Cloud computing provides on-demand services that are always available from any location for a pay-per-use model. There are three main service models: Infrastructure as a Service (IaaS) which provides basic infrastructure; Platform as a Service (PaaS) which provides infrastructure and platform/middleware; and Software as a Service (SaaS) which provides infrastructure, platform and software applications. Hybrid cloud is a model that uses both public cloud services hosted off-premise by a provider and private clouds hosted on-premise. Micro-segmentation provides security at the virtual machine level using tools like VMware NSX to enforce individual firewall policies for each VM.

1. Cloud and Security(Frederik Aouizerats, IBM Pre Sales Cloud Architect: faouizerats@fr.ibmcom)

2. Agenda
• What is Cloud Computing
– Service Models
– Deployment Model
• Cloud Security
– What is Hybrid Cloud?
– Micro Segmentation
– Usecases

3. 3
What Is Cloud Computing?
The Cloud provides:
• On demand services, that are always
available, anywhere, anytime from
any place for everyone.
• Pay per use, elastic and rapid time
– scale up and down in capacity and
functionalities
• Hardware and software services
available to
– general public, enterprises, corporations
and businesses markets

4. 4
Service Models
Infrastructure-as-a-Service
(IaaS)
• A service model that involves
outsourcing the basic infrastructure used
to support operations--including storage,
hardware, servers and networking
components.
• The service provider owns the
infrastructure equipment and is
responsible for housing, running, and
maintaining it. The customer typically
pays on a per-use basis.
• The customer consumes
Infrastructrues ressources.

5. 5
Service Models
Platform-as-a-Service (PaaS)
• A service model that involves outsourcing
the basic infrastructure and platform
(Middleware)
• PaaS facilitates deploying applications
without the cost and complexity of buying
and managing the underlying hardware
and software where the applications are
hosted.
• The customer consume Middlewares.

6. 6
Service Models
Software-as-a-Service (SaaS)
• Also referred to as “software on
demand,” this service model
involves outsourcing the
infrastructure, platform, and
software/applications.
• Typically, these services are
available to the customer for a fee,
pay-as-you-go, or a no charge
model.
• The customer consumes
applications over the internet or
over an other network.

7. Cloud Service Models Samples
Software as a
Service (SaaS)
Platform as a
Service (PaaS)
Infrastructure as a
Service (IaaS)
Adopted from: Effectively and Securely Using the Cloud Computing Paradigm by peter Mell, Tim
Grance

8. Deployment models: Public vs Private Cloud Private Cloud
Important:
• On Premise Cloud is always Private.
• Off Premise Cloud can be Public or Private is it’s hosted by a Cloud provider

9. What is Hybrid Cloud?
Off Premise Off Premise

10. 10
VMware Vision: NSX Everywhere
(NSX is the VMWare “Software Defined Network Solution”)
Managing security and connectivity for many heterogeneous end points
Private Cloud (Off Premise)
End users
On-premises data center
Public Cloud (Off Premise)

11. Micro Segmentation: Security at Virtual Machines level with Vmware
NSX
Micro-segmentation

12. Our security realities
• How to protect at Virtual Machine Layer
INTERNET
NETWORK PERIMETER
Low priority systems are
often targeted first.
Attackers can move freely
around the data center.
Attackers then gather and
exfiltrate the valuable data.
MICRO-SEGMENTATION

13. What if you could…
• Enforce security at the most granular level of the data center?
Every VM can have:
Individual security policies
Individual firewallsINTERNET
NETWORK PERIMETER
MICRO-SEGMENTATION

14. What if you could…
• Maintain that level of consistent security across an entire
application
MICRO-SEGMENTATION
Modern apps today are distributed in nature
WEB DB
Security needs
to reach beyond
an individual VM
Each VM is typically part of a larger application

15. USECASES: Hybrid Cloud Usecase typical example
On-premises data center

16. Thanks
• Questions?