healthcare roadshow 2016
TRANSCRIPT
Healthcare Roadshow 2016Markus ErlacherCEO / PartneritnetX [email protected]
Agenda
09:00 – 09:05 Begrüssung Markus Erlacher
09:05 – 09:15 Vorstellung Gastgeber
09:15 – 09:45 Digitale Transformation im Gesundheitswesen Sue C. C. Paredi
09:45 – 10:30 Die Transformation zum modernen Datacenter Markus Erlacher
10:30 – 10:45 Kaffeepause
10:45 – 11:30 Mobil, sicher und flexibel: Der mobile Arbeitsplatz der Zukunft Markus Erlacher
11:30 – 11:45 Q & A
11:45 – 12:15 Apero
Die Transformation zum modernen Datacenter
The datacenter today
Traditional datacenter• Tight coupling between infrastructure and apps • Expensive, vertically integrated hardware • Silo-ed infrastructure and operations• Highly customized processes and configurations
Cloud model• Loosely coupled apps and micro-services • Industry-standard hardware • Service-focused DevOps • Standardized processes and configurations
Microsoft AzureCloud infrastructure
Windows Server
App App App App
Linux
Portal: IaaS | PaaS services
Cloud is an architecture
The cloud transition
Consistency from on-premises to public cloud
Management from the cloud
Write once, deploy anywhere with modern application platform
Transform IT
Management anywhere
Operations Management SuiteSystem Center Windows Server Azure Stack Azure
Modern application platform
Cloud service delivery
Software-defined datacenter
Software-defined datacenter
Modern application platform
Cloud service delivery
Management anywhere
Software-defined datacenter
Operations Management SuiteSystem Center Windows Server Azure Stack Azure
Standard APIs
Compute
Compute cluster
Virtual machines
Industry-standard servers
Standard APIs
Storage
Storage cluster
File servers
Industry-standard disks
Standard APIs
Security
Security controller
Shielded VMs
TPM-enabled hardware
Windows Server | Hyper-V | System Center
Standard APIs
Networking
Network controller
Virtual networks
Physical network
Provisioning and operations
Windows Server | Hyper-V | System Centerinfused with Azure designs and technologies
Cloud-inspired infrastructure
Frictionless “cloud-cadence” infrastructure upgrades
Benchmark-setting scale, performance, and availability
Best-in-class support for Linux
Confidently virtualize anything Compute Storage SecurityNetworking
Rolling upgrades without downtime, no new hardware neededMixed-mode clusters
High-performance live migration and Storage QoS Guest clusteringMission-critical scale: SQL, Exchange, SharePoint, SAP, Oracle
Broad distribution support, including: RHEL, SLES, Ubuntu, CentOS Hot add | remove vNIC and in-guest vRSS
Cloud-scale fundamentals
SDN infrastructure
Flexible workload placement
Hybrid datacenter extension
Network function virtualization
• Data plane based on Azure
• High-throughput, low-latency packet processing [up to 40G]
• Programmable network controller based on Azure
• NVGRE, VXLAN, and OVSDB support
• Load balancer that is proven in Azure
• Distributed firewall
• Custom service chaining, including Linux appliances
• Azure ExpressRoute
• Multi-tenant gateways
Compute Storage SecurityNetworking
High-performance storage, fraction of the cost
Cloud-scale, cost-effective platform
Scalable hybrid-cloud storage solution
Workload-aware protection
Cross-site availability and disaster recovery
• Storage Spaces Direct
• Predictable workload performance with Storage QoS
• Microsoft StorSimple
• Azure storage
• Azure Site Recovery
• Azure Backup• System Center
Data Protection Manager
• Sync replication with Storage Replica
• “Stretch” clusters with automatic failover
• Cluster-to-cluster replication with orchestrated recovery
Compute Storage SecurityNetworking
Security designed for zero-trust environments
Control and monitor administrator privileges
Detect and respond to breach faster
Add access and usage policies to sensitive information
Protect virtual machines from compromised host
• Hardware-rooted security
• Shielded virtual machines
• Guardian Service
• Just-in-time administration
• Just enough administration
• Next generation credentials
• File Classification Infrastructure
• Azure Rights Management Services
• Dynamic Access Control
• Privilege Security Event Logging
• Cloud-based security analysis
• Out-of-the-box anti-malware
Compute Storage SecurityNetworking
Cloud service delivery
Software-defined datacenter
Cloud service delivery
Modern application platform
Management anywhere
Cloud service delivery
Software-defined datacenter
Operations Management SuiteSystem Center Windows Server Azure Stack Azure
One Azure ecosystemJump-start your Azure Stack efforts with the rich Azure ecosystemAzure Resource Manager templates
