Find Communities by: Category | Product

Bitly URL:

 

http://bit.ly/1CeEk6M

 

 

Tweet this document:

 

Top 12 2014 @DBAStorage Blogs by Views on the EMC Oracle Community! http://bit.ly/1CeEk6M


Related content:

 

With EMC, Oracle’s Maximum Availability Architecture is Redefined!

 

EMC Hybrid Cloud: Deploying Oracle Database as a Service

 

 

Follow us on Twitter:

 

 

 

 

 

EMCOracle.jpeg.jpg

 

 

store_open-120.png

 

Click to learn more about Oracle Solutions in the EMC Store

 

EMC Oracle.png


To celebrate 2014 being my first full year at EMC, I want to share again the blogs I prepared that got viewed the most. Last January, I had no idea that I would get to go to EMC World in Las Vegas, present at VMworld Europe in Barcelona and finish off the year presenting at the UKOUG Conference in Liverpool. It’s been amazing, so here’s a reminder of my 12 most viewed blogs of 2014;


#12      Introducing the EMC Enterprise Hybrid Cloud Solution!

 

#11      EMC Storage Integrator for Oracle Database 12c Multitenant Cloning

 

#10      Why you should be using EMC AppSync for Oracle

 

#9        Audio Podcast: Introducing EMC ScaleIO

 

#8        Wikibon on Converged Infrastructure For Oracle DBAs

 

#7        A technical overview of EMC Hybrid Cloud Solution with VMware for Oracle

 

#6        The New EMC VMAX3 Invites the Oracle DBA to the High-End Storage Party!

 

#5        Wikibon Says - Who’s BEST in Oracle Infrastructure?

 

#4        Supporting EMC XtremCache for Oracle Real Application Clusters

 

#3        Amazing unattended install of Oracle RAC 12c Grid Infrastructure with Vagrant!

 

#2        Introducing EMC ProtectPoint, with Oracle RMAN Integration!

 

#1        Let’s talk about Oracle FS1 and EMC XtremIO!

 

Throughout 2014, my intention has been to not only write about IT innovation at EMC, but also to provide technical overviews and details on implementing and supporting EMC solutions for Oracle. Very pleased to see some favourites of mine up there, with EMC ScaleIO, EMC XtremCache and EMC ProtectPoint featuring prominently.


Thanks must go to Larry Ellison for giving me the opportunity to write about his rather unusual comparison of Oracle FS1 and EMC XtremIO, and to you for taking it to #1!


2015 will likely be everything as BIG as 2014, while it’s not rocket science to predict 3 areas that Oracle DBAs should be expanding their horizons with, here’s my picks;

 

  • Software Defined Storage (both ViPR & ScaleIO)
  • Flash-Enabled Hybrid Storage Arrays (both VNX & VMAX)
  • Enterprise Hybrid Cloud (top infographic here)

 

I will certainly be writing more about these and other areas of interest to Oracle DBAs in 2015, hopefully you have enjoyed many of my contributions and I welcome your comments and feedback below.

 

Throughout 2014 I was looking at how I could get some visibility on a theory that Oracle DBAs should embrace Oracle NoSQL 3.0 as our route to Big Data – In December, the UKOUG Conference gave me the opportunity to present a session in Liverpool (slides are available here).  I hope to expand on that session this year and help Oracle DBAs avoid missing the boat to IDC’s 3rd Platform of IT!

 

All the best for 2015, Peter (@DBAStorage)

 

Comments / Questions?



DataReduction_1.1.jpg

Bitly URL:

 

http://bit.ly/1tK0LiY

 

Tweet this document:

 

[blog] A technical overview of EMC Hybrid Cloud Solution and Security Management http://bit.ly/1tK0LiY #RedefineHC

 

 


Related content:

 

[blog] A technical overview of EMC Hybrid Cloud Solution with VMware for Oracle http://bit.ly/1yNu4k5 #RedefineHC

 

 

EMC Hybrid Cloud: Deploying Oracle Database as a Service

 

 

Follow us on Twitter:

 

 

EMCOracle.jpeg.jpg

 

 

EMC Store:

EMCStore.png

Learn more about EMC Hybrid Cloud in the EMC Store.

B1LTZJHIEAAflPS.png


A Technical Overview of EMC Hybrid Cloud Solution and Security Management

 

In this third part of my overview blog posts on the EMC Hybrid Cloud solution, here I will focus on Security Management and the components that promote security and compliance.

 

From my earlier blogs, you will have come to understand that the EMC Hybrid Cloud solution integrates the best of EMC and VMware products and services and empowers IT organizations to accelerate implementation and adoption of a hybrid cloud, while still enabling customer choice for the compute and networking infrastructures within the data center.

 

The transition from either a physical or a partially virtualized infrastructure to a full hybrid cloud enables a transformative approach to providing security. While many of the same threats to physical environments still exist in the hybrid cloud model, there are new ways to mitigate those threats by using the powerful capabilities of the EMC Hybrid Cloud. Network segments and boundaries become more flexible as switches, routers, and load balancers can be provisioned as needed to ensure dynamically changing environments remain secure, no longer dependent on hardware procurement or provisioning.

