1 Go to View/Master/Slide Master to type in header Propelling Business Growth With A Secure And Continuous Information Infrastructure Jon Murray

Go to View/Master/Slide Master to type in header

1

Propelling Business Growth With A Secure And Continuous Information Infrastructure

Jon Murray


2

Information: Change in Multiple Dimensions

informationgrowth

informationtypes

informationuses

information regulations

more regulations:SEC 17a-4, NASD 3010,Sarbanes-Oxley, Basel II, UK Metadata, eSign Act, 21 CFR Part 11

(more coming!)

more growth:information stored on disk arrays growing ~60% in 2006

more uses:ERP, CRM, RFID, collaboration, data mining, discovery …

more types:transactions, documents, forms, web, images, voice, messages, reports ...


3

Customers’ Information Storage andManagement Challenges

CIO’s Dilemma:How to manage all the information

growth with limited resources?

Information stored on disk arrays ~ 70%

IT budget growth ~ 4 - 5%

IT environment getting more complex

SLA’s continue to expand and tighten

Protection and security increasingly important


4

2006 Technology Spending Priorities–CIO Survey

Source: Morgan Stanley November CIO Survey, Jan. 3, 2006

1. Security (Software)

2. Security (HW & Services)

3. Storage Area Networks

4. Wireless LAN (access points & routers)

5. Storage Software

6. Portal Software

7. VOIP Infrastructure

8. IT Education and Training

9. Storage Hardware10. Business Intelligence Software

11.Wireless LAN (clients)

12.New Custom Development

13.Routing

14.Systems Management Software

15.Application Integration Software

16.Notebook PCs

17.Document Management Software

18.Automated Testing Tool

19.Microsoft Office Upgrade

20.Application Software Server

45.Mainframe hardware

46.Printers


5

Security TodayAn Amalgamation of Point Products Across IT

Antivirus

Anitvirus

VPN Encryption

Authentication WebFiltering Authentication

ThreatDetection

Change/PatchManagement

LAN

Clients Servers

SAN

Disk Storage

Tape

Spyware

Firewall

Digital RightsManagement

Encryption

VaultRecovery

Management

Authentication


6

Today’s Approach: Secure the Perimeter


7

Security Tomorrow: Protect the Information


8

Security Must Become Information-Centric

Information-centric Security– An inside-out view of how to secure information

Begins with securing the data itself Moves out through layers of

increasingly intelligent infrastructure Relies on our ability to leverage

the interaction between data andinfrastructure

Important Technology• Data-level access control• Open policy decision points• Enforcement at point of use


9

Information Security (Confidentiality)

InformationSecurity

InformationSecurity

InformationAvailability

InformationAvailability

InformationConfidentiality

InformationConfidentiality

InformationIntegrity

InformationIntegrity

EMC’s Heritage

Protectionand

A Natural and Requested Evolution of EMC’s Data Protection Capabilities


10

EMC’s Security Efforts to Date

• CEO-level Mandate• Information Security Leadership Team• Company-wide Goals and Objectives

• Security-related Workshops, Assessments• EMC Vulnerability Alert Service• Documentum Trusted Content Services• EMC Secure Remote Support

• Data Erasure Service• DRM for ECM• Software-native Encryption

– Retrospect and NetWorker• Data Encryption through EMC Select

Dedicated FocusDedicated Focus

Security of OfferingSecurity of Offering

Comprehensive Information Protection

Comprehensive Information Protection


11

ID and AccessManagement

Threat Management

Encryption

Secure Content

Vulnerability Management

EMC Security Mission

Applications Information PeopleSystems

Security Services

PatchingVulnerability Assessment

Security Risk Management

Security ConfigurationSecurity Event Management / Managed Security

Intrusion Detect / PreventFirewall / VPN

Threat AppliancesAnti-Virus/Malware

Secure MessagingWeb Filtering

EncryptionFile / Database Security

Digital Rights Mgmt

AuthenticationAuthentication Mgmt

AuthenticationAuthentication Mgmt

Provisioning

End-to-End Information Security Management

EMC ISM


12

EMC’s Information-Centric Approach to Security

EMC Strategy Expose key native capabilities Repurpose existing technologies for security “use cases” Develop new products, solutions, and service offerings Partner and acquire to complete portfolio

12

Information Security Management (ISM) Information Security is an end-to-end challenge To be most effective, security capabilities must be integrated

with the information infrastructure All security offerings need to be interoperable and open


13

EMC RetrospectEMC Networker

EMC Secure Remote SupportEMC Documentum Trusted Content Services

VMware Assured Computing EnvironmentDigital Rights Management (with partners)

What is Happening with Information Security

?Hard to know where to start

definerequirements

establishservices catalog

identify gaps

createplan

monitoreffectiveness

hardwareNeoScale

DecruKasten ChaseCipheroptics

softwareStorage Security Assessment Service

SAN Security Best PracticesNAS Security Best Practices

Data Erasure Services

services


14

Secure Content Management

ACLs

MACL

EAL4

Common Criteria Testing 2

Trusted Content Services

Information Object


15

ESG Strategy for Enterprise Archiving

Retain

Migrate

Discover

Common Archiving Record and Storage (CARS)

Secure, scalable, and unified archive for all types of content

Rich Media

Email / IM

Desktop &File System

SharePoint

WebPaper

Applications& Reports

Classify


16

New Architecture for Backup, Recovery, and Archive

Extract valuable information to archive– Increases performance of production applications– Improves TCO through use of tiered storage– Recovers capacity on Tier 1 resources

Back up active production information– Backup window reduced or eliminated– Higher reliability, greater likelihood of full backups

Retrieve from archive or recover from backup– Restore requests are faster– Information that was once offline is now online via archive