Windows Server and Linux VM images
Third-party services and extensions
GitHub to store and share above application components
One Azure ecosystem22 Azure regions
operational, 28 announced
100s of service providers
1,000s of enterprises
Power of Azure with the control of the datacenter
Microsoft Private Cloud(on premises | hosted)
Microsoft Azure
Windows Server Linux
Azure Pack
System Center
Windows ServerCompute | Network | Storage
Windows Server Linux
PortalIaaS | PaaS services
Cloud infrastructure
Power of Azure with the control of the datacenter
Microsoft Private Cloud(on premises | hosted)
Microsoft Azure
Windows Server Linux
Azure Pack
System Center
Windows ServerCompute | Network | Storage
Windows Server Linux
PortalIaaS | PaaS services
Cloud infrastructure
PortalIaaS | PaaS services
Cloud infrastructure
Power of Azure with the control of the datacenter
Microsoft Azure Stack(on premises | hosted)
Microsoft Azure
Windows Server Linux Windows Server Linux
PortalIaaS | PaaS services
Cloud infrastructure
PortalIaaS | PaaS services
Cloud infrastructure
PortalIaaS | PaaS services
Cloud infrastructure[powered by Windows Server, System
Center, and Azure technologies]
Modern application platform
Cloud service delivery
Modern application platform
Management anywhere
Cloud service delivery
Software-defined datacenter
Modern application platform
Operations Management SuiteSystem Center Windows Server Azure Stack Azure
Write once, deploy anywhere
Microsoft Azure Microsoft Azure Stack
Containers Virtual machines Azure Service Fabric
Azure Resource Manager
“Born-in-the-cloud” applicationsDesigned for cloud agility, elasticity, and scalability
Constant innovation and upgraded features
Shared services allow for increased speed
Options to leverage dynamic data sources
Management anywhere
Modern application platform
Management anywhere
Cloud service delivery
Software-defined datacenter
Modern application platform
Management anywhere
Operations Management SuiteSystem Center Windows Server Azure Stack Azure
Shifting needs in IT management
TECHNOLOGYFLUCTUATING
CLOUD BASED
INNOVATION
RETOOLINGFOR VELOCITY
ANALYTICS | CONTAINERS DEVOPS | SERVICE MANAGEMENT CLOUD MIGRATION | SERVICES
Any Cloud
Any Platform Microsoft Hybrid Management
Hybrid
On-premises
System
Center
Operations Management
Suite
Any Cloud
Any Platform Microsoft Hybrid Management
Hybrid
On-premises
System
Center
Operations Management
SuiteVisibility
• End-to-end monitoring
• Preemptive health, capacity, and usage tracking
• Real-time alert management
Visibility
Any Cloud
Any Platform Microsoft Hybrid Management On-premises
System
Center
Operations Management
SuiteVisibility
• End-to-end monitoring
• Preemptive health, capacity, and usage tracking
• Real-time alert management
Control
VisibilityControl
• Model once, run anywhere
• Controlled empowerment of IT users
• Deep insight into automation
Any Cloud
Any Platform Microsoft Hybrid Management On-premises
System
Center
Operations Management
SuiteVisibility
Control
• Model once, run anywhere
• Controlled empowerment of IT users
• Deep insight into automation
Protection
Control
• AlwaysOn backup and disaster recovery
• Continuous health monitoring
• Automated backup and disaster recovery process
Protection
Any Cloud
Any Platform Microsoft Hybrid Management On-premises
System
Center
Operations Management
SuiteVisibility
Control
• AlwaysOn backup and disaster recovery
• Continuous health monitoring
• Automated backup and disaster recovery process
Protection
Protection
• Thorough systems health checkup
• Full exposure into IT environments
• Audit, forensic, and breach analysis
Security
Security
Any Cloud
Any Platform Microsoft Hybrid Management On-premises
System
Center
Operations Management
SuiteVisibility
Control
• AlwaysOn backup and disaster recovery
• Continuous health monitoring
• Automated backup and disaster recovery process
Protection
Protection
Security
ApplicationManagement
Applications
• Real-time performance visibility
• Dynamic application dependency mapping
• Faster fault analysis
Management anywhere
Getting to the cloud model
Modern application platform
Cloud service delivery
Software-defined datacenter
Rethink applications to take advantage of cloud
Change processes and patterns to remove silos within the infrastructure
Make hybrid management part of your strategy
Enable self-service access to resources and consistency across clouds
Mobil, sicher und flexibel: Der mobile Arbeitsplatz der Zukunft
The world has changed
Today’s workforce
Mobile
Collaborative
Networked
The world is alwaysconnected & mobile
Modern workplacehyper-collaboration
!
