Thúc đẩy tăng trưởng kinh doanh với hạ tầng thông tin an toàn và hoạt động liên tục

Thúc đẩy tăng trưởng kinh doanh với hạ tầng thông tin an toàn và hoạt động liên tục

Propelling Business Growth With

A Secure And Continuous Information Infrastructure

Jon Murray

Information: Change in Multiple Dimensions

information regulations

more regulations:

SEC 17a-4, NASD 3010,Sarbanes-Oxley, Basel

II, UK Metadata, eSign Act, 21 CFR Part 11

transactions, documents, forms, web, images,

voice, messages, reports

Customers’ Information Storage and

IT environment getting more complex

SLA’s continue to expand and tighten

Protection and security increasingly important

2006 Technology Spending Priorities–CIO Survey

1 Security (Software)

2 Security (HW & Services)

3 Storage Area Networks

4 Wireless LAN (access points & routers)

10 Business Intelligence Software

11.Wireless LAN (clients)

12.New Custom Development

13.Routing

14.Systems Management Software

15.Application Integration Software

16.Notebook PCs

17.Document Management Software

18.Automated Testing Tool

19.Microsoft Office Upgrade

20.Application Software Server

45.Mainframe hardware

Change/Patch Management

Encryption Vault

Recovery Management

Authentication

Today’s Approach: Secure the Perimeter

Security Tomorrow: Protect the Information

Security Must Become Information-Centric

– An inside-out view of how to secure information

 Begins with securing the data itself

 Moves out through layers of

increasingly intelligent infrastructure

 Relies on our ability to leverage

the interaction between data and infrastructure

Important Technology

• Data-level access control

• Open policy decision points

• Enforcement at point of use

Information Security (Confidentiality)

Information Security

Information Security

EMC’s Security Efforts to Date

•CEO-level Mandate

•Information Security Leadership Team

•Company-wide Goals and Objectives

•Security-related Workshops, Assessments

•EMC Vulnerability Alert Service

•Documentum Trusted Content Services

•EMC Secure Remote Support

•Data Erasure Service

Comprehensive Information Protection

EMC Security Mission

Security Services

Patching Vulnerability Assessment

Security Risk Management

Secure Messaging

Web Filtering Encryption

File / Database Security

Digital Rights Mgmt

Authentication

Authentication Mgmt

Authentication Authentication Mgmt Provisioning

End-to-End Information Security Management

EMC ISM

EMC’s Information-Centric Approach to Security

EMC Strategy

 Expose key native capabilities

 Repurpose existing technologies for security “use cases”

 Develop new products, solutions, and service offerings

 Partner and acquire to complete portfolio

Information Security Management (ISM)

 Information Security is an end-to-end challenge

 To be most effective, security capabilities must be integrated

with the information infrastructure

 All security offerings need to be interoperable and open

EMC Retrospect EMC Networker EMC Secure Remote Support EMC Documentum Trusted Content Services VMware Assured Computing Environment Digital Rights Management (with partners)

What is Happening with Information Security

?

Hard to know where to start

software

Storage Security Assessment Service

SAN Security Best Practices NAS Security Best Practices Data Erasure Services

services

Secure Content Management

ACLs MAC L EAL4 Com mon

ESG Strategy for Enterprise Archiving

Retain Migrate Discover

Common Archiving Record and Storage (CARS)

Secure, scalable, and unified archive for all types of

Applications

& Reports

Classify

New Architecture for Backup, Recovery, and Archive

– Increases performance of production applications

– Improves TCO through use of tiered storage

– Recovers capacity on Tier 1 resources

– Backup window reduced or eliminated

– Higher reliability, greater likelihood of full backups

– Restore requests are faster



Ž

Œ Ž

Archive process Recovery

process Production

Backup and Archive are Different

A secondary copy of information Primary copy of information

Used for recovery operations Available for information retrieval

Improves availability by enabling

application to be restored to point in

time

Adds operational efficiencies by moving fixed / unstructured content out

of operational environmentTypically short-term (weeks or months) Typically decades)long-term (months, years, or Data typically overwritten on periodic

basis (e.g., monthly) Data typically value generation, or compliancemaintained for analysis,

