Your SlideShare is downloading. ×
0
Security Designed for the Software-
Defined Data Center
PatrickGada
Senior Sales Engineer - Trend Micro
7 May2014
Are you still
using your
physical server
security in your
virtualized data
center?
2Copyright 2014 Trend Micro Inc.
The ph...
Are you dealing with?
3Copyright 2014 Trend Micro Inc.
• Minutes to deploy a server…
weeks to secure it
• Servers that sha...
Software-defined data center changes the
game
The opportunity:
Automate and
optimize security as
part of your data
center ...
Security principles remain the same;
APPROACH to security must change
CONTEXT Workload and application-aware
SOFTWARE Opti...
Copyright 2014 Trend Micro Inc. 6
Cloud and Data Center Security
Anti-
Malware
Log
Inspection
Host
Firewall
DeepPacket
Ins...
How Deep Security works
7Copyright 2014 Trend Micro Inc.
Manage global
deployments using Relays
Integrates with VMware
via...
New approach can improve data center
operations
Provision security automatically in your data center
Manage security effic...
Provision security automatically in your data
center
How do you:
• Secure the VM the moment it is provisioned?
• Apply the...
Provisioning
Infrastructure
vCenter, AD,
vCloud and AWS
SAP
Exchange
Servers
Oracle
Web
Servers
Web
Server
Automate securi...
New approach provides new opportunities
within data center operations
Provision security automatically in your data center...
Manage security efficiently as you scale
How do you:
• Quickly and easily identify and remediate a security issue?
• Addre...
Manage all controls across all environments
13Copyright 2014 Trend Micro Inc.
• Eliminate need to manage
agents on VMs
• M...
Virtualization Demo
14Copyright 2014 Trend Micro Inc.
Automatically add a
new VM with the
appropriate policy
Manage all co...
New approach provides new opportunities
within data center operations
Provision security automatically in your data center...
Optimize data center environment
resources
How do you address the
bottlenecks created by
traditional security
capabilities...
Use agentless security to reduce system load
Network Usage
Scan Speed
CPU/Memory Usage
IOPS
Storage
ESXi
SAN
Disk Disk Dis...
Avoid duplication of effort to impact
performance
18
Scan
Cache
*All results based on internal testingusingVMware View sim...
SIGNATURE BASED
ANTI-MALWARE
1988 - 2007
Smart protection
begins with global
threat
intelligence…
CLOUD BASED
GLOBAL THREA...
Smart Protection Network
EVERY
24
HOURS
Copyright 2014 TrendMicro Inc.
Smart Protection Network
… receives 16B
reputation queries from
customers
… analyses & correlates
100TB of data
… identifi...
03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2
Protect against vulnerabilities – before
you patch
• Number of vul...
03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2
Protect against vulnerabilities – before
you patch
• Roaming endpo...
Patching All Vulnerabilties in Time – Not Realistic
• Some vulnerabilities cannot be patched
– Systemsneed to be up 24/7 a...
Protect against vulnerabilities - before you
patch
• Reduce risk of exposure to
vulnerability exploits –
especially as you...
Trend Micro’s Intrusion
Prevention rules were
released more than a month
before this vulnerability was
addressed!
Copyrigh...
A new approach to security has impact
CONTEXT
SOFTWARE
PLATFORM
ADAPTIVE
 Reduce time to provision
 Reduce effort to man...
A new approach to security has impact
✓ Reduce the need for patching (down-time, reboot)
✓ Extend the life of XP / Windows...
Thousands of customers….millions of
servers protected
29
Automatedsecurity
Secured > 3,000
virtual desktops
Addressed
comp...
#1 Corporate Server Security Market Share
30
30
31%
Source: IDC Worldw ide Endpoint Security 2013-2017 Forecast and 2012 V...
Success Story
31
• Protects over 30,000 VDI users and 300
servers with agentless security
• Tight integration with VMware ...
Fact about Trend Micro
Founded in 1988, $1.2B Revenue (2012)
Headquartered in Japan, Tokyo Exchange
Nikkei Index, Symbol...
Q & A ?
Copyright 2014 Trend Micro Inc.
Upcoming SlideShare
Loading in...5
×

TrendMicro - Security Designed for the Software-Defined Data Center

323

Published on

VMUGIT User Conference 2014
Security Designed for the Software-Defined Data Center
VMUGIT 2014

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
323
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "TrendMicro - Security Designed for the Software-Defined Data Center"

