How to Migrate to Cloud with Complete Confidence and Trust
0 likes706 views
The document discusses the importance of effective cloud migration strategies, emphasizing the need for robust policy frameworks to mitigate risks, ensure compliance, and streamline operations. It outlines five key pillars for infusing policy into cloud systems, focusing on automated enforcement and security measures to enhance trust in cloud-native applications. Ultimately, it highlights the value proposition of Apcera in enabling organizations to innovate confidently while maintaining governance and operational efficiency.
How to Migrate to Cloud with Complete Confidence and Trust
- 1. How to Migrate to Cloud with Complete Confidence and Trust Henry Stapp, Director of Product Management, Apcera March, 2016 ADA Conference
- 2. What We’re Hearing From Customers 2 ๏ Drive Revenue ๏ Decrease Costs ๏ Reduce Risk ๏ Improve the Customer Experience
- 3. 3 SoftwareLayerInfrastructureLayer Containers and Microservices Traditional and Legacy Applications Cloud Native Applications MiddlewareLayer Orchestration Tools Configuration Tools Container Management Tools Auditing Tools Logging Tools Application Platforms Platforms-as-a-Service Your Cloud Stack
- 4. 4 Complexity Leads to RISK Siloed Your Cloud StackSoftwareLayerInfrastructureLayer Containers and Microservices Traditional and Legacy Applications Cloud Native Applications MiddlewareLayer Orchestration Tools Configuration Tools Container Management Tools Auditing Tools Logging Tools Application Platforms Platforms-as-a-Service Unique Dependencies
- 5. 5 You need the cloud to work for you, NOT the other way around.
- 6. The Importance of Policy 6 ๏ Policy refers to the rules and best practices that set up guard rails for your system. Policy can help: ‣ Governance ‣ Risk ‣ Compliance ๏ Most policies are loosely crafted and live on a sticky note, whiteboard, email or in the heads of your ITOps team. ๏ Declaring consistent, effective policy across your organization generally looks like this…
- 7. 7 Implementing Policy Across Your Organization Today Meeting Meeting Meeting Meeting Meeting ! Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting Meeting ! ! !
- 8. Packaging System enables fine grained policy for versions, workload manifests and what can be used in an un-opinionated system. Service Composition01 Infuse Your System with Policy: Five Key Pillars
- 9. Packaging System manifests and what can be used in an un-opinionated system. Service Resource Management 01 02 Container Management System enables isolation and enforced security granular policy for memory/cpu/disk/network quotas. Infuse Your System with Policy: Five Key Pillars
- 10. Packaging System manifests and what can be used in an un-opinionated system. Service Resource Scheduling and Placement 01 02 03 Container Management System security granular policy for memory/cpu/disk/network quotas. Policy Aware Scheduler enables granular control for workloads placement: geographical, affinity-based tagging for service access, compute and infra elasticity. Infuse Your System with Policy: Five Key Pillars
- 11. Packaging System manifests and what can be used in an un-opinionated system. Service Resource Scheduling and Policy Aware Networking enables a truly programmable network at workload abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal. Connectivity and Communication 01 02 03 04 Container Management System security granular policy for memory/cpu/disk/network quotas. Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and Infuse Your System with Policy: Five Key Pillars
- 12. Packaging System manifests and what can be used in an un-opinionated system. Service Resource Scheduling and Policy Aware Networking abstraction layer that can enforce policy on any infrastructure at the speed of deployment and orchestration, plus the ability to instantly self heal. Connectivity and Communication 01 02 03 04 Container Management System security granular policy for memory/cpu/disk/network quotas. Policy Aware Scheduler geographical, affinity-based tagging for service access, compute and What good are rules if they aren’t followed? Effective policy provides visibility within your system so automated enforcement is possible. Automated enforcement removes humans from the equation and greatly reduces the chance of errors. Automated Enforcement of Your Policy 05 Infuse Your System with Policy: Five Key Pillars
- 13. Trust Model for Cloud-Native Applications MULTI-WORKLOAD MULTI-CLOUD POLICY SECURITY ENFORCEMENT DEPLOY ORCHESTRATE GOVERN • Cloud-resident Policy Engine at the core • Service level evaluation and enforced for GRC • Every service resource is closed by default • Every service resource is assumed compromised • All components are isolated by default Permissions need to be explicit and granted in all directions Secure separation of control, management and data planes Secure message bus to connect all resources Cloud Native service behavior exception monitoring, alerting and audit logging • • • •
- 14. Request Policy Agent Policy Engine (Cloud-Native GRC) Policy Centric Monitoring, Evaluation & Enforcement Request Request Policy Agent Policy Agent Legacy Agents SaaS Agents DB2 Delivering Secure Cloud-Native Services for Governance, Risk and Compliance Salesforce Service VMware Service AWS Service OpenStack How Apcera Handles Trust
- 15. The Apcera Vision Deliver platform technology that unlocks the full power of massive amounts of compute resources and data. All in a trusted and unified way. Derek Collison Founder and CEO at Apcera ๏ CTO, Chief Architect at VMware ๏ Architected CloudFoundry ๏ Technical Director at Google ๏ SVP and Chief Architect at TIBCO Apcera Value Proposition Customers Innovate at speed — with full confidence and trust Business Benefits: - Risk Mitigation and Full Compliance - Reduce CapEx and OpEx - Simplify Operations - Faster Time to Market - Full integration with “modern” IT tools in use
- 16. Q & A
- 17. Learn More at www.apcera.com Thank You!