BuildingIT

with

SoftwareDefinedEverything SDx

About Us
ValueAddedDistributorforMiddle
East&India
PartnershipwithemergingTechnology
Vendors
VisionforSoftwareDefinedData
Center(SDDC)
AdvancedCyberSecurity

Our Value
SolutionStackforSDDC
StackforEndUserComputing
DomainExpertise&Customer
ExperienceCenter
Sales,PreSales,Implementation
Support
Training

Background

Verticals

Founded:2010

FinancialServices

Offices:UAE&India

Government&Defense

Investors:PrivatelyFunded

ServiceProvider
Energy&Utilities
Education

RealityCheck:WhattheITdecisionmakerisdealingwith
OrganizationpressureonIT

Needs

Digitaltransformation
IT=Business
Amazonlike experience

Reduction ofComplexity
Agility &Speed
Adaptability
Proactive analytics
Simplification
Process
Ecosystem
SLA
Payasyougrow
Flexibilty

Challenges

Scale &Complexity
TraditionalSiloedIT
Reactive measurements
Investmentsonfear
Controlled and measured on
costs
Vendor LockIn

ITChangeImpetus

LegacyInfrastructure ComplexityatEveryStep
DEPLOY
Deploymenttakesweeksto
months complex,big
footprint

BUY
Purchaseinbig
increments,incur
predictionrisk,
overprovision

SUPPORT
Multihopsupport,
lackofendtoend
visibility,firefighting

MANAGE
Multiplemanagement
panes,manual
operations
GROW
Difficulttoscale
quickly

WayforwardforaModernDataCenter
From
DesignedtoLast
to
DesignedtoChange

HowShouldInfrastructureBeDelivered?

Agile
Provisioninginhours,
notdaysorweeks

Secure
Privacyandcontrol
withoutsignificant
overhead

Simple
Nospecializedskills
requiredtooperate

Scaleout
Predictablecapacity
growthwith
consumptionbased
pricing

HowdoweArchitect?:DesignPrinciples
Offtheshelfx86servers
X86
X86
X86

AllIntelligenceinSoftware
ConvergedFunctionality
ScaleoutArchitecture
SelfHealingsystems
ConsumerGradeDesign
Richautomationandanalytics

InfrastructureLifecycleBenefits

BUY

DEPLOY

PayasYou
Grow

Rapid
Deployment

buyonlywhat
youneed,and
stopexpensive
overprovisioning

setupinminutes
forfasttimeto
value

MANAGE

Simplified
Management
singlepaneof
glasstomanageall
infrastructure

SCALE

SUPPORT

Incremental
Scalability

Onestop
Support

scaleondemandin
minutes,withzero
downtime

expertsupportfor
complete
infrastructurestack

IntroducingSoftwareDefinedEverything SDx Stack

ForBuilding
a

ModernSecureDataCenter

EVANSSIONSOLUTIONSTACKFOR SOFTWAREDEFINEDDATACENTER(SDDC)
HowdoIensureonlyrightidentitieshas
accesstorightresources?

Identity Security
HowdoIknowifIamtargetedusingadv.
malware&howtopreventit?

Advanced Threat Defense

HowdoIknowmyriskposture&howdoI
reducemyattacksurface?

Risk Analytics for Cyber Security

Secure Collaboration Cloud

HowdoIsecurelyshare&
collaborateanywhere&everywhere?

Cloud Management Software (Openstack, vRealize)

WhichCMSvendordoyouintegratewith?

Desktop Transformation (VMWare, Citrix, MS etc.)

HowdoIdelivermyapplicationsquickly&
efficiently?

Software Defined Application Services

Software Defined Networking (ACI, NSX etc.)

HowdoIgetvisibilityforEWtrafficand
howdoIsecuremyworkloads?

WhichSDNvendordoyouintegratewith?

Software Defined Security

Exchange

AD

SAP

Oracle

Others

Hypervisors AHV, ESXi, Hyper-V, KVM, Docker

HowdoIbuildmynextgenerationSoftware
DefinedDataCenter?
HowdoIenablebackup,dedupe,instant
recovery,replication&archival?

HowdoIdeliver&manageSecure
desktops?

Software Defined Compute & Storage

Converged Data Management Platform

WhatworkloadscanIrunonit?
WhathypervisorscanIrunonit?

