Cloud Computing IICloud Infrastructures and Cloud Security

Clou

d Co

mpu

ting

II

The course at hand provides an excellent insight into the cloud infrastructures ofmodern data centers. It explains which technologies are used to set up theseinfrastructures and which components have to be implemented to ensure thatthe solution complies with state-of-the-art security requirements. The seminardeals with topics like management and monitoring, as well as with the technicalrequirements to be met by the customer to enter the cloud. The specificimplementation is explained with the help of market-leading products. Thecourse provides the student with a holistic overview and a solid know-howbasis on the topic of cloud infrastructures and shows in a preview how datacenters and cloud architectures will change in the course of the next years.

Course ContentsDriving Forces for the Setup of Cloud InfrastructuresServer and Desktop Virtualization VMware, Microsoft, XEN, KVM, and DockerModern Data Center Design and Technological DevelopmentsFabricPath, SDN, OpenFlow, Cisco ACI, VMware NSX, VXLAN, and NFVVirtual SAN Infrastructures: Brocade and CiscoStorage Development: Object Storage, Software-Defined Storage, and SAN SecuritySoftware-defined Data Center (SDDC) Architecture and Implementation VariantsvCloud Suite and OpenStackInnovative Server and Overall Solutions, as well as Hyper-convergent SystemsCloud Security—Introduction and Setup (ISO 27001, BSI)Security in LAN and SAN, Security of Applications and Databases, VM-to-VM SecurityWeb Access and Web Services in Cloud InfrastructuresDemands Made on the WAN and Possible PitfallsTransition Phase and Possible Pitfalls

E-Book Each participant will receive the comprehensive course documentation of theExperTeach Networking series in German language. The course documentation is alsoavailable as ExperTeach e-book.

Target GroupThe course at hand addresses technicians and pre-sales staff concerned with the setup ofcloud infrastructures and/or cloud security.

Knowledge PrerequisitesThe students should have a basic networking and IT know-how.

Dat

a Ce

nter

&St

orag

e

5 Days € 2,595 exclusive of V.A.T.

Course Date/Location Course language German

07/23-07/27/18 München07/23-07/27/18 Wien

11/19-11/23/18 Hamburg03/18-03/22/19 Frankfurt

Status 04/08/2018 CC02

Reservation and RegistrationReserve your course at the required date free ofcharge and in a non-binding way! We will reserve aplace for you for the duration of 7 days. You candirectly make this reservation, as well as a bindingcourse booking on our Web site. Alternatively, youcan simply call us under: + 49 06074 4868-0.

Guaranteed Course DatesYou can find all current course dates directly underthe link: www.experteach-training.com/go/CC02

Alternativly, you can use the QRcode at the left to open this URL.

Please check our website for theguaranteed course dates. These

are indicated via the symbol

Your Tailor-Made CourseYou want to attend this course, but with contentsthat are customized to your individual demands? Wecreate advanced training programs for your projectwhich fit your requirements precisely.

Hamburg

Frankfurt/Dietzenbach

MunichVienna

Breda

Berlin

Nuremberg

Utrecht

Duesseldorf

Bonn

KarlsruheStuttgart

Ulm

Zurich

PartnerTrainingCenter

ExperTeachTrainingCenter

Table of ContentsCloud Computing II – Cloud Infrastructures and Cloud Security

11.11.21.2.11.2.21.2.31.2.41.2.51.2.61.2.71.2.81.31.41.51.61.6.11.6.21.71.81.91.9.11.9.21.9.31.9.41.9.51.9.61.10

22.12.22.32.3.12.3.22.3.32.3.42.3.52.3.62.42.52.5.12.62.72.82.8.12.8.22.8.32.8.42.8.52.92.102.112.122.12.12.12.22.12.32.12.42.132.142.14.1

33.13.2

Cloud ComputingSetup of ApplicationsThe Motivation from the Viewpoint of the CustomerBusiness AvailabilityFrom Fixed to Variable CostsAgile InfrastructureTechnologically Always Sate-of-the-ArtHigh Utilization of Resources and Energy EfficiencyHigh Performance, Availability, and Service QualitySecurity and ComplianceCost Reduction and Time SavingsTypical ObjectionsGrowth Market Cloud ComputingVirtualization as an Enabler for Cloud ComputingCloud ComputingService Models of Cloud ComputingVarious Cloud VariantsChallenges of Cloud ComputingSecurity in Cloud ComputingServices from the CloudTypical ServicesAmazon and Salesforce.comPublic Clouds: GoogleSAPMicrosoftIBM Cloud Services and LotusLiveGrid Computing

Server and Desktop VirtualizationBusiness Requirements Made on ITServer CentralizationServer Virtualization, Consolidation, and AutomationAdvantage: Faster ProvisioningAdvantage: AutomationAdvantage: ConsolidationAdvantage: PoolingAdvantage: High AvailabilityAdvantage: Green ITVMware, KVM, Xen, and Hyper-V in ComparisonServer Virtualization by Means of VMwareDevelopmentThe vSphere Product RangeHyper-V 3.0Fields of Application and BenefitsVirtual NetworksChallenges for Network ConfigurationVMotionDistributed Resource Scheduling (DRS)High Availability (HA) and Fault Tolerance (FT)The Software-Defined Data CenterServer Hardware and SoftwareSpecial Features on the Sectors Network, Server, and MemoryThe Network in the Course of ChangeFabricPathOverlay Transport Virtualization—OTVExample: VCS by BrocadeThe Switch on the ServerVirtual Desktop InfrastructureSecurity in Virtual EnvironmentsCisco Virtual Security Gateway—VSG

