The chaos of today’s multi-cloud world often leads to the use of numerous tools and processes for cloud operations. This leads to challenges having detailed visibility understanding the relationships between resources and applying consistent security across environments, based on applications needs.
In this third episode of the Multi-Cloud Expedition, we’ll be building on the March episode (Fundamentals of Cost, Observability and Security) going deeper into governance and security. Through product demonstrations and conversations with VMware Subject Matter Experts, we’ll show visibility into cloud misconfigurations, discuss compliance management and dig into automating security at the application level through APIs.
Learn more here: bit.ly/3ZH822B
Chapter Segments:
0:00 – Start: What is the Multi-Cloud Expedition? Customer Journey from cloud first to cloud smart.
2:17 – Recap of episodes 1 and 2 (http://bit.ly/3Zyw5BI)
3:36 – Overview of this episode: going deeper into security and governance.
4:51 – SME Intro: Jyoti Sharma, Product Marketing Manager https://www.linkedin.com/in/jyoti-s-sharma/
5:29 – Preventative approach with centralized operations – Security teams managing the governance lifecycle while supporting rapid development.
8:00 – Implementing policies at scale.
9:19 – Demo: Aria Guardrails built on Aria Hub for applying a policy template across multiple clouds. https://www.vmware.com/products/aria-hub-powered-by-aria-graph.html
14:24 – Beyond consistently applying policies- detecting violations and configuration drift.
15:21 – Demo: Aria Guardrails to detect configuration drift. https://blogs.vmware.com/management/vmware-aria-guardrails
20:29 – Managing risks and configuration issues with an integrated approach plus access controls.
22:00 – Demo: Aria Automation for Secure Clouds for visibility into policy management. https://www.vmware.com/products/aria-automation-for-secure-clouds.html
24:58 – Seeing anomalies across full environments, even in multiple clouds, for proper investigation.
28:52 – Demo: Aria Automation for Secure Clouds continuing investigation of actions, across clouds, from this single tool.
31:58 – Demo: Aria Automation for Secure Clouds providing visibility for best practices around resource and access management.
37:00 – Use case example determining when user access updates are needed.
38:34 – SME intro: Rick Roque, Tanzu Staff Solutions Engineer https://www.linkedin.com/in/rick-roque-58b81624/
39:32 – Changing times and how security and compliance have evolved to secure east/west connections with ephemeral IP addresses.
43:50 – Demo: Tanzu Service Mesh implementing a zero trust model across clusters and clouds. https://tanzu.vmware.com/service-mesh
50:00 – Global name space construct now available for service management across clouds, or on-prem, without code changes.
52:08 – Demo: Tanzu Service Mesh providing a deeper layer of security by looking at what services use and share.
59:02 – Customer example dealing with potential internal bad actors. Zero trust.
1:02:22 – Demo: Tanzu Service Mesh for threat and attack detection.
1:07:04 – Time to value through faster issue resolution and threat remediation.
1:09:02 – Q&A: What public clouds does the Aria platform support?
1:10:08 – Q&A: Can we extend base policies / templates with Aria Guardrails?
1:11:37 – Q&A: Can Tanzu Service Mesh security policies be automated?
1:13:12 – Q&A: Where to people get started with Aria Automation for Secure Clouds? (https://www.vmware.com/learn/1732750_REG.html?cid=7012H000000sx5Z)
1:14:20 – Q&A: Are these zero trust tools meant more for security or platform teams?
1:17:37 – Wrap up. Look to the next episode for more around multi-cloud security and resilience against ransomware attacks.
