Deep Security 8A Server Security Platform for Physical Virtual CloudSiupan Chan – Principal Consultant, Trend Micro Hong Kong Copyright 2009 Trend Micro Inc.
Key Trends: Datacenter Consolidation• Traditional security adds operational challenges and security risks• Increases Security TCO and limits virtualization/cloud adoption Physical y Virtual Cloud servers servers servers • Glut of security • Security reduces • Less visibility products performance • More external risks • Higher TCO • Mixed workloads Copyright 2009 Trend Micro Inc.
2009: A Historic Year for Servers 16 Virtual machine shipments surpassed physical server shipped 14 12 10 百萬 萬 8 6 4 2 0 2005 2006 2007 2008 2009 2010 2011 2012 2013 Physical Hosts Virtual Machines Virtualization changed and simplified how IT manages servers and datacenters Copyright 2009 Trend Micro Inc.
Key Trends: Sophisticated data-stealing threatsData security is more challenging than ever before • More Profitable • More Sophisticated • More Frequent Advanced Persistent Threats De-Perimeterization • More Targeted Perimeter defenses are not adequate anymore 4 Copyright 2009 Trend Micro Inc.
Key Trends: Regulatory ComplianceSolutions Need to Achieve Broader Coverage with Lower TCO More standards: • PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS… , , , , , More specific security requirements Virtualization, Web applications, EHR, PII… • Vi t li ti W b li ti EHR More penalties & fines • HITECH, Breach notifications, civil litigation “ DMZ consolidation using virtualization will be a "hot spot” for auditors, given the greater risk of mis-configuration and lower visibility of DMZ policy violation. Through year end violation year-end 2011, auditors will challenge virtualized deployments in the DMZ more than non-virtualized DMZ solutions. -- Neil MacDonald, Gartner Copyright 2009 Trend Micro Inc. 5 ”
Deep Security 8Agentless Security for VMware Trend Micro Deep SecurityIntegrates Agentless with 1 IDS / IPS VMsafe VM f vCenter APIs Web Application Protection Application Control pp Security Virtual Firewall Machine g Agentless v 2 S vShield Antivirus p Endpoint Agentless h 3 e Integrity Monitoring vShield Endpoint r e Agent-based 4 Log Inspection Security agent on individual VMs Copyright 2009 Trend Micro Inc.
Deep Security 8 Integrity MonitoringAgentless Integrity Monitoring The Old Way With Agent-less Integrity Monitoring Security VM VM VM Virtual Appliance VM VM VM VM Zero Added Faster Better Stronger Footprint F t i t Performance P f Manageability M bilit Security S it • Zero added footprint: Integrity monitoring in the same virtual appliance that also provides agentless AV and Deep Packet Inspection • Stronger Security: Expands security footprint on VMs, built in tamperproofing • Order of Magnitude savings in manageability • Virtual Appliance avoids performance degradation from FIM storms Copyright 2009 Trend Micro Inc. 8 8
Deep Security 8 Agent-based Anti-malware Deep Packet Firewall Inspection Anti-malware A ti l WEB REPUTATION VDI Local Mode SERVICES Hyper-V & Xen-based Integrity Log Virtual Servers Monitoring Inspection• New Agent-based AV for physical Windows and Linux* systems, Hyper-V & Xen based virtual servers, and virtual desktops in local mode Xen-based *Linux AV = scheduled scan, agent only, coming Q1 2012• Web reputation services through integration with Smart Protection Network protects systems/users from access to malicious websites Copyright 2009 Trend Micro Inc. 9
Deep Security 8Integrity Monitoring Ease of Use Enhancements (Agent + Agentless) Destination Certified Safe Software Service • Good Events (eg. Windows Source Destination Destination SP Roll out) typically add operational complexity • Nominating system as Golden Host creates template for good events for remaining systems Destination • Cloud-based event whitelisting further reduces IT burden Copyright 2009 Trend Micro Inc. 10
Summary / Key MessagesDeep Security 8 extends its leadership in server and virtualization security• A fully integrated server security platform built for physical virtual and cloud• Agentless integrity monitoring adds to other agentless modules, enables better security and compliance without added cost or complexity• Agent-based AV extends common protection across all aspects of PVC• Integration with SecureCloud 2 adds context-aware data protection in cloud environments Trend Micro Trend Micro 22.9% 13% All All Others Top ratings for Others Virtualization Combined Security 77.1% 87% Source: Worldwide Endpoint Source: 2011 Technavio – Security 2010-2014 Forecast Global Virtualization Security and 2009 Vendor Shares, IDC Management Solutions Copyright 2009 Trend Micro Inc. 11
Trend Micro: VMware #1 Security Partner and2011 Technology Alliance Partner of the Year Improves Security Improves Virtualization by b providing the most idi th t by b providing security solutions idi it l ti secure virtualization infrastructure, architected to fully exploit with APIs, and certification programs the VMware platform VMworld: Trend Micro Dec: Deep Security 7.5 virtsec customer Nov: Deep Security 7 w/ Agentless AntiVirus with virtual appliance Vmworld: Announce May: Trend acquires i RSA: Trend Micro RSA T d Mi Deep Security 8 Feb: Join Third Brigade Demos Agentless & vShield OEM VMsafe RSA: Other vendors program Sale of DS 7.5 “announce” Agentless Before GA 2008 2009 2010 2011 July: VMworld: Announce Q1: VMware buys RSA: Trend Micro CPVM Deep Security 7.5 Deep Security for announces Coordinated GA Internal VDI Use approach & Virtual pricing And shows Vmsafe demo Q4: Joined EPSEC 2010: RSA: Trend Micro vShield Program >100 customers announces virtual Copyright 2009 Trend Micro Inc. >$1M revenue appliance