Unified Computing System—UCSThe Server MarketThe Unified Computing System

3.33.43.4.13.4.23.4.33.4.43.4.53.4.63.4.73.53.63.6.13.6.23.6.33.73.83.93.103.113.123.133.143.14.13.14.23.14.33.14.43.14.53.14.63.14.73.14.83.14.93.14.103.14.113.15

44.14.1.14.24.2.14.2.24.2.34.34.44.4.14.4.24.4.34.4.44.4.54.4.64.4.74.4.84.54.64.74.84.94.104.114.11.14.11.24.11.34.11.44.12

The Cisco UCS C SeriesThe Cisco UCS B SeriesChassisPower SuppliesBlade ServerMezzanine AdapterI/O Modules (IOM)Fabric InterconnectUCS ManagerAdded Value of the Unified Computing SystemAll-in SolutionsFlexPod—Cisco and NetAppVblockEMC VSPEXCisco VXI InfrastructureDesign Scenarios with UCSHP c-Class SeriesIBM BladeCenterDellManagement Server AreaApplication Security in Cloud EnvironmentsThe Term ProxyExplicit ProxiesTransparent ProxiesReverse ProxiesGeneric ProxiesApplication Layer GatewaysWorking ModeLimitationsWeb ProxiesAuthentication at the FirewallThe Server EndThe Client EndMail Relays

Storage Consolidation and VirtualizationSignificance of the Data Storage UnitDirect Attached StorageNetwork StorageNetwork-Attached StorageStorage Area NetworksNFS, iSCSI, FC, and FCoE in ComparisonStorage Consolidation and Data DeduplicationStorage VirtualizationHost-Based Virtualization—LVMHost-Based Virtualization—Storage Meta-Data ServerServer-Based Storage APIsStorage-System-Based VirtualizationDistributed Modular Array VirtualizationNetwork-Based VirtualizationVirtualization AppliancesDecisive Points in the Selection of Virtualization TechnologiesStorage Virtualization—Vendor OverviewFCoE and CompetitorsThe Storage MarketCisco Products and PositioningBrocade Products and PositioningIntroduction to SAN SecurityMyths and AssumptionsIsolated EnvironmentSecurity by ObscurityTapping of Fibre ChannelDelivered SecuritySecurity in the Fabric

4.12.14.12.24.12.34.12.44.12.54.12.64.12.7

55.15.25.35.45.55.65.75.85.95.105.10.15.10.25.10.35.10.45.10.55.115.11.15.11.25.11.35.11.45.11.55.11.65.11.75.11.85.11.95.11.105.11.115.11.125.11.135.11.145.11.155.11.16

66.16.26.36.3.16.3.26.46.56.66.6.16.6.26.76.7.16.7.26.7.36.7.46.7.5

Security at the Storage UnitAdvanced Security Features in the SANNPIV and NPVUnified Fabric Data CenterBrocade: Virtual FabricsThe Cisco Cloud Story for the SANVSAN Concept

Modern Data Center DesignClassic Network Virtualization MethodsData Center Network DesignData Center InfrastructureAccess Layer DesignService VirtualizationAggregation Layer DesignData Center Core Layer DesignWDM between Data CentersUnified FabricCurrent ChangesSecurity in the Data CenterManufacturersHPBrocadeCiscoCloud Security—InfrastructureData Center Edge SecurityData Center Core SecurityThe Technologies in an OverviewProtection of Management Access and Control PlaneProtection of the Data PlaneQuality of ServiceLink Encryption According to IEEE 802.1AE and Cisco TrustSecVirtual Switches: Example of Cisco VDCsMPLS or VRF Lite for Separate NetworksSecurity on the Aggregation LayerData Center ServicesSecurity in the Access AreaIEEE 802.1XDHCP SnoopingDynamic ARP InspectionIP Source Guard

Management Access to the CloudCloud Security—Organizational AspectsPhysical Access ProtectionUser Accounts and PasswordsDefault ParametersCentral User AdministrationInformation on User ActivityAccess via CLIAccess with SNMPSNMPv1 and SNMPv2cSNMP v3Cloud Management ToolsScenario of a Cloud NMS StructureNetwork Management SystemsElement Manger—e.g. vCenter Server by VMwareElement Manager—Cisco UCS ManagerEnd-to-End Management—e.g. BMC BladeLogic

ExperTeach GmbHWaldstraße 94 • D-63128 Dietzenbach • Phone +49 6074 4868-0 • Fax +49 6074 4868-109info@experteach.de • www.experteach.de

© ExperTeach GmbH, all specifications made are exempted from liability, 04/08/2018