Blue glowing high energy plasma field in space, computer generated abstract background

Heading into RSA Conference 2011

The leading conference for security professionals is almost upon us. The RSA Conference 2011 will bring together the security technoratti at the Moscone Center in San Francisco this week.

This is always a good time to take stock of the major advances and shifts in focus in the security world, since the last such conference. In my last post, I talked about the major security transactions in 2010. Major topics at RSA 2011 include:
– Trust-based security
– Public sector partnering with private enterprise to address cybersecurity
– Secure/compliant clouds

Art Coviello, RSA Chairman, will kick things off with a keynote on “Trust in the Cloud”. Organizations worldwide have high hopes for the cloud. Hope in its potential to transform IT infrastructures, applications, and information management and in its ability to revolutionize business. But before we can trust that the cloud is safe for real business, we need a secure foundation of dynamic controls and trustworthy measurement.

Our very own Richard McAniff, Chief Development Officer & Co-president, VMware, will join Art and have a dialog on some of the advances and innovations towards a trusted cloud. Do make it a priority to tune in!

There is a significant public sector presence at the Conference. Deputy Secretary of Defense William Lynn III will discuss the Pentagon’s Cyber strategy. James Lewis hosts the Cyberwar, Cybersecurity, and the Challenges Ahead panel of heavy hitters in the area. At the Cloud Security Alliance summit, Federal CIO Vivek Kundra will be unveiling new Cloud initiatives to a sold out session. I’m hoping I can make it in time for the announcement – I am across the street on a Virtualization and Cloud Security panel at AGC’s 7th Annual West Coast Emerging Growth Conference along with Simon Crosby (CTO, Citrix), Eric Chiu (CEO, HyTrust), John McEleney (CEO, CloudSwitch), John Rowell (CTO, OpSource). Moderated by AGC partner, Scott Card.

VMware has a few partners making announcements at the conference. Do stop by the VMware booth for additional information. Also, you can follow along on twitter @VMware and @VMwareEvents.

While the security industry was buzzing about clouds last year, the last few months has seen a shift from hype, to getting down to the nuts and bolts of standing up such clouds. We at VMware have prioritized the journey to cloud computing, via an evolutionary blue print that focuses on hybrid cloud standup. Steve has outlined this plan here. As we move from Power Points to actual standup, it is clear that this requires an industry wide collaborative effort, involving technology vendors, forward looking customers, and service providers.

Following is a prescriptive representation of hybrid vClouds, where enterprises have self-service access via a secure VPN connection to “their” corporate bubble, hosted on a shared cloud infrastructure, provided by our certified cloud partners. Primary use cases are around the notion of interoperable workloads (VMs) between the private data center and the remote virtual data centers, in line with some of the discussions I had posted earlier. Hybrid clouds begin to come to life.


As we begin to deploy such hybrid clouds, we need to tackle several issues, even in the infrastructure layer, let alone higher level PaaS and application stacks. For example, networking topologies and architectures start to come into play. It is one thing to create air-gapped silos in enterprises, where network segmentation via VLAN/subnet delineation and hair-pinned firewalls, realize separate zones of trust. The holy grail of public cloud infrastructure is creation of banks of compute and storage resources on a fast converged fabric interconnect, and then being able to instantly allocate secure, elastic VDCs for enterprises to place their VM collections into. In this environment, there is a need for a programmable fabric, wherein trust zones are fungibly constructed around VM/storage collections, regardless of underlying network topology.

Easier said than done.

There are some exciting developments and initiatives underway here. I’ll be blogging about this cloud/network/security interlock a lot more in coming months!

In the meantime, wishing you all a great RSA Conference 2011, and looking forward to meeting you at one of the many events.