 

EMC Hybrid Cloud takes advantage of the strong integration between EMC technologies and the VMware vCloud Suite. The solution, developed by EMC and VMware product and services teams includes EMC scalable storage arrays, integrated EMC and VMware monitoring, VMware software-defined networking and security, and data protection suites to provide the foundation for enabling cloud services within the customer environment.

 

EHC Components-500.png

 

The product components most relevant to addressing security and compliance requirements and controls are discussed below.

 

VMware vCloud Automation Center (vCAC) enables customized, self-service provisioning and lifecycle management of cloud services that comply with established business policies. vCAC provides a secure portal where authorized administrators, developers, and business users can request new IT services and manage existing computer resources from predefined user-specific menus.

 

VMware vCloud Networking and Security (vCNS) is a software-defined networking and security solution that enhances operational efficiency, unlocks agility, and enables extensibility to rapidly respond to business needs. It provides a broad range of services in a single solution, including virtual firewall, virtual private network (VPN), load balancing, and VXLAN-extended networks.

 

An alternative deployment option to vCNS is VMware NSX for vSphere. NSX is the next generation of software-defined network virtualization and offers additional functionality and improved performance over vCNS. This additional functionality includes distributed logical routing, distributed firewalling, logical load balancing, and support for routing protocols such as Border Gateway Protocol (BGP), Intermediate System to Intermediate System (IS-IS), and Open Shortest Path First (OSPF). Where workloads on different subnets share the same host, the distributed logical router (DLR) optimizes traffic flows by routing locally. This enables substantial performance improvements in throughput, with distributed logical routing and firewalling providing line-rate performance distributed across many hosts instead of being limited to a single virtual machine or physical host. NSX also introduces Service Composer, which integrates with third-party security services.

 

VMware vCenter Configuration Manager automates configuration and compliance management across your virtual, physical, and cloud environments, assessing them for operational and security compliance. It automates critical configuration and compliance management tasks, and supports configuration management across virtual and physical servers, VMware infrastructure, and multiple operating systems.

 

In addition, vCenter Configuration Manager integrates with vSphere to deliver the fundamental capabilities that support VMware infrastructure hardening, including deep configuration data collection, change tracking, and compliance assessment. Visibility into your compliance posture is provided through access to compliance toolkits that cover a broad range of standards, including security best practices, vendor-hardening guidelines and regulatory mandates.

 

Multitenancy and secure separation requirements in a cloud environment can range from shared, open resources to completely isolated resources, secure from any access. The EMC Hybrid Cloud solution provides the ability to enforce physical and virtual separation for multitenancy, offering different levels of security to meet business, security policy, and/or regulatory compliance requirements. This separation can encompass network, compute, and storage resources, to ensure appropriate security and performance for each tenant.

 

The solution supports secure multitenancy through vCAC role-based access control (RBAC), enabling vCAC roles to be mapped to Active Directory groups. vCAC uses existing authentication and business groupings. The self-service portal shows only specific views, functions, and operations based on the role within the business.

 

Physical resource separation can be achieved in vCAC to isolate tenant resources or to isolate and contain compute resources for licensing purposes, for example, Oracle. Virtual resource separation can be achieved between and within resource groups, depending on the level of separation required.

 

Virtualized compute resources within the hybrid cloud are objects inherited from the vSphere endpoint, most commonly representing VMware vSphere ESXi hosts, host clusters, or resource pools. Compute resources can be configured at the vSphere layer to ensure physical and logical separation of resources between functional environments such as Production and Test and Development (Test/Dev).

 

Valid concerns exist around information leakage and “nosy neighbors” on a shared network infrastructure. Consumers of the provisioned resources need to operate in an isolated environment and benefit from infrastructure standardization. To address these concerns, this solution has been designed for multitenancy.


This was approached from a defense-in-depth perspective, which is demonstrated through:

  • Implementing virtual local area networks (VLANs) to enable isolation at Layer 2 in the cloud management platform and where the solution intersects with the physical network
  • Using VXLAN overlay networks to segment tenant and business group traffic flows
  • Integrating with firewalls functioning at the hypervisor level to protect virtualized applications and enabling security policy enforcement in a consistent fashion throughout the solution
  • Deploying provider and business group edge firewalls to protect the business group and tenant perimeters

 

EMC’s Enterprise Hybrid Cloud enables customers to enhance security by establishing a hardened security baseline across the hardware and software stacks that support their EMC Hybrid Cloud infrastructure. The solution helps to reduce concerns around the complexities of the underlying infrastructure by demonstrating how to tightly integrate an as-a-service solution stack with public key infrastructure (PKI) and a common authentication directory to provide centralized administration and tighter control over security.

 

The solution addresses the challenges of securing authentication and configuration management to aid compliance with industry and regulatory standards through:

  • Securing the infrastructure by integrating with a PKI to provide authenticity, non-repudiation, and confidentiality
  • Converging the various authentication sources into a single directory to enable a centralized point of administration and policy enforcement
  • Using configuration management tools to generate infrastructure reports for audit and compliance purposes

 

Comments / Questions

Filter Blog

By date:
By tag: