Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Data Centre Evolution: Securing Your Journey to the Cloud

1,121 views

Published on

The world of computing is moving to the cloud – shared infrastructures, shared systems, instant provisioning and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data. But how secure is your data in the cloud and do conventional security products offer the optimal approach to securing your virtualised environments?

In this presentation we examine security and performance concerns along your journey to the cloud and explore new technologies from VMware and Trend Micro. These innovations are all ready helping thousands of businesses to address the security challenges with Physical, Virtual and cloud platforms.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Data Centre Evolution: Securing Your Journey to the Cloud

  1. 1. Data Center Evolution:Physical. Virtual. Cloud.Securing Your Journey to the CloudTrend Micro
  2. 2. JOURNEY TO THE CLOUDWhere is Your Data? HYBRID CLOUD PUBLIC CLOUD SERVER VIRTUALIZATION where is your BYOPC Data? DESKTOP PHYSICAL VIRTUALIZATION DESKTOPS & SERVERS MOBILE PRIVATE CLOUD
  3. 3. CROSS-PLATFORM SECURITYOne Security Model is Possibleacross Physical, Virtual, and Cloud Environments Physical Virtual Cloud New platforms don’t change the threat landscape Each platform has unique security risks Integrated security is needed across all platforms
  4. 4. PLATFORM-SPECIFIC SECURITY RISKSOne Security Model is Possibleacross Physical, Virtual, and Cloud Environments Manageability Performance & Threats Visibility & Threats Glut of security products Traditional security Less visibility Less security degrades performance New VM-based threats More external risks Higher TCO Reduce Complexity Physical Increase Efficiency Virtual Deliver Agility Cloud Integrated Security: Single Management Console
  5. 5. REDUCE COMPLEXITYConsolidate Physical Security
  6. 6. REDUCE COMPLEXITYOne Server Security Platform Firewall HIPS / Virtual Web Application Antivirus Integrity Log Patching Protection Monitoring Inspection Single Management Console Advanced Reporting Module
  7. 7. INCREASE EFFICIENCYServer and DesktopVirtualization Security
  8. 8. VIRTUALIZATION SECURITYChallenge: Resource Contention Typical AV Console 3:00am Scan Antivirus Storm Automatic security scans overburden the system
  9. 9. VIRTUALIZATION SECURITYChallenge: Instant-on Gaps Active Dormant  
  10. 10. VIRTUALIZATION SECURITYChallenge: Instant-on Gaps Reactivated with Active out dated security Cloned        Reactivated and cloned VMs can have out-of-date security
  11. 11. VIRTUALIZATION SECURITYChallenge: Complexity of Management Provisioning Reconfiguring Rollout Patch new VMs agents patterns agents VM sprawl inhibits compliance
  12. 12. VIRTUALIZATION SECURITYChallenge: Inter-VM Attacks / Blind Spots Attacks can spread across VMs
  13. 13. Agent-less Security Architecture Trend Micro Trend Micro Deep Security Deep Security Virtual Appliance Manager Guest VM’sSecurity Admin Network Security Anti-Malware - IDS/IPS - Real-time Scan APPs - Web App Protection APPs - Application Control - Scheduled & APPs Manual Scan - Firewall OS VMsafe-net vShield API Endpoint API VM tools ESX VI Trend Micro vShield EndpointAdmin vShield Manager filter driver ESX Module vCenter vSphere Platform Trend Micro vShield VMware Legend  product Platform Endpoint components Components
  14. 14. VIRTUALIZATION SECURITYWhat is the Solution?Layered, Virtualization-Aware Security in One Platform Deep Security Integrated Modules: With Agentless Security • Antivirus Security VM Virtual VM VM VM • Integrity Monitoring Appliance • Intrusion Prevention • Web Application Protection VM VM VM VM VM VM • Application Control • Firewall • Log Inspection Higher Optimized Simplified Stronger Density Resources Management Security Maximizes Performance and ROI
