Duration 34:57
16+
Play
Video

Citrix Synergy TV - SYN149 - Delivering on trust expectations for cloud customers

Hopeful Owitti
Service Delivery Management & Strategy Director, Cloud Engineering at Citrix
+ 1 speaker
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 23, 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN149 - Delivering on trust expectations for cloud customers
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
254
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

Hopeful Owitti
Service Delivery Management & Strategy Director, Cloud Engineering at Citrix
Clayton Peddy
Sr. Director of Security Architecture at Citrix

About the talk

The customer journey to Citrix Cloud services is in full force. The Citrix Cloud engineering (UCE) team at Citrix is responsible for managing customers’ cloud environments and helping them maximize their Citrix Cloud investments. This session will highlight how UCE is evolving and modernizing our cloud service delivery strategy to meet our customers’ trust expectations around availability, performance, security, and compliance.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.

Share

Thank you how everyone it's late afternoon last day of the session, but I want to extend a very warm welcome to each one of you. Thank you so much for spending part of your day with us today. My name is hopeful of witty been with Citrix for going on 18 years now and through this time. I've been mainly in the engineering and saboteurs the organization. So wanted to really share with you a couple of kittens that we doing on our own Service delivery and I'm co-presenting with the Clayton today. Actually Clayton. I'll let you introduce yourself. Hello. My name is cloud

security. Awesome. Awesome. I wanted to stop by gas station contact information has been going through as you can imagine 18 years at Citrix. I have seen every single mode of transmission of the company has gone through the cloud transformation one for me has been a fairly unique and it's not just how we organize ourselves into, you know to really make sure that we are moving to as a cloud but a big part of it is how our customers moved with asked was this transformation. So it really stood out in

terms of how we think about Cloud delivery but a special point of it is just the lessons learned that came from all of you as we walked through this journey. So I would like to talk to you about today is a really tough paint a picture of how we are evolving Service delivery to really engage with you. We kind of talked a little bit about some of the lessons learned through this journey with our customers. Talk a little bit about how we are evolving Tower Service delivery to release serve you better that we are rolling out. This is

how we are measuring performance availability compliance and security. So we'll walk you through our thought process around that and then just give you an idea of things that we haven't sold in the future for post office delivery. So really excited to be sharing this this part of the presentation for you 2019. It's been an incredible first of the year so far, but I wanted to step back and just give you an idea of what the foundation that you laid out in 2018 that's leading up to this. I brought a change so 28, what will the

transformation of the offer for the company? It was a the year where we went bowling in the cloud had phenomenal success throughout the year in terms of usage in Samsung. Environment coming in today and into the cloud environment in terms of the Microsoft says that rebuild and really the chain and walking with the cloud vendors to bring Best in Class package delivery for our customers. So are we went through a lot of lessons learned as you can imagine? It wasn't necessarily pain free and part of it was just really the engagement we had together with our

customers to throw this process as we embarked on this journey with our customers a lot of feedback that you got from directly from our customers whenever we do I'll be updating the cloud. How could we have consistent performance? How could you think about service reliability so that you really continue doing the productivity was that you're focused on and not really worried about all the other stuff that, come through. How should we think about compliance and security and for us if we belong to too many things Tiffany boils down to trust Which was a very big one

and Travis and Travis resiliency so we can really talk about the process. Like how do you move what you do in the company to really address how we are moving with our customers along this journey really wanted to thank our customer base for the for the patient for the feedback and that we go through the years, but this really said that Foundation or at the real think about Service delivery in a in a different way. Yeah couple of things that we needed that really focused on possible was what are the Key Peele us that we need to think through aggressively are in really

addressing the trash and resiliency a space for a customized newborn down to pay for maintenance for us a very close to look at the performance of a closer look at the availability we wanted to make sure that our SLA is are aligned with our customer expectations I wanted to take the time and really address compliance requirements as well as really focus on security I mean security has been like such a big deal is one of the biggest barriers as our customers on moving to the cloud so we realized that as a customer who needs trust us to manager in bar environment, there's a very

big focus on security that really need to really think through a specific foundation and framework to really help address this going forward as it really started from what we started with me to cat in a 28 Who called the lesson plan to call your feedback and now we're on just on the next evolution of our journey now as a result of a couple of key changes that I just wanted to highlight. The first one is that we thought differently about the team about the team that delivers and the team that relief manages this environment for our customer base

and we went through and really know what are the Key Peele us that we really needed to align to really make sure that we are doing this snow just right but really billing it as part of a process of a robe sewing to do, you know, we had a team that was focused on site reliability with bills that that team up. I will introduce Service delivery as part of the call function to really address Service delivery in the cloud. So we're looking really looking at that trust model and more importantly we didn't look at the expertise that we needed to really enhance this so it will some key functions

really looking at a very specific Cloud architectures looking at very common control for cloud. And yes really building expertise around those key elements in one of the things that we're doing a special. Yeah, we bought we really started building up a big Security operation with want to operate 24 by 7 on this a security aspect. So we're building up a fairly sustainable security team that will be focused on managing your environment and just building on that trust and never sleeping. I'm just really make sure that as we go through this journey, you got

environments remain secure this and expectations that our customers have told that the expectations that we're going through or in terms of service delivery. So this was one of the things that we rode out this year thinking about the team thinking about how we do it differently and then the second thing that's really looked at is the process of Service delivery. So we kind of took it back and said like how do we focus on resiliency as part of the process going in a process around measuring performance? Availability and analyzing

compliance and really focus on security aspects as part of the process beat up before this tablet 8 come out of production for customers to prevent from getting processed with built-in process to really look at a lot of days in granular detail to make sure that as we go through that process by the time as Travis Reed Richards to you, we know we've got going through incredible due diligence across the start to make sure that is feeling meeting expectations that you have us so it's not so this is what we are we are heading out is a framework that you started

watching on across across the company and the end one additional thing. That was a really a big Focus for us is to really understand the key use cases of our customers. We spend a little time with me looking out across those Microsoft says that we have been trying to understand what are the key used it is we're really trying to drive. What customers and went through a tear in process? We wanted to make sure that depending on some of the youth cases where a little bit more aggressive in swamp Air Force. We wanted to make sure that as we go to this is Johnny. Just some key elements that

cannot afford any level of downtime that really helped us with priorities and Ender and things of that nature video biggest forecast was to think through that. They're keeping us that we shared and you're doing that during the event looking at the experience for users. We wanted to really look at security b + 2N know just what you control that elements that we don't control as well. So we're putting processes in place yet to really make sure that we are dressed at end to end and we know this flexibility of choice. This is something that we didn't want to to

limit, you know, our customers will too even as we come through the cloud in Cloud infrastructure and understand the infrastructure that our customers Leverage We wanted to make sure that we have that flexibility of choice and this really drove the framework for us to get through how we take it to the next level and really just have more prescriptive Service delivery for a customer 3D excited about the framework of laid out in the journey that we continue to jointly go through as we head into 2019 the second half of 2019 and & Beyond I'd like to bring bring up

Clayton what you a little bit about some of those feelings that you mention some examples that we are thinking through and then we'll take it from there. They don't take it away. Great. Thank you very much. I'll be able to walk through our customer trust model really concentrating on our four pillars performance availability compliance and security and give some examples of of what we're doing in those areas look it up performance. What are the things that we're always looking for is how to innovate and the more successful special using Cloud Technologies when I think of

application execution technology such as I Google anthos come to mine taken advantage of iot devices and Edge Computing, you know performance and security are not mutually exclusive. In fact in many cases by enhancing the security of our products were actually enhancing the performances. Well, especially when you take a look at what the cloud is offering today, and and really that's all about modeling are real user behavior. When you think we found is that are typical user actually switches about four times a day between devices and networks,