More freedom increases risk
Security is more important than ever before
Data Protection
Device & AppManagement
HybridIdentity Manageme
nt
Files
Identity
AppsDevices
Layered Protection
AppsDevices
Layer 2 – Apps
Data Protection Gaps it may leave open Prevents apps from sharing data with apps outside of IT control.
Prevents apps from saving data to stores outside of IT control.
Encrypts app data to supplement device encryption.
Only protects corporate data that resides on devices. Cannot protect data beyond a device.
All data share same protection. Per document protection not possible.
v
Native E-mail
ProtectedBrowser
LoB
LoB
ISV App
FilesAppsDevices
Layer 3 – Files
Data ProtectionProtects data wherever it resides
Provides granular, content specific protection (e.g. time bomb vision docs)
Requires all data to be protected if not complemented by Layers 1 and 2
Native E-mail
ProtectedBrowser
LoB
LoB
ISV App
Enterprise Mobility Suite
Microsoft IntuneMicrosoft Azure Active Directory
Premium
Microsoft Azure Rights
Management Premium
Mobile Device & App Management
Identity & Access
Management
Information Protection
Behavior based threat
analytics
Advanced Threat Analytics
Easily manage identities across on-premises and cloud. Single sign-on & self-
service for any application
Manage and protect corporate apps and data on almost any device with MDM &
MAM
Encryption, identity, and authorization to secure
corporate files and email across phones, tablets,
and PCs
Identify suspicious activities and advanced threats in near real time, with simple, actionable
reporting
The current identity reality…
EC2
On-Premises Private CloudManaged devices
Self-service Single sign on
•••••••••••Username
Integrated Identity as the control plane
Simple connection
Cloud
SaaSAzure
Office 365Publiccloud
Other Directories
Windows ServerActive Directory
On-premises
Microsoft Azure Active Directory
One common identity
Intelligent cloud
Machine learningSecurity reports
Privileged Identity Management
App security
Conditional accessMulti-factor authentication
Cloud App Discovery
ALERT
1 4 5 6 7 6
Detect threats
User behavioral analysisSimple attack timeline
Identity Driven Security
Microsoft Advanced Threat Analytics
ATA
Devices and
servers
Behavioral Analytics
Forensics for known attacks and issues
Advanced Threat Analytics
Profile normal entity
behavior (normal vs. abnormal)
Search for known
security attacks &
issues
Detect suspicious user
activities, known attacks and
issues
SIEMActive DirectoryActive Directory
Manage your external identities
B2B Collaboration Azure Active Directory B2C
• Manage and secure productivity
• Multi-identity management for Office mobile apps
• File / Data level protection
It Protects Office Better – Managed Mobile Productivity
Managed email and productivity
Identity
Application
Device
Data
Windows 10 Windows Provable PC
Health (PPCH)
SharePointOnline
ExchangeOnline
User
Conditional access
Policy verification
Microsoft Intune
SharePointOnline
ExchangeOnline
User
Microsoft Intune
Policy compliance verification
Device management
Device compliance
Measured boot integrity status (Windows PPCH)
Advanced device compliance (antivirus, firewall, patch state, etc.)
Mobile application management
Maximize mobile productivity and protect corporate resources with Office mobile apps – including multi-identity supportExtend these capabilities to your existing line-of-business apps using the Intune App Wrapping ToolEnable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps
Managed apps
Personal appsPersonal apps
Managed apps
ITUser
Corporate data
Personal data
Multi-identity policy
Mobile application management
Personal apps
Managed apps
Copy Paste Save
Maximize productivity while preventing leakage of company data by restricting actions such as copy, cut, paste, and save as between Intune-managed apps and unmanaged apps
Save to personal storage
Paste to personal app
User
Email attachment
Encrypt files and dataProtect ANY FileShare with ANY Person
View on ANY DeviceTrack & Manage from the cloud
Fragen ?
Healthcare Roadshow 2016Markus ErlacherCEO / PartneritnetX [email protected]