EasyStack True Private Cloud | Quek Keng Oei
Download as PPTX, PDF0 likes84 views
Modern, Private, Automated Private Cloud Altera Technologies is a cloud management company founded in 2014 that focuses on private cloud software and services. It has over 500 enterprise customers and 200 employees. Altera offers a true private cloud product called ECS that provides tenants secure platforms with logical and physical network separation between domains and projects. Key benefits of private cloud over public cloud include better security, control, and predictability while avoiding high public cloud costs over time.
EasyStack True Private Cloud | Quek Keng Oei
- 1. Modern, Private, Automated Private Cloud Partnering with Altera Technologies
- 2. Who are we? Award winning Global Catalyst Advisory spinoff – Clientele List Ministry of Foreign Affairs Civil Service College Temasek Foundation OECD Setia Berhad 1 Group Association of Small Medium Enterprises Franchising and Licensing Association of Singapore Awards Winner of RHT RMF Green Asia Initiatives Leadership (GAIL) Sustainability Awards - Gamechanger - Innovation Altera Technologies focusing on cloud management & technology
- 3. Established in February 2014, founding team ex-IBM • In 5+ years, accumulated more than USD110M in 5 rounds venture capital funding - latest round C++ in August 2018 • Largest Series C funding round in China Open Source history • OpenStack Foundation Gold Member • Linux Foundation & CNCF Silver Member • 5 out of 10 China Largest OpenStack Deployments in 2016 • Awarded Gartner 2016 China Cool Vendor • Ranked No. 2 in 2018 OpenStack Foundation User Survey • Ranked Top 8 Gartner 2017 OpenStack Most Competitive Provider • Officially certified as CNCF Kubernetes Service Provider in 2018 Leadership • 2014 May: OpenStack Enterprise Distribution • 2014 Nov: China’s 1st OpenStack Hybrid Cloud • 2017 Mar: China’s 1st OpenStack with Kubernetes Converged Platform • 2018 May: Cloud Ready HCI Product ECS Stack • 2019 May: True Private Cloud Product ECS Innovation • Elected Independent Board Director OpenStack Foundation • Elected Heat Project PTL OpenStack Foundation • Ranked Top 10 Globally in TC-Approved Code Contribution OpenStack/Kubernetes/Ceph • Led China Linux Kernel Code Contribution Research Development EASYSTACK— Making Cloud Computing Easier 500+ large enterprise customers 200+ employees, focused on enterprise cloud computing software and services EasyStack has branch offices in 16 cities across mainland China and in silicon valley, Singapore, Sydney and Taipei Achievements 100+ Ecosystem Partners
- 4. Enterprise IT spending on the true private cloud market worldwide from 2016 to 2027, by segment (in billion U.S. dollars) Region Worldwide Survey time period 2016 to 2018 Supplementary notes * Forecast. The source defines true private cloud as including: • a transaction relationship with a single provider; • flexibility in how IT resources are consumed; • an ability to accommodate hybrid cloud application use cases; • and availability on a self-service basis; - and excluding: • converged systems with limited orchestration and automation; • self-integrated private cloud involving numerous vendors; • spending by service providers on public cloud infrastructure; • services outside the maintenance and management of an enterprise private cloud, such as data center outsourcing, colocation, general cloud consulting, etc.; • and virtual private clouds.