TechnologyBrief

SoftwareDefinedCompute&Storage

TechnologyBrief Nutanix

VirtualizationChangesEverything

SAN/NAS
StorageNetwork

Centralized
Storage

VirtualizationChangesEverything

Complex tomanage
Costlytoscale

SAN/NAS
StorageNetwork

Centralized
Storage

Managedseparately from
virtualization
Difficult manual
finetuning
Performance bottleneck

ABetterApproach
Simple,Scaleout,Automagic

VirtualComputingPlatform
Compute

Compute+Storage
Simple,AffordableScaleOut,Automagic

Storage

BroadUseCaseSupport
Server
Virtualization

PrivateCloud
Initiatives

Desktop
Virtualization

BigData
Processing

Enterprise
BranchOffice

Hadoop

Branch
Services

Disaster
Recovery

Business
Continuit
y

16

TheNextgenerationofConvergence

PayAsYou
Grow
UnitofGrowth=
SingleNode

VCEsvBlock300

Cisco/NetApp
FlexPod

DellsvStart50
BabyCloud

17

SoftwareDefinedBackup&DR

TechnologyBrief Rubrik

BackupandRecovery:1990tothisday

a
BackupServer

BackupProxies

Replication

CatalogDB

DedupMetadata

BackupSoftware

MAGNETIC
MOUNTAIN
BackupStorage

TapeArchive

OffsiteStorage

BackupStorage

Costly,Complex,Unreliable&Inconvenient.ButNecessary
19

BackupandRecovery:1990tothisday
MeetRubrik
DataProtection.Simplified

a
BackupServer

BackupProxies

Replication

CatalogDB

DedupMetadata

BackupSoftware

MAGNETIC
MOUNTAIN

Rubrik eliminatesbackupsoftwarebyintegratingdeduplicated
storage,catalogmanagement,anddataorchestrationintoa
BackupStorage
TapeArchive
singlescaleoutfabric
BackupStorage
Costly,Complex,Unreliable&Inconvenient.ButNecessary
20

20

BackupandRecoveryRedefined
V
M

V
M

V
M

V
M

V
M

V
M

V
M

V
M

V
M

V
M

V
M

V
M

Hypervisor

SimplicityDelivered Rack
andGo

Hypervisor

VMD
K

VMD
K

VMD
K

VMD
K

VMD
K

DiscoveryWithoutAgents,
ScaleOutDedup &
Compress

VMD
K

RecoverAppsInstantly
VMD
K

VMD
K

VMD
K

VMD
K

VMD
K

VMD
K

SecureCloudArchive

PrimarySystem

GlobalIndexAcrossOn
premiseandCloud

GooglelikeSearchto
Recover

21

PrimaryDataCenter

Rubrik
SimplifiesYourDataCenter
YourDataCenterToday
V
M

V
M

V
M

V
M

V
M

V
M

DRSite/Offsite

ProductionServers

Hypervisor

BackupProxy
Diskbased
Backup

BackupServer

SAN

SearchServer

TapeArchive
OffsiteTapeArchive

22

PrimaryDataCenter

ExpandRubrik SimplicitytoDR
V
M

V
M

V
M

V
M

V
M

V
M

DRSite/Offsite

ProductionServers

Hypervisor

V
M

V
M

V
M

V
M

V
M

V
M

DRServers

Hypervisor

SAN

SAN

Rubrik
BackupSoftware+Dedupe Storage

Offsite
Disk
Backup
Replication+LongTerm
Retention

Swi
ft

23

PrimaryDataCenter

CompleteDataManagement
V
M

V
M

V
M

V
M

V
M

V
M

Test/Dev
Servers

V
M

V
M

V
M

V
M

V
M

V
M

Hypervisor

DRSite/Offsite

ProductionServers

Hypervisor

V
M

V
M

V
M

V
M

V
M

V
M

DRServers

Hypervisor

SAN

Rubrik
BackupSoftware+Dedupe Storage+AppDev

Rubrik
Replication&DR

Offsite+LongTerm
Retention

Swi
ft

24

SoftwareDefinedSecurity
DistributedDataCenterFirewallFabric
TechnologyBrief vArmour

TraditionalPerimeterSecurityDoesntSolvethisProblem

SingleInstanceFirewall

ChassisBasedFirewall

(whetherphysicalorvirtual)

