IBM Power Systems
Security Considerations for Cloud Deployment
Jeff Uehling, IBM i Network & Security Development uehling@us.ibm.com IBM - Rochester, MN
© 2010 IBM Corporation IBM Power Systems
What is Cloud Computing?
Is Cloud Computing really a new concept?
© 2010 IBM Corporation IBM Power Systems What is Cloud Computing? … An IT consumption and delivery model
Cloud computing is a consumption and delivery model inspired by consumer Internet service and is optimized for IT / Business Services
Cloud enables : – User self-service – Outsourcing options – Dynamic scalability
Multiple types of clouds will coexist: – Private – Deployed Inside a customer’s firewall – Public – Provided and managed by a 3 rd party via subscription An effective cloud deployment is built on a – Hybrid – a mix of Public and Private dynamic Infrastructure and should be part of models based on Workload an overall Data Center transformation plan
© 2010 IBM Corporation IBM Power Systems Clouds enable a broad spectrum of deployment options
© 2010© 2010IBM CorporationIBM Corporation IBM Power Systems Cloud Differentiators… There are Many!
Time to Deploy a Server Weeks or Months Seconds to Minutes
Commitment to use Service Negotiate & Commit Year-long Contract Select from Catalog & Pay As You Go
Necessary Upfront Investment $ $K-$M in Infrastructure → $$ per IT hour No or Low Upfront → ¢ per IT hour
© 2010 IBM Corporation IBM Power Systems IT Benefits from Cloud Computing are Real…
Results from IBM cloud computing engagements
Increasing Test provisioning Weeks Minutes speed and flexibility Change management Months Days/hours
Release management Weeks Minutes
Service access Administered Self-service
Standardization Complex Reuse/share
Metering/billing Fixed cost Variable cost
Reducing Server/storage utilization 10–20% 70–90% costs Payback period Years Months
Source: Based on IBM and client experience.
© 2010 IBM Corporation IBM Power Systems
Cloud technologies can offer operational expense reductions and improved service at all layers
Agents End Users Support Community People Crowdsourcing Services
Retail Banking Trade & SC Finance Payments Mobile Banking Front Office Optimization
Business Services
Customer Care Payments Int. Risk Mgmt. Industry Frameworks & Information Foundation Application
Services End User Interaces Service/Software B2BPartnerships Mashup Server Catalogs Open Foundation (WS Framework, Service Bus)
Platform Fulfillment Assurance Billing Services
Experience Service Cloud Business & Operations Support Management. Dynamic Provisioning Process & Policy Mgmt. Problem & Change Mgmt. Distributed Cloud Computing Services Infrastructure Services Data Mgmt. Virtualization Workload Mgmt SLA & Capacity Provisioning Security Monitoring
© 2010 IBM Corporation IBM Power Systems Cloud: because the majority of IT cost is in people, Cloud Computing is becoming popular at the higher layers
MBPS (eHR, LBPS, etc.) Live Mesh ‘People’ Services
Business Services Live BCRS Application Services ISS
Platform Services
Service Cloud Layers Cloud Service ISSC/SO
Infrastructure Services
2000 2006 2009 Static, dedicated, outsourced Network-delivered, off-premises Shared, automated, dynamic
© 2010 IBM Corporation IBM Power Systems
What Cloud Services are available today?
Hundreds… Thousands… growing by the day!
