Securing Virtual and Cloud Environments


Published on

Visualization is now mainstream. However, traditional antivirus programs are designed to work on physical PC's. F-Secure's Security for Virtual and Cloud Environments is optimized for Virtual machines. Quick presentation to discuss Visualization and the product. Delivered in January 2014

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • We have been awarded Best Protection..
  • Let’s look at the detail of our security offering…
  • Target – Originally 40 million people, this weekend 70, some say 110 millionNeiman Marcus – This weekendUSB Sticks – Cut hole in ATM, installed malware, patched the security vulnerabilities. Required 2 codes from different gangs, trust issuesWindows XP, usually old versions. End of Life in April 2014, may yet be the security story of 2014
  • Skype – Twitter, Facebook and Wordpress accounts. Not using two factor authentication. This weekend, Microsoft news and Xbox accounts were also hacked.
  • Snapchat was warned about the attack, however, they brushed it off, saying the risk was theoretical. After the attack, they blamed the researcher who found the vulnerability, did not apologise until Jan 9th. Improvements, not clear, but users can now opt out.
  • From December 31 to January 3, Adverts on Yahoo’s websites lead to malware. 27,000 infections every hour the malware was live on the site. Over the period of the attack that could mean as many as two million machines were infected.
  • Number of Servers very quickly add upServers are designed to run one operating system and one application at a timeAsk the admin what his five most important applications are, and he will point to 5 or more servers.
  • Reductions in hardware requirements by a ratio of 10:1 or better.
  • This is up from around 50% in June 2012…….a very rapid upward trend !!
  • Desktop - Desktop virtualization is software technology that separates the desktop environment and associated application software from the physical client device that is used to access it.Storage - the amalgamation of multiple network storage devices into what appears to be a single storage unit. Network -
  • Virtualization makes cloud computing possible by decoupling software from hardware. Virtualisation – high upfront costs (save money in the long run), cloud – subscription service. virtualization can be a method for delivering a private cloud, but it doesn’t work the other way around. “Every square is a rectangle but not every rectangle is a square. Every cloud is composed of virtual infrastructure but not every virtual infrastructure is part of a cloud.”
  • Our performance is on par with the best competition – but with the best protection level
  • Competition does not offer support for mixed / hybrid environments
  • F-Secure Security for Virtual and Cloud Environments (SVCE) is a security solution for virtual environments. It is hypervisor agnostic and thus can be deployed in any virtualization (VI or VDI) environment. Unlike other security vendors offering agent-less or silent-agent based solutions, F-Secure SVCE is an added feature for the existing F-Secure award-winning end-point and server protection products. It allows to offload CPU intensive scanning operations to a dedicated F-Secure Scanning and Reputation Server (SRS) and reduce CPU and/or memory consumption on virtual machines. While this results increased VM density per hypervisor, it still provides the best protection possible against malware, exploits, phishing and other network based attacks. 
  • Adding SRS increases the license cost, butSAVES MORE IN HARDWARE
  • Securing Virtual and Cloud Environments