ŽŒ

ŽArchiveprocess

Recoveryprocess Production


17

Backup and Archive are Different

Backup ArchiveA secondary copy of information Primary copy of information

Used for recovery operations Available for information retrieval

Improves availability by enabling application to be restored to point intime

Adds operational efficiencies by moving fixed / unstructured content out of operational environment

Typically short-term (weeks or months) Typically long-term (months, years, or decades)

Data typically overwritten on periodic basis (e.g., monthly)

Data typically maintained for analysis, value generation, or compliance

Not for regulatory compliance— though some are forced to use

Useful for compliance and should take into account information-retention policy


18

Continuity

Reduce Total Cost Improve Business Value

Minimize under-protection Flexibility to change Improving productivity

Eliminate over-protection Simplified environment Consolidated continuity


19

Continuity Challenge: The Common Current State

Notprotected

Under-protected

Different requirementsDifferent technologiesDifferent processes

Over-protected

Continuity Issues Survive a disaster

Achieve high availability

Prevent data corruption

Non-disruptively upgrade software and/or hardware

Do parallel processing

Move and migrate data

Restart the enterprise

Protect remote data sites

Shorten backup and restore times

Contain costs

Cannot add resources

Pain Points Inconsistent service levels

Gaps in coverage

Growth in complexity and effort

Growth in cost and risk to the business

Continuity Defined: Ensuring applications and data are available during planned and unplanned outages.


20

CDP to Disk

SECONDSHOURS/

MINUTES

Backup to Disk

Backup to Tape

DAYS/HOURS

Snap / Clone

MINUTES/SECONDS

Op

erat

ion

alE

ffe

ctiv

ene

ss

Decreased Recovery Time /Increased Recovery Point Granularity

Information Protection is Evolving Beyond Tape Backup…

Replication

< SECONDS

Common Recovery Management ServicesAutomated and Simplified Management Disaster Recovery, Operational

Recovery, and Testing/Migration

Common Recovery Management ServicesAutomated and Simplified Management Disaster Recovery, Operational

Recovery, and Testing/Migration

omallm2

MAke sure that the common recovery block is bright -- not black.

omallm2

Dave needs to emphasize the unique nature of the CRMS offering -- joining disparate recovery technologies into a single tool.


21

Products and Technologies

PlatformLocal Remote

SAN

Backup Recovery

SAN

Remote Information

Remote processing

Clustering across site with Storage DR aware

Multi-site

SAN


22

Products and Technologies

Platform Storage,

switch, and server

protection

BackupFrequent, consistent,

non-disruptive backups

RecoveryQuick,

accurate, predictable recovery

Remote Information

All critical data safe at remote

location

Remote processing Automatic processing resumption: “lights out”

Multi-siteIncreasing distance improves protection

Local Remote

Information Protection & Recovery

SRDF FamilyMirrorView

AutoStart Family

TimeFinder FamilySnapView

EMC SnapSurePowerPath

NetWorkerCelerra Replicator

RepliStor


23

Getting Started: Sample Customer Requirements PlanService Level Bronze Silver Gold Platinum

Service Class Non-critical Business urgent Business-critical Mission-critical

Site Type Warm site Hot site Standby site (manual failover)

Standby site (automatic failover)

RTO +/- <72 hours up to (+/-) <5 days +/- 24 hours up to (+/-) 3 days +/- 6 hours up to (+/-) 12 hours +/- 1 hours up to (+/-) 3 hours

RPO +/- 24 hours up to (+/-) 3 days +/- 24 hours up to (+/-) 3 days Sync = 0 data loss Async = acceptable data loss*(Potential for 0 data loss for

Async)

Sync = 0 data loss Async = acceptable data

loss

Recovery Service OS: restored from tape and validated

Application: restored from tape and validated

Data: restored from tape and validated

Connectivity: restored and validated

Redundancy of data: recover lost transaction and validate

Redundant site: ready (warm site)

Recovery plans: ready

OS: restored from tape and validated

Application: restored from tape and validated

Data: restored from tape and validated

Connectivity: restored and validated

Redundancy of data: recover lost transaction and validate

OS: ready Application: ready Data: ready Connectivity: repoint network Redundancy of data: store

and forward, tape back up of site

Recovery plans: ready Testing: quarterly after

significant

OS: ready Application: ready Data: ready Connectivity: repoint

network Redundancy of data: store

and forward, tape backup of site

Redundant site: ready Recovery plans: ready Testing: quarterly after

significant

Application Type Desktop applications Corporate tax systems Travel systems Human resources

Some desktop applications Corporate tax system Travel systems Payroll Document imaging

Accounting systems (ERP) Inventory control /

distribution Credit card processing Cash management

Accounting systems (ERP) Inventory control /

distribution Credit card processing Cash management


24

Customer Needs

“Not all information is created equal”

Tiered Storage that Is Optimized for Business Requirements

Budget Capacity Availability CompliancePerformanceBusiness Applications

ERP

CRM

Exchange

Archive


25

EMC RetrospectEMC Networker

EMC Secure Remote SupportEMC Documentum Trusted Content Services

VMware Assured Computing EnvironmentDigital Rights Management (with partners)

What is Happening with Information Security

?define

requirementsestablish

services catalogidentify

gapscreate

planmonitor

effectiveness

hardwareNeoScale

DecruKasten ChaseCipheroptics

softwareStorage Security Assessment Service

SAN Security Best PracticesNAS Security Best Practices

Data Erasure Services

services

where to start


26

Building a Next-Generation Information Infrastructure

Information protection and security

InformationLifecycle

ManagementFlexible

infrastructure

Next-Generation

InformationInfrastructure


27

Documents

1 Go to View/Master/Slide Master to type in header Propelling Business Growth With A Secure And Continuous Information Infrastructure Jon Murray