© 2010 IBM Corporation IBM Power Systems Cloud Delivery Examples Market IBM Examples Examples
Collaboration CRM/ERP/HR
Business Industry Processes Applications Software-as-a-Service
Web 2.0 Application Java Middleware Runtime Runtime
Development Database Tooling Developer Platform-as-a-Service Cloud
Data Center Servers Networking Storage Fabric
Shared virtualized, dynamic provisioning Computing on Infrastructure-as-a-Service Demand
© 2010 IBM Corporation IBM Power Systems
Top public workloads Top private workloads Audio/video/Web conferencing Data mining, text mining, or other analytics Service help desk Data warehouses or data marts Infrastructure for training and demonstration Business continuity and disaster recovery WAN capacity and VoIP infrastructure Test environment infrastructure Desktop Long-term data archiving/preservation Test environment infrastructure Transactional databases Storage Industry-specific applications Data center network capacity ERP applications Server
Infrastructure and Database, application and collaboration workloads infrastructure workloads emerge as most appropriate emerge as most appropriate for a for a Public offering Private offering
© 2010 IBM Corporation IBM Power Systems Cloud Usage Models
1. End User to Cloud - Application running on the cloud with access for end-users
2. Enterprise to Cloud to End-user (Interoperability) - Applications running in the public cloud – access from employees and customers
3. Enterprise to Cloud (Integration) - Cloud application integrated with internal IT capabilities
4. Enterprise to Cloud to Enterprise (Interoperability) - Cloud application running in the public cloud and interoperates with partner applications (supply chain)
5. Enterprise to Cloud (Portability) - Cloud application running in the cloud – flexibility to move to a different cloud provider in the future or in-house
6. Private (intra) Clouds - Interoperability / integration within elements of a private cloud and between a private cloud and a traditional environment
© 2010 IBM Corporation IBM Power Systems
Model 1: End User to Cloud
What is it ? – Application running in the cloud with access for end-users Public Cloud Scenarios : Application – Get new Web app provisioned worldwide quickly (e.g., the next facebook, linkedin, gmail, etc …) – Don’t need IT infrastructure, flexible acquisition
© 2010 IBM Corporation IBM Power Systems
Model 2: Enterprise to Cloud to End-user
What is it: – Deploy cloud based application specifically for the cloud – access for employees and for customers Public Cloud Scenarios: – Online sales through catalog, needs to link back into enterprise systems for fulfillment Application • web app and shopping cart in cloud, fulfillment inside existing enterprise systems External – Two sub-models • End User is employee in the Enterprise (e.g., Travel Expense Account Internal application)
• End User is Web customer outside the Enterprise (e.g., online sales)
Enterprise IT (Traditional, Private Cloud or Hybrid) © 2010 IBM Corporation IBM Power Systems Model 3: Enterprise to Cloud (Integration)
What is it? Public Cloud B – Cloud application – integrated with internal IT capabilities Application / Data Scenarios : – Typical approach of integrate with existing on premises and off- External premises capabilities or other cloud application (customer list, access Internal Integrate with control, data) existing on premise capabilities
Enterprise IT (Traditional, Private Cloud or Hybrid)
© 2010 IBM Corporation IBM Power Systems Model 4: Enterprise to Cloud to Enterprise
What is it? – Cloud application running in the public cloud – interoperate with partner applications (supply chain) Public Cloud
Scenarios : Application – Brokers, common function providers Application (e.g., supply chain, broadcast recall to multiple customers, broadcast RFP to suppliers, “classic” B2B) Large manufacturer A External
Internal
Large manufacturer B
© 2010 IBM Corporation IBM Power Systems Model 5: Enterprise to Cloud (Portability)
What is it? – Cloud application and/or data running in the cloud – flexibility to move to a different cloud Public Cloud A Public Cloud B provider in the future or in-house Application / Application / Scenarios: Data Data – Flexibility and choice to change application Move to platform suppliers another cloud – “Write once, run anywhere” External
Move in- Internal house
Application / Data
Enterprise IT (Traditional, Private Cloud or Hybrid) © 2010 IBM Corporation IBM Power Systems Model 6: Private (intranet) Cloud
What is it? – A “private” cloud-based service, offers many of the benefits of a public cloud computing environment. The difference is External that data and processes are managed within the organization. Internal Scenarios : – The enterprise would leverage a private cloud to provide Self-service capabilities, On-Premise or Off Premise real-time infrastructure. – Interoperability / integration within elements of a private cloud and between a Private Cloud private cloud and a traditional environment OS Images (Virtual / Physical)
Database Schema /Instances
Storage (SAN/NAS)
© 2010 IBM Corporation IBM Power Systems
If this is so logical…
Why isn’t everyone doing it?
© 2010 IBM Corporation IBM Power Systems
So what type of business and security challenges does cloud computing introduce? Today’s Data Center Tomorrow’s Public Cloud
We Have Control Who Has Control? It’s located at X. Where is it located? It’s stored in server’s Y, Z. Where is it stored? We have backups in place. Who backs it up? Our admins control access. Who has access? Our uptime is sufficient. How resilient is it? The auditors are happy. How do auditors observe? Our security team is engaged. How does our security team engage? © 2010 IBM Corporation IBM Power Systems Security is a top concern with cloud computing…
The Tale of two studies shows that Security is the number one inhibitor to customers adopting cloud technologies.
What, if anything, do you perceive as actual or potential barriers to acquiring public cloud services?
