It is no secret that OpenStack is continually adding security features, but it is by no means perfect -- yet. OpenStack has never really addressed security in a way that translates to a distributed model. It is one thing to stand up an OpenStack environment in a lab or a data center, very much closed and controlled environments, but it is a very different thing to build a publicly available product that has the security functionality to meet the stringent requirements needed by financial institutions, healthcare organizations, government agencies and telcos.
In this session we will discuss how to best translate OpenStack security to real products in the real world based on Verizon’s experience with building several commercially available OpenStack based products and services. By drilling down into some ways to address security by using the OpenStack tools, the team was able to create secure environments that met the most stringent requirements of our customers.
During this session you will learn how the team addressed thorny security issues such as:
- The need to perform in a massively distributed (think thousands of global locations) environment.
- Addressing security in a global environment – limits and opportunities.
- Needs for Role Based Access Control and a separation of customer and administrative access – corralling the security cats.
- The need to support customers with sophisticated regulatory and security requirements – think HIPAA, FedRAMP, PCI compliance and others.
- Different approaches to minimizing the vulnerabilities – how to control the environment without compromising on rapid service delivery.