  1. 1. Security Designed for the Software- Defined Data Center PatrickGada Senior Sales Engineer - Trend Micro 7 May2014
  2. 2. Are you still using your physical server security in your virtualized data center? 2Copyright 2014 Trend Micro Inc. The physical approach
  3. 3. Are you dealing with? 3Copyright 2014 Trend Micro Inc. • Minutes to deploy a server… weeks to secure it • Servers that share resources… security that consumes it • Virtual scale beyond physical limits… hitting a wall on security
  4. 4. Software-defined data center changes the game The opportunity: Automate and optimize security as part of your data center operations 4Copyright 2014 Trend Micro Inc.
  5. 5. Security principles remain the same; APPROACH to security must change CONTEXT Workload and application-aware SOFTWARE Optimized for virtualization and cloud infrastructure PLATFORM Comprehensive capabilities extended acrossyour data center and cloud Many Tools Generic Hardware ADAPTIVE Intelligent, dynamic policy enforcement Automatedprovisioning specific to platform Static 5Copyright 2014 Trend Micro Inc.
  6. 6. Copyright 2014 Trend Micro Inc. 6 Cloud and Data Center Security Anti- Malware Log Inspection Host Firewall DeepPacket Inspection Data Center Physical Virtual PrivateCloud Integrity Monitoring Public Cloud Trend Micro Deep Security
  7. 7. How Deep Security works 7Copyright 2014 Trend Micro Inc. Manage global deployments using Relays Integrates with VMware via vSphere, vCenter, vCloud Director Integrates with LDAP Oracle or SQL Integrates with SIEM
  8. 8. New approach can improve data center operations Provision security automatically in your data center Manage security efficiently as you scale Optimize data center environment resources 8Copyright 2014 Trend Micro Inc.
  9. 9. Provision security automatically in your data center How do you: • Secure the VM the moment it is provisioned? • Apply the right policies to that VM? • Reduce the time to provision without compromising on security? • Securely bring up/down/moveyour VMs? 9Copyright 2014 Trend Micro Inc.
  10. 10. Provisioning Infrastructure vCenter, AD, vCloud and AWS SAP Exchange Servers Oracle Web Servers Web Server Automate security specific to your data center • Gain visibilityinto environmentusing vCenter and vCloud Director integration • Recommend and apply policies automatically - specific to your data center • Automatically scale up and down as required—with no security gaps 19 Rules 15 Rules 73 Rules 8 Rules 28 Rules VM VM VM VM VM VM VM VM 10Copyright 2014 Trend Micro Inc.
  11. 11. New approach provides new opportunities within data center operations Provision security automatically in your data center Manage security efficiently as you scale Optimize data center environment resources 11Copyright 2014 Trend Micro Inc.
  12. 12. Manage security efficiently as you scale How do you: • Quickly and easily identify and remediate a security issue? • Address environment vulnerabilities in a dynamic and growing environment? • Manage all security requirements consistentlyacross your evolving data center environments? 12Copyright 2014 Trend Micro Inc.
  13. 13. Manage all controls across all environments 13Copyright 2014 Trend Micro Inc. • Eliminate need to manage agents on VMs • Manage all controlson a single virtual appliance • Easily apply consistent policy across environments Integrates with VMware via vSphere, vCenter, vCloud Director ESX Integrates with LDAP Oracle or SQL Integrates with SIEM
  14. 14. Virtualization Demo 14Copyright 2014 Trend Micro Inc. Automatically add a new VM with the appropriate policy Manage all controls across all environments
  15. 15. New approach provides new opportunities within data center operations Provision security automatically in your data center Manage security efficiently as you scale Optimize data center environment resources 15Copyright 2014 Trend Micro Inc.
  16. 16. Optimize data center environment resources How do you address the bottlenecks created by traditional security capabilities? 16Copyright 2014 Trend Micro Inc.
  17. 17. Use agentless security to reduce system load Network Usage Scan Speed CPU/Memory Usage IOPS Storage ESXi SAN Disk Disk Disk Disk Disk 17Copyright 2014 Trend Micro Inc.
  18. 18. Avoid duplication of effort to impact performance 18 Scan Cache *All results based on internal testingusingVMware View simulators Up to 20X Faster* Full Scans Up to 5X Faster Realtime Scans Up to 2X Faster VDI Login Copyright 2014 Trend Micro Inc. 18