Security/privacy of company data 69%
Service quality 54%
Doubts about true cost savings 53%
Performance / Insufficient 52% responsiveness over network
Difficulty integrating with in-house IT 47%
Source: IBM Market Insights, Cloud Computing Research
Source: Oliver Wyman Interviews
© 2010 IBM Corporation IBM Power Systems
Gartner’s security risks of cloud computing
Privileged User Access
Data Segregation
Data Recovery
Investigative Support
Regulatory Compliance
Data Location
Disaster Recovery
Gartner: Assessing the Security Risks of Cloud Computing, June 2008
© 2010 IBM Corporation IBM Power Systems Risks introduced by cloud computing
Over where the information is located and stored, who has access and backups, how is it Challenges with an monitored & managed Control needed to manage increase in potential including resiliency firewall and security unauthorized exposure settings for applications when migrating workloads and runtime environments to a shared network and in the cloud compute infrastructure Less Restrictions imposed Control Concerns with high by industry regulations availability and loss of over the use of clouds Security Data service should outages for some application Security Management occur
Compliance Reliability
© 2010 IBM Corporation IBM Power Systems
Top 10 factors for a secure Cloud Infrastructure
Data Protection Access and Identity Application Provisioning & Deprovisioning Application & Environment Testing Service Level Agreement Vulnerability Management Business Resiliency Audit & Governance Cross Border Protection Intellectual Property & Export Laws
© 2010 IBM Corporation IBM Power Systems
What are the Risks
Policy and Organizational Risk - Things that may directly degrade the ability of the consumer organization to conduct business in efficient manner
Legal Risk - Things that may put the consumer organization in breach of the law or that may prevent compliance with specific legal mandates
Technical Risk - Things that may disrupt normal operations of the consumer organization or cause loss of value over intangible assets (data, reputation, etc.)
Transitional Risk - Things that may temporarily put the consumer organization’s “traditional” infrastructure and operations under increased risk
© 2010 IBM Corporation IBM Power Systems
Policy and Organizational Risk
5 INTRINSIC RISKs
1. Resource sharing and pooling - Data (intangible assets) can not be tied to physical assets (tangible HW resources), assets must be referenced by their content not their supporting media or storage location
2. Network accesses - Porous perimeter, authorization & authentication become more important issues
3. Service elasticity and scalability - Grow-on-demand and pay-as-you-go can backfire. Seemingly infinite capacity may not be so under attack.
4. On-demand self-service - Hijacking of the consumer’s control plane (user interface.
5. Measured service - Economic denial of service, depletion of service quota
© 2010 IBM Corporation IBM Power Systems
Legal Risks
E-discovery and Subpoena - Where is the evidence that I need to hand out? Intangible assets cannot be mapped to physical assets or geographical locations. Service provider may not be cooperative. Resources are pooled and shared so they can’t be “taken” without affecting co-tenants and/or service provider operations.
Change of jurisdiction - Which privacy (Data protection ) and security laws are applicable when intangible assets and processes are outsourced to service providers with distributed data centers across several continents? Do national laws local to the service provider’s data center supersede those local to consumer’s organization?
Data protection - It can be difficult for the cloud customer (in its role of data controller) to effectively check the data processing that the cloud provider carries out, and thus be sure that the data is handled in a lawful way. Conflicting data encryption standard requirements, lack of notification of data breaches by the service provider, storage of data collected unlawfully by co-tenants .
© 2010 IBM Corporation IBM Power Systems
Technical Risks
Isolation failure - Break out of the VM, storage compartment, virtual network, VPN, etc.
Compromise of the management interface - Hijack of the consumer organization’s cloud computing infrastructure, loss of control plane (user interface).
Data leakage – Data Leakage to co-tenants (Intra-cloud ) or from the cloud
Insecure data lifecycle management - Insecure or ineffective deletion of data, loss of consistency, data duplication
Economic denial of service - Depletion of quota vs. runaway service costs vs loss of efficiency
Coarse access control - Insufficient granularity to implement authentication, authorization or auditing controls
Conflicting Provider- Consumer security standards - Provider can’t meet the consumer organization’s security requirements
© 2010 IBM Corporation IBM Power Systems
Transitional Risks
Disruption of endpoint security - Cloud applications that require installation of client-side components or use of specific desktop applications may weaken the consumer’s security posture
Credential Leakage - Improper lifecycle management of credentials needed to access cloud applications. Shared access for “testing purposes”, open access to cloud user interface
Punctured perimeter - Punching “temporary holes” in network filtering rules. Network IDS with lost visibility, tunneling.