Trafficengineeringchallenges
Performanceimpacts
Bottlenecking

Securitypoliciesdontscale
Performancebottlenecks
Managementheadaches

Solution:vArmours DistributedIntelligentFirewall

Visibility
Distributedsensorsacrossthecloud
FabricenablesasingleviewofallDCtraffic
East/WestcorrelatedwithNorth/South
Control
Scalablepolicycontrolatthetenantorindividual
workloadlevel
Securityenforcedwithinsecondsofworkload
placementormove
ThreatDefense
Detectandprotectagainstlateralmovementof
attackers
Usetimeseriesanalyticstopromoteorcondemn
everyflowonthenetworkinrealtime
Visibility,ControlandThreatDefense
oftheclouddatacenter

CyberDefenseAnalytics

ProtectingyourDataCenter:
Protectionfromlateralmovingthreats
Promoteorcondemneveryflowonthe
network
Integratedthreatremediation

vArmour Differentiation:
Physicallydistributed,logicallyone
Intrahypervisorvisibility rawpacketsyou
cantseetoday
Advancedanalyticsonnewdata

DNSMonitoring

NetworkTraps

Cloud
Correlation

VirtualNetwork
Sandbox

CloudThreat
Intelligence

vArmour EnforcementArchitecture

SoftwareDefinedNetworking

TechnologyBrief VMWareNSX

Bridging
TwoWorlds

TraditionalApproach

SoftwareDefined
DataCenterApproach

Network Virtualization
is at the core of an
SDDC approach

NonDisruptingDeployment

Virtualization layer
Network, storage, compute

Network Virtualization
is at the core of an
SDDC approach

NonDisruptingDeployment

Virtual Data Centers

Network hypervisor
Virtualization layer
Network, storage, compute

ThePowerofDistributedServices
Routing
Load Balancing

Switching

Firewalling/ACLs

Network and security services now

distributed in the hypervisor

ThePowerofDistributedServices
Routing
Load Balancing

High throughput rates

Switching
East-west firewalling
Firewalling/ACLs

Native platform capability

DRToday(simpleview)
PrimarySite

RecoverySite

SnapshotVM
4

ChangeIPAddress
Reconfig Security

10.0.20.21

10.0.10.21

3
SAN

Recover
theVM

Major
RTO
Impact

SAN

Step1&2
(e.g VMwareSRM)

10.0.10/24

PhysicalNetworkInfrastructure

2
Replicate
VM&Storage

10.0.20/24
PhysicalNetworkInfrastructure

36

DRwithNSXNetworkVirtualization(simpleview)
PrimarySite

RecoverySite

VirtualNetwork
10.0.30/24

VirtualNetwork
10.0.30/24

1
10.0.30.21

2b

SnapshotVM

Snapshot
Network&
Security
NSXController

Network&Security
alreadyexists

NSXController

SAN

3
Recover
theVM

10.0.30.21

80%
RTO

SAN

Step1&2
(e.g VMwareSRM)

10.0.10/24

PhysicalNetworkInfrastructure

2a
Replicate
VM&Storage

10.0.20/24
PhysicalNetworkInfrastructure

37

SoftwareDefinedApplicationDelivery

TechnologyBrief AVINetworks

WhatCustomersWant
Cloudlikescaleandefficiencyforsecurebusinessservices

WebScalePrinciples
Simplifywithcommodityx86
Softwarefirst
AutomationandSelfService
Instrumentedanddatadriven
Integratecloud

ChallengeswithTraditionalApplicationDelivery
Limitedbylackofautomationandflexibilityandhighcostoflegacyplatforms

TheProblem

TheImpact

LackofAutomation

Nocontinuousdelivery

DeviceProvisioning Months
AppProvisioning Weeks

Complex

Static

Box90sarchitecture(cloud??)
Lackofvisibility

Businessissloweddown
Cantempowerselfservice

Tiedtonetwork/infrastructure
CantreplicateAWSlike
simplicityandflexibility

Expensive
ProprietaryHardware

Overprovisioning

BeyondApplicationDeliveryandLoadBalancing
Flexible,agile,andsecureapplicationservicesoncommodityx86inanyenvironment