right? So it's not just a constant pattern of you say it's like an evolving throughout that work day example of how this comes to play with the with our team typical application might get. Deploy down to the cloud. And you can imagine most applications have a rewrite component to them. So when we look at modeling, it seems pretty obvious that okay, great. I'm going to have rewrite components and goes to an API pretty simple pipeline analytics and looking at that real user behavior. For example in this particular use case. We noticed that you'll actually the right only happens

about once and then many reeds are from that one. Right? So if you think about a user who switching devices and networks all the time, how can we take this to our advantage? Well one thing is that we can set up multiple read 10 points out in the cloud. This gives not only availability but it also allows us to enhance performance. So let's look at and how that really in a concrete example, if you look at the browser, this is an example of using browser scope or I'm actually testing the actual capabilities of my browser. I really want to highlight hear that this is Chrome on

Windows. And what does Told me is that I actually have six connections per host name but 41 Max connections. What was that mean? Well on a given hostname, let's say it's your post. Cloud cam. I only can have six parallel connections, but you see the browser capable of 41. How could I corn at the power of 41? Well, it turns out that setting up multiple read endpoints is pretty straightforward if they were rewrite that's a much more difficult problem in your technology to solve fairly easy won't

take advantage of that. Dynamically. I can now set up for example 9 reads in parallel very easily again taken advantage of that 41 that's cable on the device. Most browsers are capable of around 6 with some special mobile devices can go much much higher and we want to take advantage of that. What's looking availability? What are the things we value more than anything is being always available. And that's a really important message that I want everyone to really understand. You can talk about you having a disaster recovery for example or high availability. But

ultimately what you really want is to be always on now when I think about the RTO and RPO and that's recovery time objectives or a recovery Point objective. What are the challenges that we have is by taking kind of be always available methodology and many cases our recovery time. If something were to go wrong is measured making milliseconds maybe at the max in just a few minutes, but that can be very challenging to have to kind of relay that message. Go back to our customers book The one thing we're always working on his how do we improve it? And

how do we reduce those times again taking that always available methodology? Air Force increasing the go endpoints more endpoints means that we're getting our data your date of the customers data to their devices faster and that's a real big part of availability as well. Because if something does go wrong with one endpoint, you still want them that's close to still great a bride great performance. So let's look at an example of how we deal with this every day. So are typical Target a sole externally that we publish is 99.5% but the

reality is internally we have to actually Target something much much higher. Let me show you why. Looks like the Police Service aide out to the cloud and like many Cloud components. Our services are built on components and maybe the component has a 99.9% availability. That's pretty good. And it connects to a dependency to another service B. That's again deployed on a similar service 99.9% at first blush. That looks pretty good. 99.9 99.9 Target of 99.5.

We're okay, right, but you have to remember that this dependency chain is the probability that both are up at exactly the same time right that is it to be 99.8% By looking at the Chain Break 99.5. Hay for sale. Okay, 99.5 with our Target. We're still doing a pretty good. But we also offer choice to customers. And that ball potentially being a multiple clouds of the same time. So let's look at that scenario again Cloud a service a we know that to be 99.9% with an S alive. But let's take a look at Cloud be in service

BMO. That's a different kind of component that we had to build on and unfortunately, it didn't quite offer the same as to lay only a 99.5% while the probability that they're both up and running at the same time. It's only a 99.4. That's not good enough. It doesn't meet our criteria. We can solve this problem by doing. So what we're going to do is we're going to build out more services on cloud be so for example, we have B1 and B2 they both her again 99.5% the same as before, but I only need one of these

to run at any given time. Don't want to be out one can service all the request. We're still meeting our objective. Now. If we do this they were out at 99.65% right? That's fantastic. Again, we're back in our target range received. The reality is it's not this simple and easy to see is how did I get those two Services? There's got to be something in there that I had to put in in order to be able to switch between the two of them. If one went down. Well, what's that look like so let's say we choose something very simple. Like it's the simple load