- 5. Cloud – The New Business Platform PUBLIC CLOUD PRIVATE CLOUD Managed by IT Managed by provider Two Models Today: Applications are delivered and built on cloud platforms Developers asking for self-service platforms for faster delivery IT is being pressured to provide that or move to AWS
- 6. How Public Cloud Looks CHALLENGES: Cost scales rapidly Performance unpredictability No visibility below VMs One way migration path PUBLIC CLOUD Admins / Users CLOUD UI/API
- 7. Challenges with Public Clouds Issues Description Rapid cost increase Total cost over 3 years more than private cloud as network traffic, etc are not included in the cost Unpredictable performance Sharing the same physical server with other unknown users Additional Security risk & compliance Require additional security services, audits, etc to secure cloud Misconfiguration of security & services Experience & review of services and security must be done with audits to ensure data not accessible by public (see CapitalOne data leak) No control below VM No management of environment below VMs or virtual network Lack of OpenAPI APIs are proprietary, not fully defined and changes regularly. Tools have to be compatible with the APIs in order to automate services
- 8. Security – Top 5 concerns Top 5 Security Concerns of Public cloud: 1. Data Breaches – Access of data by unauthorized personnel (eg CapitalOne) 2. Hijacking of Accounts – Usernames/Password hacked, leaked private key, etc 3. Insecure APIs and Interfaces – Proprietary APIs that may have loopholes and weakness allowing illegal control 4. Insufficient Due Diligence – Due to lack of experience, knowledge or time, system not properly secured or protected 5. Malware Injections & APT - Malicious code injected into cloud services and runs in the cloud servers themselves to eavesdrop, compromise the integrity of sensitive information, and steal data
- 9. Rack 1 Cloud Region 1 Cloud Region N Domain 1 Domain 1 True Private Cloud Feature: Secure Platform including configuration & data Tenant Project 1 Tenant Project N Tenant Project 1 Tenant Project N … … … Domain N Multi-Tenant Organization/Quota Management • Each region can be physically or logically designed and implemented • Domain can be company/organization/busin ess unit/department • Tenant Project can be sub- domain separation Tenant Project N Tenant Project 1 Tenant Project N … … Domain N … Tenant Project 1 … Physical and Logical Network Separation Host 2FA • Backend host access is protected by 2FA login • Ensure only authorized person(s) allowed into host server(s) console Server 1 Server N TOR Switch 1 … FW Device(s) Core Switch Rack N Server 1 Server N TOR Switch N … … VM Instance Router Instance Network Instance Network Instance VM Instance SecurityGroup Instance FWaaS Instance Floating IP Instance Logical Network Physical Network
- 10. Conclusion Factors Public Cloud Private Cloud Flexibility on resources – able to turn on / call on resources on demand 5 4 Control – Able to control the cloud from hardware to software and service level 2 4.5 Security and privacy – Able to keep the data securely in the right hand and person and prevent access by non-authorized entities 1.5 4 Cost – Overall cost of starting and running the cloud solution 1.5 - 4.5 4 My scoring of the cloud: Rank scoring: 1 – Weakest, 5 - Strongest
- 12. CapitalOne Data Breach – What is it • CNN – “In one of the biggest data breaches ever, a hacker gained access to more than 100 million Capital One customers' accounts and credit card applications earlier this year.”… “tech company software engineer for Amazon (AMZN) Web Services, the cloud hosting company that Capital One was using, the Justice Department said. She was able to gain access by exploiting a misconfigured web application firewall, according to a court filing…” • DigitalTrends – “…filed a class-action lawsuit Tuesday against Capital One Financial Corporation “for negligence in failing to safeguard consumers’ personal information” in the recent data breach that impacted 100 million consumers… ” • InfoSecurity Magazine – “…the intruder was able to enumerate over 700 S3 Buckets and ultimately copy sensitive data out of the environment…” CNN – https://edition.cnn.com/2019/07/29/business/capital-one-data-breach/index.html DigitalTrends – https://www.digitaltrends.com/news/capital-one-data-breach-class-action-lawsuit/ InfoSecurity Magazine – https://www.infosecurity-magazine.com/infosec/lessons-from-the-capital-one-data/
Editor's Notes
- #4: Left side: Step through point by point Right side: Briefly touch on the achievements
- #12: I hope you gain some valuable knowledge on what I have shared. Especially for those of you who are on digital transformation journey where cloud enablement is part of your plan, do consider speaking to EasyStack at the exhibition area booth. Happy to address your questions later today! Thank you