This chalktalk begins by demystifying the terminology around cloud computing architectures and examines the types of enterprise projects that are most commmonly being deployed to the cloud. You'll then learn the advantages of a unique solution that leverages identity information and policy information inside your enterprise Active Directory to automate security and management of Linux-based cloud servers. For additional reading, see our Cloud Security Step by Step guide.

 

Running Time: 25 minutes

 

Speaker
David McNeely, Director, Product Management

 

Moderator
Frank Cabri, Vice President, Marketing & Business Development

 

Topics Covered

  • Demystifying the terminology around cloud computing architectures: intrastructure as a service (IAAS), platform as a service (PAAS) and software as a service (SAAS)
  • The types of enterprise projects that are being deployed in the cloud
  • How to set up your internal and DMZ-based Active Directory forests to enable centralized management of Linux-based cloud servers
  • The role that IPsec and Centrify DirectSecure plays in securing Active Directory in the DMZ
  • The different ways in which cloud servers can be joined to Active Directory, including through the cloud-enabled Centrify DeploymentManager console and preloaded server templates
  • The need for auditing user activity to ensure that cloud systems are being accessed only by authorized users and how Centrify DirectAudit improves over traditional log analysis solutions
  • Leveraging the power of Active Directory for efficient centralized, group-based management of resources

 

IBM System z mainframes enable organizations to run hundreds or even thousands of virtualized Linux systems. But organizations are finding that, to achieve maximum costs savings, they also need a cost-effective way to centrally secure and configure these virtual systems, which are frequently used to host business-critical applications. In this chalktalk you'll learn how IBM has implemented Linux virtualization on System z and how Centrify addresses these unique security and configuration issues.

 

Running Time: 25 minutes

 

Speaker
Corey Williams, Director, Product Management

 

Moderator
Frank Cabri, VP, Marketing

 

Topics Covered

  • An overview of the IBM System z platform, including a discussion of how its s390-based Integrated Facility for Linux (IFL) is used with the z/VM hypervisor to host hundreds or even thousands of guest systems running SUSE Enterprise Linux or Red Hat Enterprise Linux
  • The move to Linux on System z and how the ease of spinning up new Linux workloads leads to a proliferation of systems
  • The corresponding security challenges that arise in situations where each of the many virtual systems, based on the application it is running, has different needs in terms of who should be able to access it and what they can do
  • The advantages of leveraging Active Directory's existing repository of enterprise identities to centrally manage administrative access rights and privileges versus individually managing each virtual guest
  • The advantages of the Centrify solution, which enables IT managers to use familiar Windows-based tools and processes to manage a wide variety of UNIX, Linux and Mac systems without needing detailed domain knowledge of each system
  • How Centrify Zones can be used to logically group guest systems so each can have a distinct set of users, administators and policies
  • How the Centrify Suite gives you a global view of the access controls and user audit logs that encompasses not only Linux systems on System z but other virtual or physical UNIX, Linux and Mac systems as well
  • Compliance-driven reasons for using Centrify's solution for detailed logging of user activity on UNIX and Linux for monitoring and reporting
  • Using the Windows Group Policy for UNIX and Linux feature with Centrify to apply centrally define and distribute consistent configuration and security policies across heterogeneous systems
  • Using the Centrify Suite's built-in role-based privilege management solution for UNIX and Linux to control what users can do on each system
  • How a large financial institution was able to expand their computing capability while reducing overhead by adopting System z-based virtualization coupled with centralized management using the Centrify Suite.

 

Hardware-level virtualization has unique benefits and continues to be popular even as software-based virtualization solutions such as VMware ESX gain in popularity. In this chalktalk you'll learn how Oracle's Solaris operating system implements virtualization via its container and zone technology. It includes a discussion of the unique challenges of securing the host and guest environments, and the benefits of centrally securing and managing them by leveraging your existing Microsoft Active Directory.

 

Running Time: 19 minutes

 

Speaker
David McNeely, Director, Product Management

 

Moderator

Frank Cabri, VP, Marketing

 

Topics Covered

  • An overview of how operating system vendors such as HP, IBM and Oracle have approached virtualization
  • The benefits of hardware-level virtualization
  • An overview of how Solaris containers support virtualization
  • Security best practices for securing the underlying operating system using Microsoft Active Directory identities
  • Methodology for using Centrify Zones to manage and secure the individual guest systems, which may be owned by separate departments or other groups within an organization
  • Comparing Solaris's native management tools with Active Directory-based security in a heterogeneous environment
  • How the Centrify Suite gives you a global view of the access controls and user audit logs that encompasses not only Solaris zones but other systems as well
  • The architecture of a Solaris system hosting multiple Solaris zones
  • How Centrify Zones can be used not only to isolate the host system from the guests but to also logically group guest systems so each can have a distinct set of users, administators and policies
  • Using Centrify DirectAuthorize to enable departmental admins to manage their own systems without giving them elevated privileges on the host or access to other guests

 
VMware ESX is a popular platform for organizations that are migrating from a physical to a virtual computing environment. While vendors like VMware provide administrative tools for managing their virtualization software, security and compliance gaps may still exist for organizations that have not secured access to the underlying operating system on the host machine. This Centrify chalktalk covers best practices for securing VMware ESX host systems by locking down administrative access and controlling administrator privileges. It also describes how the Centrify Suite combined with Microsoft Active Directory can be used to segregate guest systems and delegate administrative duties for the various business owners.

 

Running Time: 21 minutes

 

Speaker
David McNeely, Director, Product Management

 

Moderator
Frank Cabri, VP, Marketing

 

Topics Covered

  • An overview of how authentication works in a VMware environment
  • The various access methods and administrative interfaces that IT managers can use to access a VMware host
  • Security gaps that exist given the variety of access methods, particularly around the VMware host's root account
  • How to lock down a VMware host through centrally controlled Active Directory accounts and shut down root access
  • Segregating groups of guest systems for different business owners and best practices for delegating administrative duties
  • How Centrify's solution adds additional security protection over the native VMware administrative tools
  • Auditing administrative sessions on VMware host systems
  • How Centrify's patented Zone technology provides an easy and secure way to enforce separation of administrative duties for administrators of virtual guests
  • How security changes as servers begin to migrate from a physical to a virtual infrastructure

Showing results for 
Search instead for 
Do you mean 
Labels
Leaderboard

Community Control Panel