
 
Pulling Back the Cloud Curtain
Pulling Back the Cloud CurtainPulling Back the Cloud Curtain
Pulling Back the Cloud CurtainSagi Brody
 
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologyWhy Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologySagi Brody
 
Multi-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesMulti-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesSagi Brody
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineSagi Brody
 
Managing Remote Operation Teams
Managing Remote Operation TeamsManaging Remote Operation Teams
Managing Remote Operation TeamsSagi Brody
 
TroubleShooting as a Service
TroubleShooting as a ServiceTroubleShooting as a Service
TroubleShooting as a ServiceSagi Brody
 

Mehr von Sagi Brody (9)

Ransomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-ServiceRansomware-Recovery-as-a-Service
Ransomware-Recovery-as-a-Service
 
Combating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationCombating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and Automation
 
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
 
Pulling Back the Cloud Curtain
Pulling Back the Cloud CurtainPulling Back the Cloud Curtain
Pulling Back the Cloud Curtain
 
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologyWhy Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container Technology
 
Multi-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesMulti-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation Strategies
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
 
Managing Remote Operation Teams
Managing Remote Operation TeamsManaging Remote Operation Teams
Managing Remote Operation Teams
 
TroubleShooting as a Service
TroubleShooting as a ServiceTroubleShooting as a Service
TroubleShooting as a Service
 

Kürzlich hochgeladen

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Kürzlich hochgeladen (20)

Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Ransomware: The Defendable Epidemic

  • 2. 8 Full Cyber & Business Continuity Protection Proactive Reactive Proactive solutions are not enough Vendor neutrality, transparency, and integration is required Working together, true per application & automated Recovery-as-a-Service can emerge What does a real BCDR strategy look like? Threat monitoring & mitigation Disaster Recovery & IT Resiliency Orchestration
  • 3. 3 Production environments are complex. DR Strategy must match. Disaster Recovery is strategy. Consider: ➢ Production workloads ➢ Security ➢ 3rd party services ➢ Hybrid & Multi-cloud ➢ Accountability, ownership, appetite, and recourse for failure ➢ Possibly “All or Nothing” Disaster Recovery is not: ➢ Replication software that you purchase ➢ “Set it and forget it” ➢ Static ➢ About replicating data…
  • 4. 4 Disaster Recovery Ownership Models ➢Customer to Customer (Secondary NOC) ➢Customer to Managed Cloud Provider ➢Customer to IaaS public clouds ➢Managed Cloud Provider with DRaaS ➢IaaS public to IaaS public ➢Hybrid: Colocation + Managed Cloud + Network + More..
  • 5. 17 Business Considerations Ownership & Accountability: ➢ Buy vs Build ➢ Recourse should the solution not work? ➢ Recourse should a data breach occur? ➢ SLAs for RTO/RPO? ➢Provider: Contract/SLA/BAA ➢ Monitoring / Alerting integrations ➢ Who owns failback? ➢ HW/SW - Capex/Opex Testing considerations ➢ “Application Centric” ➢ Runbook per application ➢ Shift testing to application owners, not IT ➢ “Real test” ➢ Preparation time
  • 6. 17 Fully Inclusive Disaster Recovery Considerations HV Replication Data Copy Storage Native Replication Physical Servers non-x86 platforms (IBM i, P, Z) Application based replication Always-on Infrastructure (Authentication & Applications) Network Integration & Consumption - VPN, MPLS, 3rd party, DNS IT Resiliency Orchestration - Data Loss Prevention - Ransomware Recovery
  • 7. 17 ➢ Recovery site integration: ➢ Site-to-Site, Site-to-Client VPN ➢ MPLS / VPLS integration ➢ Point-to-Point, L2 stretch (e-line), L3, possible encryption ➢ SD-WAN ➢ Interconnection Fabric ➢ Internal traffic shift ➢ iBGP/eBGP swing ➢ Internal route injection ➢ DNS ➢ Subnet alignment ➢ Network Overlay via SDP / NAC software ➢ External traffic shift ➢ DNS ➢ Proxy services ➢ BGP swing Full DR - (The Weeds) ➢Cybersecurity considerations ➢ Security at recovery site “as-good” as production? ➢ If not, new attack vector(s) at recovery ➢ Is existing security monitoring inclusive of recovery site? ➢ Is MSSP fully accountable for recovery site? ➢ Any network exposure when failed over? ➢Storage ➢Vendor native replication ➢ NFS/CIFS replication ➢ RDMs / non-VM
  • 8. 25 DRaaS: More than just VM Replication “Bring me your legacy, your insecure, your flat network design…”
  • 9. 17 Match Application Criticality to Solution Tier 0 Applications Tier 1 Applications Tier 2 Applications Tier 3 Applications 48 Hours+ $ 24 Hours $$ 1 Hour $$$ Synchronous $$$$ Common Components (Network, Runbook, Integrations, Accountability, Contract) Recovery Point & Recovery Time Objectives Application Criticality
  • 10. 17 Tier 0 Applications Tier 1 Applications Tier 2 Applications Tier 3 Applications Backups-as-a-Service Disaster-Recovery Lite Disaster-Recovery Ransomware-Recovery Service <-> Criticality Match Application Criticality to Solution Common Components (Network, Runbook, Integrations, Accountability, Contract)
  • 11. 27 Webair BCDR Offerings • Backups-as-a-Service • Backups-as-a-Service to Azure • Disaster-Recovery-as-a-Service • Disaster-Recovery-as-a-Service to Azure • Ransomware-Recovery-as-a-Service • IBM DRaaS Services
  • 12. 27 BCDR Services ➢Backups-as-a-Service ➢ Offsite data / backup requirement ➢ Long term retention requirements, or: ➢ Single copy offsite (in the cloud) ➢ Insurance policy to “spin up” via DR-Lite service ➢ Disaster-as-a-Service ➢ Ability to instantly recovery from Ransomware and issues related to Humans, Applications, Infrastructure ➢ Fully managed failover AND fallback (confidence) ➢ Per Application functionality ➢ Max 30 days of “instant-on” capability ➢ Ransomware-Recovery-as-a-Service ➢ Integration with existing cybersecurity initiatives, software, services ➢ Automated failover based upon intrusion detection ➢ Utilize Replica to improve production environment’s security
  • 13. 17 Offsite Backups Considerations ➢ Local Backups Platform & Support - Vmware, HyperV, Physical Servers, NFS/CIFS ➢Costs Software Storage Frontend/Backend Restores & Data transfer Operations Infrastructure (Always on) ➢ Connectivity Latency - Duration of Backup & Restores Capacity - Acceleration & Synthetics ➢ DIY Infrastructure or Managed Service - Accountability ➢ Number of copies ➢Security Encryption + Dedup, Contracts, BAAs & SLAs Private Connectivity, Air Gapped - “Data center within a data center”
  • 14. 17 Backups-as-a-Service is not Disaster Recovery! ➢ Webair DR-Lite Add-on for BaaS ➢ Ability to spin up backed up VMs on-demand ➢ 15 Minute RPO / 24 hour RTO ➢ Yearly testing ➢ Self Service Portal: Spin up / Shutdown VMs Console VMs & manage networks Download / Restore backups for failback ➢Always-on Networking: Reduces RTO to minutes to on-demand (minutes) Network pre-planning and pre-configuration ➢Cost Metric: Storage only