  19. 19. SIGNATURE BASED ANTI-MALWARE 1988 - 2007 Smart protection begins with global threat intelligence… CLOUD BASED GLOBAL THREAT INTELLIGENCE 2008 BIG DATA ANALYTICS-DRIVEN GLOBAL THREAT INTELLIGENCE 2012+ • Email reputation • File reputation • Web reputation • Whitelisting • Network traffic rules • Mobile app reputation • Vulnerabilities/Exploits • Threat Actor Research • Enhanced File Reputation • Enhanced Web Reputation • Command & Control Smart Protection Network Copyright 2014 Trend Micro Inc.
  20. 20. Smart Protection Network EVERY 24 HOURS Copyright 2014 TrendMicro Inc.
  21. 21. Smart Protection Network … receives 16B reputation queries from customers … analyses & correlates 100TB of data … identifies 300,000 new, unique threats … blocks 250M threats within our customer networks Copyright 2014 TrendMicro Inc.
  22. 22. 03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2 Protect against vulnerabilities – before you patch • Number of vulnerabilities on the rise – Over 13,000 vulnerabilities reported in 2013, 32% increase from 2012 – 73.5% of them are remotely exploitable over the network – In July 2013, The New York Times reported that the average vulnerability sells from around $35,000 to $160,000 • Exploits become available shortly after disclosure – 74% on the same day – 8% more than one day later 2Copyright 2014 Trend Micro Inc.
  23. 23. 03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2 Protect against vulnerabilities – before you patch • Roaming endpoints are directly exposed to threats – Connecting to the Internet from home, hotels, Wifi-Hotspots • Unauthorized network access within company parameters – Employee can access unauthorized network using personal owned devices 2Copyright 2014 Trend Micro Inc.
  24. 24. Patching All Vulnerabilties in Time – Not Realistic • Some vulnerabilities cannot be patched – Systemsneed to be up 24/7 and cannot be rebooted • Patches often do not exist – for 52% of known vulnerabilites, no patch exists – Average of 151 days for vendors to release patch (NSS Labs 2013) • Patches – if available – are not deployed immediately – Average time to patch in enterprises in 2013: 59 days! – Endpoints remain vulnerable Copyright 2014 Trend Micro Inc.
  25. 25. Protect against vulnerabilities - before you patch • Reduce risk of exposure to vulnerability exploits – especially as you scale • Save money avoiding costly emergency patching • Patch at your convenience Vulnerability Disclosed or Exploit Available Patch Available Complete Deployment Test Soak Exposure Begin Deployment Patc hed Virtually patch with Trend Micro Intrusion Prevention 25Copyright 2014 Trend Micro Inc.
  26. 26. Trend Micro’s Intrusion Prevention rules were released more than a month before this vulnerability was addressed! Copyright 2014 Trend Micro Inc. (CVE-2013-5065) 26Copyright 2014 Trend Micro Inc. Protect against vulnerabilities - before you patch
  27. 27. A new approach to security has impact CONTEXT SOFTWARE PLATFORM ADAPTIVE  Reduce time to provision  Reduce effort to manage  Optimize data center resources 27Copyright 2014 Trend Micro Inc.
  28. 28. A new approach to security has impact ✓ Reduce the need for patching (down-time, reboot) ✓ Extend the life of XP / Windows 2000 systems ✓ Protection against exploits ✓ Enable compliance with PCI 6.6 ✓ Control unauthorized network access 28Copyright 2014 Trend Micro Inc.
  29. 29. Thousands of customers….millions of servers protected 29 Automatedsecurity Secured > 3,000 virtual desktops Addressed compliance Centralized security Deployed virtual patching Reduced impact on performance Deployed multiple controlsto protectdata Copyright 2014 Trend Micro Inc.
  30. 30. #1 Corporate Server Security Market Share 30 30 31% Source: IDC Worldw ide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares, Figure 2, doc #242618, August 2013 Copyright 2014 Trend Micro Inc.
  31. 31. Success Story 31 • Protects over 30,000 VDI users and 300 servers with agentless security • Tight integration with VMware reduced management complexity • Workload on storage reduced by 70% RESULTS: “ ...Logging-in process and application performance are fast and USERS HAVE BEEN HAPPY…” Virtual Technology Center NTT-Neomeit Source: 2013 Success Story with NTT Needed to secure a large VDI deployment RESULTS: Copyright 2014 Trend Micro Inc.
  32. 32. Fact about Trend Micro Founded in 1988, $1.2B Revenue (2012) Headquartered in Japan, Tokyo Exchange Nikkei Index, Symbol 4704 Largest Security focused company world wide Over 5200 Employees, 38 Business Units 37%Consumer 12%Small Business 13% Midsize Business 38%Enterprise & VLE Copyright 2014 Trend Micro Inc.
  33. 33. Q & A ? Copyright 2014 Trend Micro Inc.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×