  15. 15. CASE STUDYAgentless Anti-malwareCity of Oulu, FinlandIndustry Municipal GovernmentNumber of Employees 10,000 Challenge Solution Business Results • Merge infrastructures of four • vShield Endpoint and Trend • Protection that is easy to surrounding cities in less Micro Deep Security, for deploy, administer, and scale than one year agentless protection of • Agentless security that is • Extend the lives of existing virtual desktop infrastructure more resource PCs that cannot be (VDI) • Instant protection of new upgraded to Windows 7 VMs at time of spin-up • Minimize the start-up efforts for the infrastructure merger • Avoid complexity that would slow systems or increase workload
  16. 16. DELIVER AGILITYCloud Deploymentsand Security
  17. 17. CLOUD SECURITYCloud Models: Who Has Control? Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud IaaS PaaS SaaS End-User (Enterprise) Service Provider Who is responsible for security? With IaaS the customer is responsible for VM-level security With SaaS or PaaS the service provider is responsible for security
  18. 18. CLOUD SECURITYChallenge: Multi-tenancy / Mixed Trust Level VMs Shared resources creates a mixed trust level environment
  19. 19. CLOUD SECURITYChallenge: Data Access and Governance There can be less visibility and control of cloud data
  20. 20. CLOUD SECURITYChallenge: Data Destruction 10011 01110 0 00101 10011 01110 00101 When data is moved, unsecured data remnants can remain
  21. 21. CLOUD SECURITYWhat is the Solution? Data Protection Data Security Server & App Security Encryption Modular Protection with Policy-based Sensitive Research Results Key Management • Unreadable for unauthorized users • Control of when and • Self-defending VM security where data is accessed • Agentless and agent-based • Server validation • One management portal for • Custody of keys all modules, all deployments Integration ensures servers have up-to-date security before encryption keys are released vSphere & vCloud 2 2
  22. 22. CLOUD SECURITYFitting Encryption into a VMware Ecosystem Trend Micro SecureCloud VMware vCloud VMware vSphere Key Service Data Center Private Cloud Public Cloud Console VM VM VM VM VM VM VM VM VM VM VM VM Enterprise Key Encryption throughout your cloud journey—data protection for virtual & cloud environments 2
  23. 23. Deep Security / Secure Cloud Example Customer 1 Customer 2 Unix/ Win Server VMware Vsphere ESX Customer Test
  24. 24. TREND MICRO DEEP SECURITYSpecialized Protectionfor Physical, Virtual, and Cloud Physical Virtual Cloud Only fully integrated server security platform First hypervisor-integrated agentless antivirus First agentless file integrity monitoring (FIM) Only solution in its category to be EAL4+ and FIPS certified
  25. 25. TREND MICRO: VMWARE’S NUMBER 1 SECURITY PARTNER2011 Technology Alliance Partner of the Year Improves Security Improves Virtualization by providing the most secure virtualization by providing security solutions architected to fully infrastructure, with APIs, and certification programs exploit the VMware platform Dec: Deep Security 7.5 VMworld: Trend virtsec Nov: Deep Security 7 w/ Agentless Antivirus customer, case study, with virtual appliance webinar, video RSA: Trend Micro RSA: Other May: Trend Demos Agentless vendors Feb: Join acquires Sale of DS 7.5 “announce” VMworld: Announce VMsafe program Third Brigade Before GA Agentless Deep Security 8 w/ Agentless FIM2008 2009 2010 2011 July: VMworld: CPVM 1000 AgentlessRSA: Trend Micro VMsafe Announce GA Q4: Joined 2010: customers demo, announces Deep Security 7.5 Coordinated approach & RSA: Trend Micro EPSEC vShield >100 customers Virtual pricing announces virtual appliance Program >$1M revenue
  26. 26. VIRTUALIZATION AND CLOUD SECURITYTrend is No.1 in Server and VirtualizationSecurity Physical Virtual Cloud Trend Micro Trend 13% Micro 23.7%Source: IDC, 2011 - Worldwide Endpoint Security Revenue Share by Vendor, 2010 Source: 2011 Technavio – Global Virtualization Security Management Solutions

×