  • 15. 17 True Disaster-Recovery Considerations ➢ Application consumption (Network) ➢ Failback ➢ Application Consistency ➢ “Managed”assistance? ➢ Multiple Platforms on same LAN ➢ “Managed Testing” ? ➢ Journal and Change Data ➢ On-Demand testing & access ➢ Infrastructure Performance ➢ Utilization of Replica ➢ Security - SLA / BAA / MSA / Encryption ➢ Cost Metrics - Per server, storage, data transfer, operations, infrastructure, declaration of DR, failback, network..
  • 16. 17 ➢ True DRaaS gets us: ➢ Per Application Failover/Failback ➢ Network Consumption Automation ➢ “Rewind” Ability via journal ➢ Use of replica environment ➢ Confidence to use it ➢ API & Automation ➢Still needed.. ➢Security at Recovery site must be as good as production: ➢ Ownership from 1 security firm ➢ Same SIEM, firewalls, tools, procedures ➢ DDoS Monitoring & Mitigation ➢ Reduce security event exposure ➢ Non-intrusive to production DRaaS for Automated Ransomware-Recovery
  • 17. 17 Ransomware Recovery Considerations Webair Ransomware Recovery-as-a-Service
  • 18. 25 Hybrid Configurations ➢ Utilize existing hardware, licenses ➢ Shift legal/security ownership where needed ➢ Reduce demands on internal teams ➢ Take advantage of partner experience ➢ Shared runbook responsibilities ➢ “Future-proof” investment - mix/match later as needed ➢ “Hardware appliance and management as a service”
  • 19. 17 DRaaS: It’s really about the network..
  • 20. 17 ➢Network topology a blocker to DR strategy? ➢ Leapfrog the network and overlay.. ➢ Utilize NAC (Network Access Control) or SDP tools to shift traffic per endpoint ➢ SDP: Software Defined Permiter ➢ “Zero Trust” model - endpoint software locks down all traffic ➢ All traffic is routed through Gateway ➢ Gateway enforces network security ➢“Tag” users, applications, device types, locations ➢ Build global security policies via single pane of glass for entire organization ➢ Think of a specific tunnel being built to per use-case / flow ➢ Global visibility into user & application consumption ➢ API / Automation available Shifting traffic: A better way
  • 21. 17 ➢ Cool. What’s that have to do with DR? ➢ “Shift” application traffic from location A —> B via software defined policies ➢ Physical network agnostic ➢ Future proof - Network, locations, clouds can all change ➢ Part of automated runbook, APIs ➢ Alignment issues, network topology issues go away ➢ Security solution - May be part of larger organization security ➢Requirements ➢ Organization must adopt the solution ➢ DR Solution or DRaaS provider must support it (Webair does!! :) ) ➢ Internal traffic only - Doesn’t help with internet facing applications Shifting Traffic: A better way
  • 22. 2 Enterprise Private Cloud Enterprise Public Cloud Disaster Recovery-as-a-Service Hybrid Colocation Backups-as-a-Service Full Stack Management Cloud Storage Hyperscale Network Connectivity
  • 23. 25 Fully managed web apps & cloud infrastructure Business Continuity & Disaster Recovery Our History: Down the Stack
  • 24. Webair maintains a global network of state-of-the-art data center facilities that offer top-tier Colocation solutions featuring modular power options, superior architecture and access to DDoS-protected bandwidth, as well as superior connectivity to a multitude of leading carriers. Hong Kong 9 Hong Kong Data Center Locations
  • 25. Tier 3 rated, SOC1, SOC2, CJIS, HIPAA, PCI-DSS, NYS DFS 500, Open-IX Compliance 400 Cabinet / 8MW Capacity 3 Generators / 7+ days fuel runtime AWS, Azure, Google on-premises DDoS monitoring and mitigation on-premises Eco-system of managed services on-premises Tax-Exempt and Hydro-Electric “green” power allocation from NYPA Outside 25 mile NYC “blast zone” with Manhattan Bypass fiber routes BCDR seats on-premises LIRR train station on-premises 10 Webair NY1
  • 26. Hybrid Colocation 10 ➢Coloation is not about space and power ➢ Ecosystem of managed services behind the firewall ➢ Mix & match based on risk, capex/opex, platform changes ➢ Revenue Portability - Phased approach to cloud & future proof
  • 27. 20 Dedicated Private Cloud ➢Completely dedicated and physically segmented hypervisors and networking ➢Direct vCenter access to manage cloud environment ➢VMware Orchestrator configured to allow for API-based automation and control ➢Connect cluster to on-premises vCenter, allowing for seamless workload moves ➢Options for physically dedicated SAN storage ➢Connect to customer networks via MPLS, direct connectivity & cross-connects, bypassing the internet ➢Customize hardware on request ➢Higher levels of encryption available ➢Ability to customize hypervisors and versions Enterprise Virtual Private Cloud (E-VPC) ➢Dedicated resource pool with ability to burst ➢Compliance reporting of compute configuration ➢Historical and real-time resource utilization ➢Console access ➢Ability to create custom templates Public & Private Compliance Cloud & Storage
  • 28. 13 On premise vs Public cloud: A better way Webair Direct Access Cloud Erate Eligible