Not for regulatory compliance—

though some are forced to use Useful for complianceinto account information-retention policy and should take

Continuity Challenge: The Common Current State

Not protected

protected

Under-Different requirements Different technologies Different processes

protected

Over-Continuity Issues

 Survive a disaster

 Achieve high availability

 Prevent data corruption

 Non-disruptively upgrade software

and/or hardware

 Do parallel processing

 Move and migrate data

 Restart the enterprise

 Protect remote data sites

 Shorten backup and restore times

 Growth in complexity and effort

 Growth in cost and risk to the business

Continuity Defined:

Ensuring applications and data are available

CDP to Disk

to Tape

DAYS/

HOURS

Snap / Clone

Common Recovery Management Services

Automated and Simplified Management Disaster Recovery, Operational

Recovery, and Testing/Migration

Common Recovery Management Services

Automated and Simplified Management Disaster Recovery, Operational

Recovery, and Testing/Migration

Products and Technologies

Remote processing

Clustering across site with Storage DR aware

Multi-site

SAN

Products and Technologies

Platform

Storage,

switch, and

server protection

Backup

Frequent, consistent, non- disruptive backups

Recovery

Quick, accurate, predictable recovery

Remote Information

All critical data safe at remote location

Remote processing

Automatic processing resumption:

“lights out”

Multi-site

Increasing distance improves protection

Information Protection & Recovery

SRDF Family MirrorView AutoStart Family

TimeFinder Family

SnapView EMC SnapSure PowerPath

NetWorker Celerra Replicator

RepliStor

Getting Started: Sample Customer Requirements Plan

Service Class Non-critical Business urgent Business-critical Mission-critical

Site Type Warm site Hot site Standby site

(manual failover) Standby site (automatic failover)

RTO +/- <72 hours up to (+/-) <5 days +/- 24 hours up to (+/-) 3 days +/- 6 hours up to (+/-) 12 hours +/- 1 hours up to (+/-) 3 hours

RPO +/- 24 hours up to (+/-) 3 days +/- 24 hours up to (+/-) 3 days  Sync = 0 data loss

 Async = acceptable data loss

*(Potential for 0 data loss for Async)

 Sync = 0 data loss

 Async = acceptable data loss

Recovery Service  OS: restored from tape and

 Recovery plans: ready

 OS: restored from tape and validated

 Application: restored from tape and validated

 Data: restored from tape and validated

 Connectivity: restored and validated

 Connectivity: repoint network

 Redundancy of data: store and forward, tape back up of site

 Recovery plans: ready

 Testing: quarterly after significant

 OS: ready

 Application: ready

 Data: ready

 Connectivity: repoint network

 Redundancy of data: store and forward, tape backup of site

 Redundant site: ready

 Recovery plans: ready

 Testing: quarterly after significant

Application Type  Desktop applications

 Corporate tax systems

 Travel systems

 Human resources

 Some desktop applications

 Corporate tax system

 Travel systems

 Payroll

 Accounting systems (ERP)

 Inventory control / distribution

 Credit card processing

 Cash management

 Accounting systems (ERP)

 Inventory control / distribution

 Credit card processing Cash management

Customer Needs

Tiered Storage that Is Optimized for Business Requirements

Budget Capacity Performance Availability Compliance Business Applications

ERP

CRM

Exchange

Archive

EMC Retrospect EMC Networker EMC Secure Remote Support EMC Documentum Trusted Content Services VMware Assured Computing Environment Digital Rights Management (with partners)

What is Happening with Information Security

software

Storage Security Assessment Service

SAN Security Best Practices NAS Security Best Practices Data Erasure Services

services

where to start

Building a Next-Generation Information Infrastructure

Information Lifecycle Management

Flexible

infrastructure

Next-Generation

Information Infrastructure