Transitive trust - Internal/ legacy applications suddenly made to transitively trust the cloud. Reuse of credentials, hard-coded passwords, certificates, etc.
© 2010 IBM Corporation IBM Power Systems Security complexities raised by virtualization
New complexities:
Dynamic relocation of VMs
Increased infrastructure layers to manage and protect
Multiple operating systems and applications per server
Elimination of physical boundaries between systems
Manually tracking software and configurations of VMs
Risk depends on cloud type
Public cloud riskiest (mixed tenants) Private cloud least risky (BAU) – but places higher demands on the company •1:1 ratio of OSs •1:Many ratio of OSs and Hybrid (private + public) provides a and applications per server balanced solution applications – sensitive data stays private per server •Additional layer to manage – public cloud used for non-sensitive data. Can be always or just for and secure demand spikes
© 2010 IBM Corporation IBM Power Systems Different cloud workloads have different risk profiles One-size does not fit-all
High
Mission-critical workloads, personal information Tomorrow’s high value / high risk workloads need:
• Quality of protection adapted to risk
Need for ● Direct visibility and control Analysis & Security simulation with ● Significant level of assurance Assurance public data
Today’s clouds are primarily here:
Training, testing ● Lower risk workloads with non-sensitive data ● One-size-fits-all approach to data protection Low ● No significant assurance
● Price is key Low-risk Mid-risk High-risk Business Risk
© 2010 IBM Corporation IBM Power Systems
IBM Cloud Offerings
© 2010 IBM Corporation IBM Power Systems IBM’s Cloud Portfolio
Consulting Services in support of Cloud Computing
● Infrastructure Strategy & Planning ● Testing Services for Cloud ● Strategy & Change Services for Cloud Adoption ● Networking Strategy & Optimization ● Strategy & Change Services for Cloud Providers
Smart Business Offerings: comprehensive cloud solutions for infrastructure workloads
Development Desktop Infrastructure Storage Analytics Collaboration and Test Workloads available on multiple delivery models ... with embedded service management
Infrastructure services & technologies enabling cloud computing Services ● Security Technologies
● Resiliency optimization (BCRS) ● Tivoli Service Automation Manager ● Data Center ● WebSphere Hypervisor Edition ● Tivoli Live Monitoring Maintenance
© 2010 IBM Corporation IBM Power Systems IBM Cloud Services Portfolio
Analytics Collaboration Development Desktop and Infrastructure Infrastructure Business and test devices compute storage services
Smart business IBM Lotus Smart IBM Smart IBM IBM BPM on the IBM cloud Live Business Business Computing Information BlueWorks Standardized services IBM Lotus ® Development Desktop Cloud on Demand Protection (design tools) on the IBM cloud ® iNotes and Test on Smart Business Services Smart business the IBM End User expense reporting Cloud (beta) Support on the IBM cloud
IBM Smart Business IBM Smart IBM Smart IBM Smart IBM Services Analytics Business Business Smart Private c loud services , Cloud Test Cloud Desktop Business behind your firewall, built and/or managed by IBM Cloud Storage Cloud
IBM Smart Business IBM Smart IBM IBM Smart Business Systems Analytics CloudBurst Information for Small or Preintegrated, workload- System ™ family Archive Midsize optimized systems Business (backed by the IBM Cloud)
Global Technology Services
© 2010 IBM Corporation IBM Power Systems Cloud Solutions for Power Systems
Tivoli Service Automation Manager (TSAM) IBM Systems Director and VMControl Tivoli Provisioning Manager (TPM)
Cloud services definition and provisioning Power System Pools simplicity Software full lifecycle management Policy-based workload resilience Policy creation and enforcement Best-practices image management Automated SAN provisioning
Tivoli Storage Productivity Center (TPC) SAN Volume Controller (SVC)
Simplified SAN management Integration with VMControl for automated disk provisioning
IBM DS5000, DS8000, XIV; EMC; HDS Best-of-breed Power Systems Virtualization Heterogeneous storage management Sharing and dynamic allocation of Decoupling of physical and virtual storage resources across environments Pooling for increased virtualization Multi-OS support: AIX, i, Linux
© 2010 IBM Corporation IBM Power Systems
IBM i as a Cloud Server
© 2010 IBM Corporation IBM Power Systems Current IBM i strengths
Strengths - stands out in multi-tenant