    1. 1. Securing Virtual and Cloud Environments January 15th 2014
    2. 2. Securing Virtual and Cloud Environments Agenda Bunmi Sowande Technical Specialist – F-Secure (UK) 07818 515 687 • • • • • What is virtualization? Benefits of virtualization Virtualization = Cloud ?? Security in Virtual and Cloud Environments F-Secure Security for Virtual and Cloud Environments
    3. 3. Awarded Best Protection & Praised by Certified and Awarded by Analysts numerous 3 parties! rd “Out of all corporate endpoint protection products reviewed, F-Secure Client Security offered by far the best protection.” Andreas Marx, CEO of AV-TEST The Forrester Wave™: Endpoint Security, Q1 2013 Received highest score among all vendors for our product roadmap and strategy. Top ranking scores on performance and satisfaction, in addition to our advanced anti-malware technologies.
    4. 4. Comprehensive Protection Providing 360 protection from all threats Protection Service for Business Business Suite In-House IT Policy Manager Management as a Service Internet Gatekeeper Messaging Security Gateway PSB Portal Out-sourced IT Server Security Client Security Email and Server Security Mobile Security Linux Security AV for Workstations PSB Server Security PSB Email and Server Security PSB Workstation Security Protection Service for Email PSB Mobile Security
    5. 5. Karmina Senior Analyst Security in the news
    6. 6. Security in the News
    7. 7. Security in the News
    8. 8. Security in the News
    9. 9. Security in the News
    10. 10. What is virtualization ?
    11. 11. In the beginning……… ……….Cueball and Associates buy their first server Domain Controller • • • Email Server File and Storage F-Secure Policy Manager Backup Domain Controller CRM Accounting Software Each application requires a separate server Most of the time, the server’s use 5-25% of their resources – VERY INEFFICIENT In large datacenters, most of the power consumed by hardware is just heating the room in idle cycles.
    12. 12. Hardware Resources
    13. 13. Sharing is caring
    14. 14. Benefits of Virtualization • • • • Hardware Cost savings Resource Utilisation is around 80%, better efficiency Reduced power costs (servers and air-conditioning) Capital and operations expenses cut by half, with annual savings of more than £1,000 for each server virtualized • Less space needed in datacentre for physical servers • High Availability, better disaster recovery without complicated clustering • Faster Provisioning of servers • Easy to upgrade • Allows for easy testing and evaluation of applications and Operating Systems
    15. 15. Virtual machines are already mainstream “Roughly two-thirds of x86 server workloads are virtualized, the market is mature and competitive, and enterprises have viable choices” – Gartner, June 2013, Magic Quadrant for x86 Server Virtualization Infrastructure 16 February 14, 2014 © F-Secure Confidential
    16. 16. Other types of Virtualization • • • • Desktop Virtualization – Thin Clients, VDI Storage Virtualization Network Virtualization Application Virtualization
    17. 17. Desktop Virtualization Trends SMB’s are increasingly using virtual desktops Source: Virtualization: A 2013 HorizonWatching Trend Report
    18. 18. Virtualization = Cloud Computing ?? Virtualization – Physical Infrastructure Cloud Computing – Software or a service.
    19. 19. Most common cloud services Web hosting Virtual servers 20 February 14, 2014 Email and collaboration tools Virtual desktops (VDI for BYOD) © F-Secure Confidential
    20. 20. Security for Virtual Environments with optimal performance
    21. 21. Which is more important? Protection level Performance 22 February 14, 2014 © F-Secure Confidential
    22. 22. Special demands in virtual environments Traditional security threats apply, but… Limited hardware capacity Shared hardware usage Added weight to the scanning process 23 February 14, 2014 © F-Secure Confidential Significant impact on desktop virtualization Need to optimize and offer a good user experience Need to invest in additional capacity
    23. 23. Traditional anti-virus in virtual machines Takes up a lot of resources from the hardware Difficult to manage Higher costs High performance impact 24 February 14, 2014 © F-Secure Confidential
    24. 24. F-Secure Security for Virtual and Cloud Environments 25 February 14, 2014 © F-Secure Confidential
    25. 25. Optimized performance Reduced resource usage for virtual environments Performance optimized to reduce hardware costs Light (small footprint) security client for virtual machines Optimized use of hardware capacity High availability and scalability with multi-server deployment 26 February 14, 2014 © F-Secure Confidential
    26. 26. Multi-platform coverage Supports all popular virtualization platforms, including mixed and hybrid environments with multiple virtual platforms 27 February 14, 2014 © F-Secure Confidential Hypervisor agnostic – works with VMware, Citrix, MS Hyper-V, etc Hybrid solution supports different environment combinations
    27. 27. Reduced complexity Single unified central management and standard clients Built-in functionality in standard clients 28 February 14, 2014 © F-Secure Confidential All parts of the solution centrally managed with the same management tool Reduced complexity due to easy deployment
    28. 28. Security for Virtual and Cloud Environments Virtual Machine Physical Machine
    29. 29. Security solution for virtual and cloud environments 1. Uncompromised, best protection against malware, exploits, phishing and other network based attacks 2. Reduced memory, CPU and disk space consumption on virtual machines 3. Can be deployed in any virtualization or cloud environment including mixed and hybrid environments 4. An added feature for the award-winning endpoint and server protection products 5. Scanning offloaded to a dedicated Scanning and Reputation Server
    30. 30. How it works?
    31. 31. Client • Standard F-Secure workstation and server software • One-time installation on virtual machine template • Includes F-Secure award-winning technologies • Centrally managed with a single unified management console Scanning and Reputation Server • Easy deployment with pre-configured virtual appliance • Isolates performance consuming operations from clients • Centrally managed with the same management console as clients Elements Management, provisioning, monitoring • F-Secure Policy Manager installed on Windows or Linux server • Provides policies , configuration and updates for all managed parts of the solution • Status, monitoring, st atistics and licensing
    32. 32. Security for Virtual and Cloud Environments
    33. 33. SVCE Licensing The things you need to know • What is the number of • End points in total • Virtualized end points The products you need 1) Client installations • Client Security or Server Security • Amount of devices 2) Offload scanning server • Scanning and Reputation Server • Amount of clients offloading the scanning How to sell it? n x CS/SS SKU + n x SRS SKU = SVCE Price
    34. 34. SVCE Pricing example – From physical to hybrid environment 200 workstations (100 Physical PCs and 100 Virtualised) 200 x Client Security (100-499) 100 Connections to Scanning and Reputation Server • Multiple SRS Servers can be deployed for scalability and redundancy. • 1 Scanning and Reputation Server (4GB RAM and 4 vCPU) for 100 virtual machines running on the same hypervisor host
    35. 35. No more compromises! Request trial
    36. 36. Questions ?? Next webinars 12th February - Why SMBs are outsourcing Security to Managed Service Providers – 12th March – Why do you need to protect your mobile devices? -
    37. 37. How it works Component What it does? Policy Manager provides centralized management for products installed on physical and virtual machines Policy Manager Console the administration console to define policies, deploy F-Secure software and monitor status of security Client Security, Server Security and Email and Server Security endpoint security protection installed on physical or virtual desktops and servers respectively Management Agent communicates with Policy Manager, applies defined policies and sends status information and alerts to the Policy Manager Server Automatic Update Agent responsible for downloading and installing software and database updates Offload Scanning Agent offloads malware scanning and content reputation checking to minimize the performance impact Scanning and Reputation Server the virtual appliance based on hardened Linux platform. It provides malware scanning and content reputation services.