balancer most load balancers in the cloud offer about a 99.99% That sounds pretty good. If we add do the probability that both service a and a load balancer and the service be all are up and running is a 99.64 when you actually look at the map when you look at things like a szalay's what you realize is that even with services with what seems to be a really high as a wave is a necessity because when I actually changed these together My overall probability that everything works in tandem keeps going down and this is again one of the

reasons why in architecture group, we spend a lot of focus on micro service and really ensuring that we have highly reliable services that have a single-use case because it's easier for us to get that Escalade up higher because when we changed them together, it's a necessity or two a piece of gospel. We'll talk a little bit about compliance. One of the things that our team does a lot is reduce the internal friction 402 the product teams to achieve, you know compliance. We know that if we write tools that people actually want to use that is less likely will come

up with their own methodologies or or try their own ways of doing things compliance is a lot about standardization. But one of the things we do in our group is we actively participate we're actively participating by not only looking at your compliance and thinking about well or once of your task that we might have to do but how do I turn that into a year-round task? How can I be actively making sure there were always in compliance at all times but it's not really talking about that start with the compliant tells us to do really looking at how or organization can be a world-class organization and

how we can actually set her own standards that are well above what the compliance needs me be and that's really Wharton because you again one of things I think about in the supply chain is not just in terms of nowhere other vendors my fit with us, but I truly do understand that. We are part of our customer supply chain. They are relying on us to do the right thing and that's really important to me. I just want to give kind of an example of a little bit more of it and and how one of the phrases we use a law on the team is compliance is more than a checkbox. And this

is really important for us looking at our security Operation Center and really employing your security Citrix threat experts people were actively hunting for threats might be threats from IP addresses from down by the actors. It might be looking for files phishing attempts passwords brain. All of those things were looking at all the time or incident response and Recovery you again truly understanding where we may have something that needs to be investigated. And of course if we do need it responds haven't seemed ready to go. Event management. This is one

of the critical pieces of understanding that there's a lot of data coming in. It's critical for us to get that data truly understand where it's coming from. What does it mean and you can get an investigation going if need be vulnerability management. It's really important to understand what's going on in the environment at all times and actively addressing that reporting on that and so on and so forth and forth automation, one of the key things I have on the team for everyone is involved in the Security operation is a half to be a developer. They have to have that development experience

automation is the only way that we can move forward and move quickly. And so having everyone isn't developer low code developer, for example taking advantage of some the new Loco technologies that are out there an automated workflows outfielders write that kind of Technology code for their High Valley. Look at information protection. I'm obviously threat detection is is Paramount the governance understanding where data needs to be ensuring that it's in the location that we said it was in at all times encryption and

masking a lot of compliance encryption all the time really masking is a huge part of our strategy to take it beyond that standard compliance line item because masking for me is all about having least privilege use right? I might have somebody yes. They're authorized to look at the data, but they don't have to see all of that data. Right customer data is so important including the metadata and that if I can mask that so they can't see. You know, it just enhances our security profile all the more and that's a really big

investment, but we're making an access. Administrative environment and really this is a very strict control plane that allows our users to have you completely separate identities for managing of the customer Cloud your multi-factor authentication taking advantage of newer Technologies. One of the things I've been using for example is yubikeys and I know if you're familiar with you the keys, but it's a hardware key that can be used. So it's to prevent like fishing free samples or based multi-factor

authentication App Store texting text messages, right? Everyone's probably had at least one instance where they get the 6-digit code for example on your text message, but the reality is do you know where you're typing in that six digit code to trust the app that's asking for that information right Hardware Keys bypass is a completely Conditional access policies or just in time access really all about one thing and that is if a user has the ability to get into a latte machine, let's say they're doing administrative function. It's goes beyond that. I want to make sure that they are