ValueonInvestment

LowTCOand
Flexibility

SinglePointofControl,
Multicloudsupport

Networkcentric
HW/SWADC
Appliance

Automation,Self
Service,PerAppLB

Visibilityand
Troubleshooting

Elasticityand
Responsiveness

Appcentric,securebydesign
FullfeaturedSWADCon
Commodityx86

ControlPlane
Architecture

IntegratedinAppDev
100%RESTAPI

RealtimeAnalytics

Autoscale

WhatThisEnables GoFromHere:

MultipleToolsandAppliances,StaticProvisioning
Networkbasedmonitoringtools
MonitoringFabrics
BigDataTools

LoadBalancers
SSL
FrontEndOptimization

DELIVER

WHAT?

ANALYZE

Application
Delivery

Visibility

APPS

HOW?

AUTOMATE

SCALE

SelfService

Elasticity

CustomScripts
AddonSoftwareproducts+Integration

Nosolution
Overbuildby10x

WhatThisEnables ToHere:

SelfServiceApplicationDeliveryandAnalytics
Networkbasedmonitoringtools
MonitoringFabrics
RealtimeMonitoring
BigDataTools

LoadBalancers
SSL
LoadBalancing
FrontEndOptimization
AppSecurity+SSL
AppAcceleration

ApplicationHealth

DELIVER

ANALYZE

Application
Delivery

WHAT?

EndUserExperience

Visibility

APPS

HOW?

Programmability/RESTAPIs

AUTOMATE

SCALE

SelfService

Elasticity

CloudIntegration
Multitenancy
CustomScripts
AddonSoftwareproducts+Integration

ScaleOutArchitecture
ClosedLoop
ScalewithoutComplexity
Nosolution
Overbuildby10x

Avis Technology HowWeDoIt

IntegratedPlatformforApplicationDeliveryandAnalytics

AviUI

SinglePointofVisibility
ApplicationandEnduserMonitoring
Googlelikesearchfornetworks

AviController

Centralpolicyrepository&analyticsengine
100%RESTAPI
SinglePointofAutomation
FulllifecyclemanagementofLoadBalancers

AviServiceEngines MicroLoadBalancers

AutoScaling
App/TenantIsolation
AppAffinity

Avi Networks BusinessBenefits

NoOverprovisioning Elasticity
HighAvailabilityIncluded
CentralManagement
ApporTenantlevelisolationbuilt
intoarchitecture
Integratedinline
monitoring/analytics

Reductioninticketresolutiontimes

Average34
hours

SelfService Applicationprovisioningtime

Weeksto
Seconds

Reductioninmanagementpoints

90%+

NewLoadBalancerProvisioningtime

Weeksto
Seconds

InlineAnalytics GetInsights,notData

NoAgentsandNoChangestotheNetwork

RealtimetrackingforEndUserExperience

Withoutagentsoranynetworktrafficmirroring/copying

SearchThroughNetworkTrafficinRealTime

Googlelikeexperience intuitivesearchbartogothroughlivetrafficto
app

RealTimeAnalyticsandClientInsights

Endtoendtransactionalvisibilityandtroubleshooting
Decrease
troubleshootingtime
SLAInsights
RealtimeClient
Intelligence

DesktopTransformation

TechnologyBrief

CloudManagementSoftware

TechnologyBrief VMWarevRealize

VMwaresCMPistheControlPlaneoftheSDDC
EndUserComputing
Applications
SOFTWAREDEFINEDDATACENTER

CloudManagementPlatform(CMP)
Automation
VMwarevRealize Suite
Operations
Compute

Network

VirtualizedInfrastructure

Business

Extensibility

Storage

HybridCloud
(Private/Public)

PhysicalInfrastructure

53

TwoKeyITOutcomesEnabledbyVMwaresCMP
AppandInfrastructure
DeliveryAutomation
Streamlineand
AutomatedDataCenter
Operations

DataCenter
Virtualizationand
HybridCloudExtensibility

Business
Mobility
SecurityControls
NativetoInfrastructure

HighAvailability
andResilient
Infrastructure

54

SecureDataCollaboration

TechnologyBrief WatchDox

CriticalUseCases
SECURE
EXTERNAL SHARING

SECURE FILE SYNC

SECURE EXISTING
RESPOSITORIES

Securely share with 3rd parties

Outside Council
Supply Chain / Vendors
Secure, enterprise-grade file sync
Sync files/folders across devices
Remote access
Externalize and Mobilize Repositories Securely
SharePoint, Network File Shares, Google Drive, Etc.
Integration in to proprietary applications

