Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Virtualize More While Improving Your Cybersecurity RiskPosture – The “4 Must Haves” of Virtualization SecurityFor State, L...
Data Center Evolution in the Public Sector             EXTERNAL                    TRANSFORMATIVE                    MOVIN...
Security and Compliance Key to Virtualizing “the Next 50%”	                                                               ...
Gaps in Platform Support for Tier 1 Workloads                                        Breach Prevention                    ...
Privilege Misuse Can Have Huge Business Impact                                         Percentage of security breaches due...
Privilege Misuse Can Have Huge Business Impact                                   Percentage of security breaches due to   ...
Keys to Virtual Infrastructure Security – “The 4 Must Haves”                                            Virtual           ...
Expert Consensus on Virtualization Best Practices •  “Restrict and protect administrator access to the    virtualization s...
PCI DSS v2 Requirements Met by HyTrustRequirement                               HyTrust Solution2)  Do not use vendor-    ...
NIST Directives on Virtualization Security                                          “   Organizations should have the same...
HyTrust Role in NIST/FISMA Compliance   6 of 18 NIST 800-53 control families                                             ...
HyTrust: Confidently Virtualize Critical Applications  Secures the hypervisor & virtual  infrastructure by closing platfor...
Partnerships Magnify HyTrust ValueHyTrust is key "go to"                       HyTrust is part of CA     HyTrust is the pl...
Use Case: State of Michigan  Company:                         State Government with centralized IT supporting 17 agencies ...
Use Case: University of California  Company:                         UC Campus with centralized IT supporting 30 departmen...
Under the Hood: Typical VMware deploy (Router Mode)                                                                       ...
Under the Hood: Live Demo© 2012, HyTrust, Inc. www.hytrust.com   17
Summarize: Virtualize More, With Confidence  Virtualizing Tier 1 supports business goals through higher efficiency  Pre-...
Thank You!© 2012, HyTrust, Inc. www.hytrust.com   19
Resources Links  HyTrust Community Edition and Video Demos       http://www.hytrust.com/resources/product  HyTrust Case...
Upcoming SlideShare
Loading in …5
×

Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must Haves" of Virtualization Security for State, Local, and Education

519 views

Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must Haves" of Virtualization Security for State, Local, and Education