Good Isolation Object-based architecture IBM i enforced Security and encryption Database schema and IASP isolation System Director WebSphere – separate enterprise applications – role-based security Memory Pools Subsystems Processor Pools Group Profiles Active Memory Sharing …
In short, a multi-user, multi-app OS from day 1
© 2010 IBM Corporation IBM Power Systems IBM i Hosting Environment
Single app. One server One OS One AP One application servicing stack for stack for Stack for each Stack per tenant multi each tenant each tenant tenant tenants
Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant
App App App App Enabling Technology App App App App Application
• Apache web servers • WebSphere Application Servers AP AP AP AP AP AP AP AP • IBM i subsystems • DB2 for i • Independent Storage Pools DP DP DP DP Data Platform Data Platform Data Platform • Schema isolation • Subsystems, Memory Pools • Threads, Users/Groups OS OS OS OS Operating System Operating System Operating System • Validation lists
• PowerVM • PowerHA Infrastr. Infrastr. Infrastructure Infrastructure Infrastructure Infrastructure • Systems Director Data center floor Data center floor Data center floor Data center floor Data center floor
I III IV V Legend: II Physical-level or Shared Hardware Operating Platform-level Application-level isolated multi- System-level multi-tenancy multi-tenancy Dedicated multi-tenancy tenancy multi-tenancy Shared
IBM i performs well here IBM i performs very well here
© 2010 IBM Corporation IBM Power Systems IBM i Vision toward Cloud Enablement
Partition mobility Partition hibernation Virtual resources Image (partition) External storage w/ provisioning/cloning Physical systems VIOS and SAN Virtualized everything Internal storage Dynamic resources Workflow automation Static resource for partitions More granular licensing partitions Network install and Flash copy checkpoints Manual setup backups and snapshots Physical media Scripted partition HA install creation Licensing per core Licensing per core Backups HA Potential Future Present enhancements
Past
© 2010 IBM Corporation IBM Power Systems
IBM CloudBurst
© 2010 IBM Corporation IBM Power Systems What is IBM CloudBurst?
– A complete, pre-packaged cloud environment. Includes both hardware and software
– CloudBurst on Power is slated for 4Q 2010 delivery (v2.1)
Market splash: – The IBM CloudBurst solution on Power is planned to provide everything you need for a private cloud environment including Tivoli service management software, storage, network and the most efficient platform for cloud computing with Power Systems, enabling customers to rapidly realize the benefits of cloud computing
© 2010 IBM Corporation IBM Power Systems IBM Cloudburst – an Integrated Cloud solution
Monitoring Monitor both physical and virtual server environments Usage and Accounting IBM Cloudburst Provide metering and accounting for cloud services “Built for Purpose” Cloud Enable integration to billing systems if Solution High Availability needed Make management system DB highly available
Virtualized HW Management Enhanced Tivoli Service Automation management of the Manager (TSAM) virtual environment Server, Storage, Network HW Orchestration of Cloud operations Preinstalled and Integration point for configured on IBM service mgmt hardware capabilities Energy Management Service catalog and templates Energy management Automated of the hardware provisioning of virtual infrastructure systems
© 2010 IBM Corporation IBM Power Systems IBM CloudBurst Roadmap
10 20
Key Enhancements Expand HW Platform to IBM CloudBurst Power Systems, Future iDataplex, and System Z Cloud Analytics and Optimized for Dashboard capabilities Production Cloud capacity Planning Workloads Enhanced security & New! resiliency options Compliance reporting options New Enhancements Integration with public Energy metrics integrated with IT cloud offerings service management system Accounting, usage and metering Optimized for IBM CloudBurst 1.2 Development & High availability configuration Enhanced security options Test Workloads Integrated with WebSphere 9 CloudBurst 00 2 Delivered! IBM CloudBurst 1.1 Capabilities System X BladeCenter HW; scalable and modular GTS CloudBurst QuickStart Services Request, Deploy and Manage VMWare virtual environments IBM WebSphere Energy Utilization metrics CloudBurst Appliance Backup and Recovery
© 2010 IBM Corporation IBM Power Systems
Thank you!
For more information, please visit: ibm.com/cloud
Or, contact me: Jeff Uehling [email protected]
© 2010 IBM Corporation