SECURE MOBILE
PRODUCTIVITY

Enable Mobile Workforce

Access/edit/annotate documents on mobile
BYOD: secure access on personal devices

SECURE LARGE FILE

TRANSFER

FTP Replacement
Simple, easy sharing of large files (10 GB)
Replace cumbersome, complex FTP

CommonGovernmentRequirements
MOBILE PRODUCTIVITY

INTERAGENCY SHARING

G2C FILE SHARING

LARGE FILE TRANSFER

Enable staff to work from any device

FIPS 140-2 certified encryption of files on every device
Mobile file editing, annotations, viewing and sharing
Remote wipe from any device
Collaborating across firewalls
Easy external collaboration, even from SharePoint and file shares
Protection against leaks and unauthorized forwarding
Share data containing PII with automatic encryption and DRM
Securely collaborate with citizens
Send and receive files containing PII with full tracking, revocation
Use APIs to pull from any repository, send link via email
Revoke access to documents after deal
Easy sharing via desktop client and browser
Simple and secure sharing of files (some large - 10 GB)
Prevent forwarding of information and revoke access if required

CommonEnergy&UtilityRequirements
JOINT VENTURES

FIELD REPORTS

EXTERNAL AUDIT
REPORTING

M&A / COMMERCIAL
TRANSACTIONS

LITIGATION / TRAIL
CASES

Protecting information during disasters

Collaborating with joint venture partners and contractors
Revoke information when project is complete
Remote access / mobile productivity
Capture data from remote locations on mobile devices
Securely synched folders
Regulated, non-public information
Share confidential, non-public documents with outside auditors
Compliance regulations (e.g. separation of information for
different divisions)
Securely collaborate with 3rd parties
Sharing spreadsheets, models, numbers, etc.
Control how files are used, who accessing them, when and where
Revoke access to documents after deal
Sharing to outside counsel
Simple and secure sharing of files (some large - 10 GB)
Prevent forwarding of information and revoke access after trial

MakingFilesSecure
True DRM
Embedded file protection
Control print, edit, copy/paste
Track and revoke on demand

PC/Mac/Web/Mobile
Enforce control on all devices
Trusted viewing
Dynamic watermarking

Existing Repositories
Protect in place
Connect without replication
Sync files with protection

IlluminateyourAttackSurface

TechnologyBrief SkyboxSecurity

Yourattacksurfacehasmanylayers
CheckPoint

SECURITYCONTROLS

Firewalls
IPS
VPNs

NETWORKTOPOLOGY

Routers
LoadBalancers
Switches

ASSETS

Servers
Workstations
Networks

VULNERABILITIES

Location
Criticality

THREATS

Hackers
Insiders
Worms

Skyboxgivesyouvisibilityandintelligence
192.170.34.0/24
db
192.170.33.1
ProdFW
192.170.33.0/24
dmz