  1. 1. Virtualize More While Improving Your Cybersecurity RiskPosture – The “4 Must Haves” of Virtualization SecurityFor State, Local, and Education Eric Pankau – Director, Government, Carahsoft Eric Chiu – Founder & President, HyTrust Curtis Salinas – Technical Account Manager, HyTrust © 2012, HyTrust, Inc. www.hytrust.com 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
  2. 2. Data Center Evolution in the Public Sector EXTERNAL TRANSFORMATIVE MOVING FACTORS EVENTS FORWARDCost cutting Virtualization “1st 50%” Virtualization “next 50%”Compliance Converged Maximum utilization infrastructureAPTs Multi-tenancy Private cloudsDecreasing time-to- IT self-servicebreach Data center consolidation Maintaining complianceIncreasing partneraccess to data center Data center automation Maintaining governance Key trend: pressure for cost cutting driving data center efficiency initiatives, including increased virtualization© 2012, HyTrust, Inc. www.hytrust.com 2
  3. 3. Security and Compliance Key to Virtualizing “the Next 50%”   Enterprise Platform Discussion Extensive Production   Tier 3/4 workloads now mostly virtualized Mission-Critical Workloads   Tier 1/2 workloads have higher security, Limited Production compliance needs   Virtualization platform Develop/Test provides OK security for non-critical apps   Purpose-built solutions needed for mission critical workloads Non-Compliant Limited Compliance Compliant Best-Practice Plans to virtualize Tier 1 workloads have exposed gaps in platform security and compliance© 2012, HyTrust, Inc. www.hytrust.com 3
  4. 4. Gaps in Platform Support for Tier 1 Workloads Breach Prevention Audit Support Stopping Human Error© 2012, HyTrust, Inc. www.hytrust.com 4
  5. 5. Privilege Misuse Can Have Huge Business Impact Percentage of security breaches due to 43% “trusted” insiders and business partners — Forrester survey, June 2011 Percentage of execs who say their most 56% serious fraud was due to a privileged user — PricewaterhouseCoopers, Wall Street Journal, April 2012 Percentage of outages and availability/50-80% performance problems related to misconfiguration — Gartner (>50%), Enterprise Management Assoc. (60%), IT Process Institute (80%), 2005-12 © 2012, HyTrust, Inc. www.hytrust.com 5
  6. 6. Privilege Misuse Can Have Huge Business Impact Percentage of security breaches due to Shionogi & Co: 43% $3.2B pharmaceutical company business partners “trusted” insiders and — Forrester survey, June 2011 Laid off IT admin: •  Logged in remotely to vSphere from McDonald’s WIFI of execs who say their most Percentage 56% serious fraud was due to a privileged user •  Deleted 88 virtual production servers — PricewaterhouseCoopers, Wall Street Journal, April 2012 •  Took down email, order entry, payroll, BlackBerry, & other services Percentage of outages and availability/ •  Caused $800K damage50-80% performance problems related to misconfiguration — Gartner (>50%), Enterprise Management Assoc. (60%), IT Process Institute (80%) Enforceable access and configuration policies are needed for safe Tier 1 virtualization © 2012, HyTrust, Inc. www.hytrust.com 6
  7. 7. Keys to Virtual Infrastructure Security – “The 4 Must Haves” Virtual Infrastructure HyTrust provides 2 required functions directly and supports other 2 through partners© 2012, HyTrust, Inc. www.hytrust.com 7
  8. 8. Expert Consensus on Virtualization Best Practices •  “Restrict and protect administrator access to the virtualization solution.” •  “Secure each management interface” •  “Monitor and analyze logs at all layers of the virtualization infrastructure” •  “Enforce least privilege and separation of duties” •  “It is critical that independent monitoring of all activities be enforced” •  “Require multi-factor authentication for all administrative functions.” •  “Administrative access to the hypervisor/VMM layer must be tightly controlled”* NIST SP 800-125: Guide to Security for Full Virtualization Technologies** PCI-DSS 2.0 Information Supplement – Virtualization Security*** Neil MacDonald, vice president and Gartner fellow© 2012, HyTrust, Inc. www.hytrust.com 8
  9. 9. PCI DSS v2 Requirements Met by HyTrustRequirement HyTrust Solution2)  Do not use vendor-   Password vault for generic/shared accounts (root/ supplied defaults for administrator) system passwords and   Assessment against a configuration standard to verify other system parameters. passwords have been changed7) Restrict access to   Granular RBAC and label-based restricted access to cardholder data by ESX/i, vCenter, VM console, Nexus 1000V, etc. business need-to- know.   Authentication integrated with Active Directory groups and roles8) Assign a unique ID to   Root Password Vault (RPV) regulates access to each person with privileged/shared accounts. Individuals are tracked with a computer access. check-out/in process.   Multi-factor authentication supported with RSA SecurID and/or Smart Cards10) Track and monitor all   Audit trail for all access regardless of method access to network data   Detailed record of who did what, where, when and the and apps and cardholder result (allowed or denied) data.   Logs sent to a central log repository © 2012, HyTrust, Inc. www.hytrust.com 9
