Đang tải... (xem toàn văn)
Thúc đẩy tăng trưởng kinh doanh với hạ tầng thông tin an toàn và hoạt động liên tục
Go to View/Master/Slide Master to type in header Propelling Business Growth With A Secure And Continuous Information Infrastructure Jon Murray Go to View/Master/Slide Master to type in header Information: Change in Multiple Dimensions information information growth uses information regulations more growth: information stored on disk arrays growing ~60% in 2006 more types: transactions, documents, forms, web, images, voice, messages, reports more uses: ERP, CRM, RFID, collaboration, data mining, discovery … information types more regulations: SEC 17a-4, NASD 3010,Sarbanes-Oxley, Basel II, UK Metadata, eSign Act, 21 CFR Part 11 (more coming!) Go to View/Master/Slide Master to type in header Customers’ Information Storage and Management Challenges Information stored on disk arrays ~ 70% IT budget growth ~ - 5% IT environment getting more complex SLA’s continue to expand and tighten Protection and security increasingly important CIO’s Dilemma: How to manage all the information growth with limited resources? Go to View/Master/Slide Master to type in header 2006 Technology Spending Priorities–CIO Survey Security (Software) 11 Wireless LAN (clients) Security (HW & Services) 12 New Custom Development Storage Area Networks 13 Routing Wireless LAN (access points & routers) 14 Systems Management Software Storage Software 15 Application Integration Software Portal Software 16 Notebook PCs VOIP Infrastructure 17 Document Management Software IT Education and Training 18 Automated Testing Tool Storage Hardware 10 Business Intelligence Software 19 Microsoft Office Upgrade 20 Application Software Server 45 Mainframe hardware 46 Printers Source: Morgan Stanley November CIO Survey, Jan 3, 2006 Go to View/Master/Slide Master to type in header Security Today An Amalgamation of Point Products Across IT Anitvirus Threat Digital Rights Detection Management Servers VPN Clients LAN Authentication Authentication Encryption SAN Disk Storage Web Firewall Authentication Filtering Antivirus Encryption Change/Patch Management Vault Recovery Management Tape Spyware Go to View/Master/Slide Master to type in header Today’s Approach: Secure the Perimeter Go to View/Master/Slide Master to type in header Security Tomorrow: Protect the Information Go to View/Master/Slide Master to type in header Security Must Become Information-Centric Information-centric Security – An inside-out view of how to secure information Begins with securing the data itself Moves out through layers of increasingly intelligent infrastructure Relies on our ability to leverage the interaction between data and infrastructure Important Technology • Data-level access control • Open policy decision points • Enforcement at point of use Go to View/Master/Slide Master to type in header Information Security (Confidentiality) A Natural and Requested Evolution of EMC’s Data Protection Capabilities Information Information Security Security and Protection Information Information Confidentiality Confidentiality Information Information Integrity Integrity Information Information Availability Availability EMC’s Heritage Go to View/Master/Slide Master to type in header EMC’s Security Efforts to Date Dedicated DedicatedFocus Focus Security Securityof ofOffering Offering Comprehensive Comprehensive Information InformationProtection Protection • CEO-level Mandate • Information Security Leadership Team • Company-wide Goals and Objectives • Security-related Workshops, Assessments • EMC Vulnerability Alert Service • Documentum Trusted Content Services • EMC Secure Remote Support • Data Erasure Service • DRM for ECM • Software-native Encryption – Retrospect and NetWorker • Data Encryption through EMC Select 10 Go to View/Master/Slide Master to type in header What is Happening with Information Security ? Hard to know where to start define establish identify create monitor requirements services catalog gaps plan effectiveness hardware software services EMC Retrospect Storage Security Assessment Service EMCNeoScale Networker EMC Remote Support SAN Secure Security Best Practices Decru EMC Documentum Trusted Content Services NAS Security Best Practices Kasten Chase VMware Assured Computing Environment Data Cipheroptics Erasure Services Digital Rights Management (with partners) 13 Go to View/Master/Slide Master to type in header Secure Content Management Information Object s ACL L C MA g2 EAL a Testin s ri ice Crite nt Serv n o m te Com ted Con s T ru 14 Go to View/Master/Slide Master to type in header ESG Strategy forRecord Enterprise Archiving Common Archiving and Storage (CARS) Secure, scalable, and unified archive for all types of content Desktop & File System SharePoint Classify Retain Migrate Email / IM Discover Applications & Reports Paper Rich Media Web 15 Go to View/Master/Slide Master to type in header New Architecture for Backup, Recovery, and Archive Recovery process Ž Production Œ Ž Archive process Extract valuable information to archive – Increases performance of production applications – Improves TCO through use of tiered storage – Recovers capacity on Tier resources Back up active production information – Backup window reduced or eliminated – Higher reliability, greater likelihood of full backups Retrieve from archive or recover from backup – Restore requests are faster – Information that was once offline is now online via archive 16 Go to View/Master/Slide Master to type in header Backup and Archive are Different Backup Archive A secondary copy of information Primary copy of information Used for recovery operations Available for information retrieval Improves availability by enabling application to be restored to point in time Adds operational efficiencies by moving fixed / unstructured content out of operational environment Typically short-term (weeks or months) Typically long-term (months, years, or decades) Data typically overwritten on periodic basis (e.g., monthly) Data typically maintained for analysis, value generation, or compliance Not for regulatory compliance— though some are forced to use Useful for compliance and should take into account information-retention policy 17 Go to View/Master/Slide Master to type in header Continuity Reduce Total Cost Eliminate over-protection Simplified environment Consolidated continuity Improve Business Value Minimize under-protection Flexibility to change Improving productivity 18 Go to View/Master/Slide Master to type in header Continuity Challenge: The Common Current State Continuity Issues Survive a disaster Achieve high availability Prevent data corruption Non-disruptively upgrade software and/or hardware Do parallel processing Overprotected Underprotected Not protected Different requirements Different technologies Different processes Pain Points Move and migrate data Restart the enterprise Inconsistent service levels Gaps in coverage Protect remote data sites Shorten backup and restore times Growth in complexity and effort Growth in cost and risk to the business Contain costs Cannot add resources Continuity Defined: Ensuring applications and data are available during planned and unplanned outages 19 Go to View/Master/Slide Master to type in header Information Protection is Evolving Beyond Tape Backup… Replication Operational Effectiveness CDP to Disk Snap / Clone Backup to Disk Backup to Tape DAYS/ HOURS HOURS/ MINUTES MINUTES/ SECONDS SECONDS < SECONDS CommonDecreased RecoveryRecovery Management Time / Services Automated andIncreased SimplifiedRecovery Management Disaster Recovery, Operational Point Granularity Recovery, and Testing/Migration 20 ... budget growth ~ - 5% IT environment getting more complex SLA’s continue to expand and tighten Protection and security increasingly important CIO’s Dilemma: How to manage all the information growth... effort Growth in cost and risk to the business Contain costs Cannot add resources Continuity Defined: Ensuring applications and data are available during planned and unplanned outages 19 Go... Rights Detection Management Servers VPN Clients LAN Authentication Authentication Encryption SAN Disk Storage Web Firewall Authentication Filtering Antivirus Encryption Change/Patch Management Vault