192.170.35.0/24
app0

192.169.1.1
MainFW

0.0.0.0/0
Internet

200.160.1.0/24
Partner1

192.170.36.0/24
app1

200.160.1.3
Partner1FW

200.160.3.0/24
Partner1VPN

192.170.8.0/24
Backbone

192.170.8.1
MainRouter

192.169.1.0/28
GatewayEastA

200.160.2.0/24
Partner2

192.170.27.0/24
financeServers

192.170.8.4
CoreRouter

192.170.1.64/28
GatewayNorth

192.170.1.64
IPS

192.170.1.65
FinanceFW

192.170.26.0/24
financeUnix

192.170.25.0/24
financeWindows

192.170.27.254
BigIP LoadBalancer

192.170.1.80/28
GatewaySouth

192.170.27.1
CoreRouter

Automaticallycreated,interactive,normalizedmodel ofyournetwork

TM

skyboxsecurity.com

62

SecurityPolicyManagement

Model
Network

Analyze
Firewalls

Monitor
Compliance
Automated audits

Network
topologyview

Rule and
configuration checks

Normalizeddata
from90+vendors

Access path analysis

FISMA

Accesssimulation

Rule optimization

NERC

Change tracking

Understandnetwork
context

TM

Confirm
effectivecontrols

PCI DSS 3.0

Manage
RuleLifecycle
Change request
Tech details
Assess risks

NIST

Make change

Custom policies

Reconcile and verify

Document
compliance

Continuouslyverify
rulebase

skyboxsecurity.com

63

Vulnerability&ThreatManagement

Discover
Vulnerabilities

Analyze
AttackSurface

Scanless
vulnerability
detection

Hot spot analysis

Support for all

third-party VA
scanners

Compensating
controls

Vulnerability
intelligence feed

Samedayidentification

Attack simulation

Network context
Business impact

Highlightassets
atrisk

Prioritize
Response
Risk exposure
Customizable
security indicators
Attack vectors
Heat maps

Focusonareasof
greatestimpact

Remediate
&Track
Remediation
planning
Ticketing and
workflow
Dashboards and
reporting
Respond
quickly

skyboxsecurity.com

TM

64

Networkmodelvisualization

TM

skyboxsecurity.com

65

Networkpathanalysis(AccessAnalyzer)

AccessAnalyzertakesintoconsideration:

Routing
NAT
Firewall
rules(ACL)
VPN

TM

skyboxsecurity.com

66

ContinuousComplianceMonitoring
ComplianceAssessment
Automatedpolicycompliance
checks
PCIDSS,NIST,FISMANERC,Custom
Policies
Viewaccesspolicyviolations
Trackexceptions

TM

skyboxsecurity.com

67

ChangeManagementWorkflow

Request

Capture
business
and/or
technical
details

Technical
Details
Translate
Path
identification
Rule analysis

Risk
Assessment
Identify policy
violations &
Vulnerability
exposures
Accept/Reject

Implementation

Verification

Assign to
team for
provisionin
g

Reconcile
against
observed
changes
Verify
Access

SkyboxAnalyticsEngine
skyboxsecurity.
com

68

IdentityLifecycleManagement

TechnologyBrief DellIAM,Entrust

DellOne IdentityandAccessManagement
IdentityGovernance
Complete,businessdrivengovernance
Accessgovernance
Datagovernance
Privilegedaccountgovernance
Businessenabledaccessrequest
andfulfillment

AccessManagement

Attestationandrecertification
Roleengineering
Automatedenterpriseprovisioning
Identityunificationandprocess
orchestration
Contextawaresecurity

Dell
OneIdentity

Convenient,secureandcompliantaccess
Webaccessmanagement
Singlesignonandfederation
Directoryandidentityconsolidation,migrationand
management
Strongandadaptiveauthentication
Passwordmanagement

PrivilegedManagement

Understandandcontroladministratoractivity
Enterpriseprivilegesafe
Leastprivilegeaccess
Sessionmanagementandkeystrokelogging
ActiveDirectorybridge
Enforceseparationofduties(SoD)

EntrustMultiFactorAuthentication,PKI

AdvancedMalwareProtection

TechnologyBrief Cyphort

$58BSpentPerYearAndAttacksAreStillSuccessful
APPLIANCESGALORE
ALERTTSUNAMIS

Firewall

IntrusionPreventionSystem

VANISHINGPERIMETER
EVASION

SecureWebGateway

LATERALSPREAD
EmailGateway

NOAPIs,NOINTEGRATION
Anti
Malware

CyphortsUniqueApproach
Consolidatedsolutionforperimeterand
lateralspreaddetectionandcorrelation
AdaptiveAntievasiondetection
thatevolveswithadvancedthreats
Reducefalsepositivesandeliminate
redherringsforacceleratedmitigation
Virtualized,flexibledeploymentandopen
APIintegration

Cyphort DecoupledArchitecture
CyphortGlobalSecurityService

Collector
Headquarters:Web,EastWestTraffic

Mitigation & Enforcement

PublishBlockingData
ToExisting:FW,IPSandSWG
APIbasedormanual

Collector
BranchOffices:Web,EastWest
Traffic

CyphortCore

Collector

MultimethodInspection
MachineLearningAnalytics
Correlation

DataCenter

InfectionVerification
Verify infection on suspect
endpoints before cleaning

Collector

(Native,CarbonBlack,Tanium,Confer)

Email

Collection

Analysis

Action