  10. 10. NIST Directives on Virtualization Security “ Organizations should have the same security controls in place for virtualized operating systems as they have for the same operating systems running ” directly on hardware. “ Ensure that the hypervisor is properly secured. ” “ Restrict and protect administrator access to the virtualization solution. The security of the entire virtual infrastructure relies on the security of the virtualization management system that controls the hypervisor and allows the operator to start guest OSs, create new ” guest OS images, and perform other administrative actions. Neither physical data center security controls nor the basic controls provided by the virtualization platform were designed to fulfill these requirements for FISMA compliance. © 2012, HyTrust, Inc. www.hytrust.com 10
  11. 11. HyTrust Role in NIST/FISMA Compliance   6 of 18 NIST 800-53 control families IDENTIFIER FAMILY focus on controlling and tracking infrastructure access or ensuring configuration and system integrity   Compliance in virtual environments requires an approach that addresses the distinct attributes of virtual infrastructure access, configuration, and system integrity   HyTrust is purpose-built to control and log access activity, ensure compliant host configurations, and protect system integrity in virtual environments   HyTrust fills critical gaps in the virtualization platform’s NIST/FISMA Source: NIST Special Publication 800-53, Revision 3 compliance capabilities* * Platform capabilities mentioned in this document are believed to be accurate as of April, 2012, and are subject to revision © 2012, HyTrust, Inc. www.hytrust.com 11
  12. 12. HyTrust: Confidently Virtualize Critical Applications Secures the hypervisor & virtual infrastructure by closing platform gaps:   Enforces consistent access and authorization policies covering all access methods   Provides granular, user-specific, audit-quality logs   Enables strong, multi-factor authentication   Verifies platform integrity, ensuring the hypervisor is hardened and the virtual infrastructure is trustedBy filling the gaps in virtual infrastructure security and compliance, HyTrust enables enterprises to virtualize more and improve business outcomes © 2012, HyTrust, Inc. www.hytrust.com 12
  13. 13. Partnerships Magnify HyTrust ValueHyTrust is key "go to" HyTrust is part of CA HyTrust is the platform HyTrust providespartner for vSphere ControlMinder for security solution - combined reportingsecurity and compliance Virtual Environments access control and with Trends Deep auditing - for vBlock Security productHyTrust provides HyTrust reporting and HyTrust is part of Intels HyTrust event reporting andnative integration with controls being integrated trusted cloud architecture TXT integration beingSecurID and enVision with Symantec CCS based on TXT integrated with McAfee ePO © 2012, HyTrust, Inc. www.hytrust.com 13
  14. 14. Use Case: State of Michigan Company: State Government with centralized IT supporting 17 agencies with varied security requirements Background: •  3 Data Centers with 70+ hosts and growing rapidly •  Running vSphere Active Directory & RSA SecurID Issue: •  Admin/user authentication and authorization •  PCI logging •  Hypervisor hardening Benefit: •  Enables customer to meet access requirements with seamless RSA integration •  Provides audit-quality logs to meet PCI compliance requirements •  Ensures a secure environment with documented, implemented roles© 2012, HyTrust, Inc. www.hytrust.com 14
  15. 15. Use Case: University of California Company: UC Campus with centralized IT supporting 30 departments with varied security requirements Background: •  Consolidation, growth, centralization goals •  Running vSphere Active Directory & RSA SecurID Issue: •  Admin/user authentication and authorization •  Lack of transparency •  Hypervisor hardening Benefit: •  Secure Access leveraging two-factor authentication •  Separation of duties with total visibility •  Mapped to regulatory templates The HyTrust Appliance is the robust solution we need to offer essential new capabilities to our growing customer base— while enforcing policies and maintaining the utmost security. University of California, Systems Administrator© 2012, HyTrust, Inc. www.hytrust.com 15
  16. 16. Under the Hood: Typical VMware deploy (Router Mode) VM Guest Traffic Subnet(s)EnterpriseClients vCenter Authentication via Active Directory, LDAP, Corporate RSA SecurID Network VMware Management SubnetVirtualization (ESXi Management VMkernels,Management vCenter Server)Clients © 2012, HyTrust, Inc. www.hytrust.com 16
  17. 17. Under the Hood: Live Demo© 2012, HyTrust, Inc. www.hytrust.com 17
  18. 18. Summarize: Virtualize More, With Confidence  Virtualizing Tier 1 supports business goals through higher efficiency  Pre-requisite: mitigate security and compliance risks to workloads  HyTrust enforces access and configuration policies that mitigate risks  By filling gaps in platform security and compliance, HyTrust enables economic benefits of Tier 1 virtualization and private clouds© 2012, HyTrust, Inc. www.hytrust.com 18
  19. 19. Thank You!© 2012, HyTrust, Inc. www.hytrust.com 19
  20. 20. Resources Links  HyTrust Community Edition and Video Demos   http://www.hytrust.com/resources/product  HyTrust Case Studies   http://www.hytrust.com/resources/case-studies  HyTrust Analyst Reports   http://www.hytrust.com/resources/analyst-reports© 2012, HyTrust, Inc. www.hytrust.com 20

×