in the right networks. Maybe they're in the right Geo. For example there on the right device write all of those are really important. And if I open up something that allows him access I closed it immediately right after they're done. I just don't leave it open even though that might be something to do with our daily job. And one big thing we're rolling out is that give privileged access workstations dedicated Hardware dedicated virtualized environment that are strictly controlled so that our users when they do administrative functions don't have to worry about things like fishing. There

is no email. They don't have to worry about malicious websites because they don't have access to those websites, right? That's really important overall. Look at the Hybrid Cloud infrastructure. One of the big things at the client's you were score and you saw one of the announcements about contributing to the intelligent security graph right that provides the score. So now we're getting data both from Citrix service. As well as a recap of Microsoft's intelligent graph and of course the video I said DDOS attack mitigation and monitoring. The wassailing to touch on

security really the foundations of this are built on a zero trust depth in defense model zero trust literally means trust nothing and I do joke a lot of times that I say, I don't even trust myself and that's really important defense is really all about having multiple layers of security. It's not enough just to protect the edge. It's not enough to protect the perimeter or it's not enough just to protect your database. It's protecting all of the data all of the applications all of the users all devices all the time at again secure by Design.

One of our tenants is to get in early on the process, right if someone sitting as an idea for a new product, I want to be there right away because I want to make sure that every step they're taking has Security in mind. And of course this leads the whole life cycle approach. It's not enough just to do it once but it's continuously monitoring and analyzing yourself to make sure that you're doing the right thing. It's being Innovative looking at what's in the market. It's looking at new technologies and really look at how you can apply them in your everyday. Silver key

investment areas in 2019 around security is around these three topics Incident Management. We're going to be having some significant growth in our worldwide operations for RC sock. We're going to be investing very heavily and automation automation allows us to basically go through with a threat intelligence very quickly thread analysis event management and really understanding that full lifecycle. It's all about how does some piece of data that comes in if it gets investigated if it gets turned into an incident and how did it get remediated? We

have to understand that it's very critical to understand how quickly that happens and then learn from those incidents that happened artificial intelligence. Now, I know this is a big bows word and then you see it quite a bit. But the reality is we look at how much data is coming in and you're trying to look for anomalies for example We need things like artificial intelligence machine learning to help us do that humans are very good at finding patterns. But the reality is I've got so much data. I couldn't hire enough people in the world to look through it all but you see computers

can and then they do it quite easily and ultimately like I talk about the data masking protecting her customer data is Paramount and vulnerability management. We really are a mission to implement the best cloud-native tools on the market and really goes beyond just implementing the tools. We have a standard that with every vendor every tool we use we have that engineering relationship that engineering to engineering relationship because it's not just about consuming the tool. It's about understanding the best practices how other people are using it and then contribute directly to other

teams. Of our learning in our findings and of course our learnings go directly to the you would like all Citrix on Citrix. We do use our own tools for ourselves, of course, and we see this manifested in workspace and the analytics for security and the access control. Hey, what's up? I'll hand it back over to Hopeful on the truck center updates and it was in there. All right, not quite yet a public site. So this is where you can go to really learn more about

the security aspects of compliance aspects of a Owl City cloud and some of the things that we're doing through around SLA Xander and security. So it contains a few key elements you can get the security documents. You can go to get some agreements understand a little bit about privacy and compliance as well as some specific product documentation that that walk you through how Citrix Cloud operates a kind of behind the scene. It's an environment that kind of publicly available right now, you can get to get more details will

be the first hit that you get one of the key things that we really wanted to move the site and its really about Just giving you a way to understand a little bit about what's going on behind the scenes and being a little bit transparent in a lot of key areas. This is one area where a partnership with our customer and partner becomes critical and one of the areas where children and I really want to hear from you as well. Like what what information would you really like to see that's really help you to go through your own process.

So there are few things to expect more on into the trust that we want to incorporate more details on resiliency, you know, the kind of behind the scenes just really give you a really good idea of how we are managing resiliency across-the-board. So this is some of the information you be able to get them. Are we looking to be a little more transparent with that with RCA has been one of those key things. We're really customers want to get a clear understanding every time does iCloud Give without what we don't know. It's something all control to

want to be more transparent give you an idea of some of the key areas that you can look forward to and then you don't Clayton went through how we are calculating some SLA Sandra Lee managing the dependency chain. So we want to be able to give you more information and more tools to really have the money days across the board. So stay tuned for more updates in the trusting that this is how it will be a one-stop-shop to really understand a lot of the details around those four pillars of the trust model that I'm all customer-facing that can really help you as you operationalize add your portions

of the environment as well. So really looking forward to that and then I wanted to share with you is is how we are moving to the communication. So whenever we have a high incidence is when the environment we post a specific messages that customers can subscribe to this are available in Stanardsville cloud.com. So it's a site where cast Go to subscribe and get information whenever there's an incident reported their give you an idea of if there's an outage or issue in one of the Gio's location and how it really affect you the messages that we have going. There will be

the kind. I may need to give you some details, but it's not to the level that would really like to get through. So what one thing if you're doing is building more granular aspects into that message. So help you really understand that. Component-level. I was being impacted in a cloud environment where we at in performance issues where we are seeing a challenges with availability and we'll just give you an idea to the two to help you action some key elements and then one of those that we have really contextualize the health report for customers give you an end to end view

of the health of your environment. So this is one of the key areas where we really partnering across the company to be able to give you that visibility. Example of how your environment is operating in the cloud both pieces that you control and manage as well as the key pieces that we control our on the on the back end. So stay tuned for more communication. One of the key things is that the team that we ran under and the unified Sound Engineering is really that one of the cat customer-facing teams for engineering. So the input that you give us will be critical as we get more

details around how we operationalize these are these environments Yeah, and I just wanted to bring this up just to to wrap it up. It's a it's a framework that has been critical for us to roll out and it's really about building and maintaining your trust that you continue to through this journey with that. This is a journey that I'm really excited about. Just wanted to really thank all of you for being part of that journey, and we really look forward for more much more data as we continue just really enhancing their the cloud environments for you. So I

believe we'll have a few minutes for for Q&A have a couple of closing slides that are generic to before you leave. Please add completed the survey. It is really give feedback to improve they went over all that would really appreciate your service. You can be able to watch a lot of the sessions, you know starting this week. So a lot of this will be posted on a Cena GT As well as the availability of a the presentations I what s deep dive you that would really

help you. So any feedback that you can give us specifically on this station will be truly truly appreciated. This is something that you can do from there from your nap. And I and I just give us any open feedback that you can use to really improve going forward. And that's really rested up for us at 4:10 tonight today. Wanted to really thank you for making the time spending a part of your afternoon. We that we have some time for some questions. So feel free at anyone wants to come through Clayton and I will also be out there for a few minutes if you have any

questions or want to talk one-on-one more than happy to do so. Great. Thank you.

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN149 - Delivering on trust expectations for cloud customers”
Available
In cart
Free
Free
Free
Free
Free
Free

Access to all the recordings of the event

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “Software development”?

You might be interested in videos from this event

September 28, 2018
Moscow
16
157
app store, apps, development, google play, mobile, soft

Similar talks

Pons Arun
Director of Products (Security Analytics) at Citrix
+ 1 speaker
Martin Zugec
Senior Architect - Technical Marketing at Citrix
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free
Sameer Mehta
Sr Director PM, Performance & Security Analytics at Citrix
+ 1 speaker
Jitendra Deshpande
Vice President, Cloud and Server Engineering at Citrix
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free
Mathew Varghese
Director of Product Management at Citrix
+ 1 speaker
Jim Regetz
Director of Data Science at Citrix
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN149 - Delivering on trust expectations for cloud customers”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
551 conferences
21656 speakers
8016 hours of content