Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Trend micro v2

1,922 views

Published on

  • Be the first to comment

Trend micro v2

  1. 1. How to Simplify – Automate andOptimize for a Secure VirtualEnvironmentJD Sherry– Global Director Public Technology and Solutionstwitter @jdsherryjd_sherry@trendmicro.com 2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  2. 2. Your Data’s Journey in the Cloud Where is Your Data? BYOPC Public Hybrid Cloud Cloud Server Virtualization Physical Desktops & Servers Desktop Virtualization Private Cloud Mobile2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  3. 3. Trend Micro Global Protection • • Total Number of Queries 2008 – 8bil Today – 3.9tril • Total Number of Blocks 2008 – 800mil Today – 73.6bil • Daily Avg. Sensors 2008 – 5mil Today – 27mil Trust Trend Micro security solutions* Trend Micro Trend Micro Trend Micro Trend Micro Trend Micro protects protects protects protects protects 96% of the top 50 100% of the top 100% of the top 80% of the top 90% of the top global 10 automotive 10 telecom 10 banks. 10 oil companies. corporations. companies. companies. * In calculating the above data, the percentage use of Trend Micro products include usage byparent companies and/or usage by any of their subsidiaries of any Trend Micro product or service.
  4. 4. Cross-platform SecurityOne Security Model is Possibleacross Physical, Virtual, and Cloud Environments Physical Virtual Cloud• New platforms don’t change the threat landscape• Each platform has unique security risks• Integrated security is needed across all platforms
  5. 5. Platform-specific Security Risks One Security Model is Possible across Physical, Virtual, and Cloud Environments Physical Virtual CloudManageability Performance & Threats Visibility & Threats• Glut of security • Traditional security • Less visibility products degrades performance • More external risks• Less security • New VM-based threats• Higher TCO Reduce Complexity Increase Efficiency Deliver Agility Integrated Security Single Management Console
  6. 6. Today’s Cloud Includes Integrated Stack Vendors • What are integrated stack vendors? Solutions comprised of storage, networking and software for next-gen datacenters and VDI that have done due diligence for VMware and Trend solutions – examples are Cisco, EMC, NetApp, VCE • What’s the VMware angle? All of these solutions either offer VMware as the main virtualization part of the stack (NetApp, Cisco, EMC), or standardize on VMware (VCE) • How is this important to a Customer? Trend is the selected virtualization security partner of choice for the above vendors via technical validations of Deep Security on VMware-based stacks All testing has been done on these platforms – so you don’t have to…2/6/2013 Copyright 2012 Trend Micro Inc.
  7. 7. Integrated Stack Vendors• VCE DS certified for Vblock in April 2012• Cisco Validated by Cisco UCS in Aug 2012 Approved for Cisco SIP (when sold with UCS) in Oct 2012 CVD granted on FlexPod architecture in Q4 2011• EMC Validation for VSPEX coming in Q1 2013• NetApp DS validated for FlexPod via Cisco CVD (Cisco Validated Design) status 7
  8. 8. Reduce ComplexityConsolidate Physical Security Physical
  9. 9. Reduce Complexity One Server Security Platform HIPS / Web Integrity Log Virtual ApplicationFirewall Antivirus Monitoring Inspection Patching Protection Single Management Console Advanced Reporting Module
  10. 10. Increase EfficiencyServer and Desktop Virtualization Security Virtual
  11. 11. Virtualization SecurityChallenge: Resource Contention Typical AV Console 3:00am Scan Antivirus StormAutomatic security scans overburden the system
  12. 12. 1 Virtualization Security& Consolidation Cost Reduction Challenge: Instant-on Gaps Reactivated with Active Dormant security Cloned out dated        Reactivated and cloned VMs can have out-of-date security
  13. 13. 1 Virtualization Security Consolidation Cost Reduction & Challenge: Complexity of Management Provisioning Reconfiguring Rollout Patch new VMs agents patterns agents VM sprawl inhibits compliance
  14. 14. 1 Virtualization Security & Consolidation Cost Reduction Challenge: Inter-VM Attacks / Blind Spots Attacks can spread across VMs
  15. 15. Virtualization Security What is the Solution? Trend Micro Deep Security With a Dedicated Security Virtual Appliance With Agentless Security Security Virtual VM VM VM VM The Old Way Appliance VM VM VM VM VM VM VM VM VM Agentless Security for VMware — Antivirus and more• Antivirus • Intrusion Prevention • Firewall• Integrity Monitoring • Virtual Patching • Web Application Protection Maximizes Performance and ROI
  16. 16. Virtualization Security Increased ROI with Deep Security Example: Agentless Antivirus VM servers per host Agentless AV 75 Traditional AV 25 3X higher VDI VM consolidation ratios 0 10 20 30 40 50 60 70 80 3-year Savings on 1000 VDI VMs = $539,600Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations
  17. 17. Extending Datacenter Security to Hybrid Cloud• AWS and vCloud API integration – Single management pane-of-glass between VM’s in internal VMware datacenters, VPC’s, and public clouds• Hierarchical policy management – Inheritance enables customized policies for different VM’s or datacenters, while central IT can mandate compliant baseline settings Trend Micro Confidential-NDA Required
  18. 18. Agile Security Management for the CloudMulti-tenant Deep Security Manager architected for key attributes of cloud computing*:• Resource-pooling – independent tenant policies/data for shared, multi-tenant clouds• Elasticity - Automated deployment of components to cloud scale• Self-service – Policies can be delegated by cloud admin to tenants through self- service GUI• Broad network access – Web-based console built on RESTful APIs for extensibility and integration with broader cloud management frameworksAddress the Software Designed Datacenter (SDDC) with easy replication of securitypolicies, a single pane of glass for management and automation of policy deploymentthroughout your cloud environment *e.g. NIST definition of Cloud Computing Extending to cloud scale Trend Micro Confidential-NDA Required
  19. 19. Deeper Integration with VMware• Support for latest vSphere and vShield platform capabilities – 4th-generation enhancements across broad agentless security suite• Improved performance – Antivirus and integrity scan caching/de-dupe across VMs • Significant storage I/O benefits for further VDI consolidation – Tuning of IPS policies to guest applications(s)• Stronger protection – Hypervisor boot integrity – chain of trust from VM file integrity to H/W – Application-aware targeting of IPS policies (agentless recommendation) Trend Micro Confidential-NDA Required
  20. 20. Integration with Vmware API’sIntegrates Trend Micro Deep Security Agentless with 1 vCenter Intrusion prevention VMsafe Firewall APIs vIntegrates Agentless C 2 vShield with Antivirus Security Endpoint l vCloud Web reputation Virtual v APIs Machine o Agentless S 3 u vShield pIntegrates Integrity monitoring Endpoint d with Intel h APIs TPM/TXT Agent-based e 4 r Log inspection Security agent e on individual VMs • 5 years of collaboration and joint product innovation • First agent-less security platform • First security that extends from datacenter to cloud • Hypervisor Integrity Monitoring
  21. 21. Data Protection in the Cloud – Systems, Apps, Data Deep Security 9 Context Aware SecureCloud Credit Card Payment SensitiveMedical Numbers Social Security Records Patient Research Results Information Encryption with Policy-based Key Management Modular protection for servers and applications • Data is unreadable to unauthorized users• Self-Defending VM Security in the Cloud • Policy-based key management controls and automates key• Agent on VM allows travel delivery between cloud solutions • Server validation authenticates• One management portal for servers requesting keys all modules
  22. 22. Agentless Anti-virus Case Study: The Medical Center of Central Georgia Business Results: • Improved consolidation ratios—13/1 for servers • Reduced provisioning time for servers from average of 2.5 hours to 20 minutes, desktops 1.5 hours to 20 minutes • More reliable and automated security to meet compliance with savings of over $2,000,000 in OPEX Solution: The Medical Center of Central Georgia • Deep Security VDI & Server World Class Care – right where you need it. Agentless Antivirus 431 VMs on 32 Host Machines 4000 PCs • DLP 80 VDI Desktops2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  23. 23. Agentless Anti-virus Case Study: The Medical Center of Central Georgia “VMware and Trend Micro are moving in the right direction, by partnering on compatible products and suites. With the new platforms and security, the big picture is coming together.” Ty Smallwood Information Services Security Officer Medical Center of Central Georgia2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  24. 24. Agentless Anti-virus Case Study: ACXIOM – A Marketing Services Firm Business Results: • Needed to improve the speed and simplify a complex security-audit process • Requirement to reduce expenditures, saved approximately $200,000 annually (software contracts and staff salary) • Provide an environment that support business growth, revenue generation Solution: • Deep Security Agentless Antivirus $1.16bil Marketing Services Firm2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  25. 25. Agentless Anti-virus Case Study: ACXIOM – A Marketing Services Firm “Using vShield vApp, we built flows and firewall-type rules to control low-level traffic,” Nelson says. “vShield Endpoint, integrated with VMware partner Trend Micro’s Deep Security 8 solution, allowed us to protect our machines from malware at a much lower level than before.” Brandon Nelson Team Leader and Systems Engineer Acxiom $1.16bil Marketing Services Firm2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
  26. 26. 1 Deep Security Agentless Security Cost Reduction & Consolidation Trend Micro Market Momentum Hypervisor-integrated agentless antivirus released 11/2010  1000 agentless security customers in the first year  Over 250,000 VMs are licensed for agentless antivirus Agentless FIM released in 2012 Multiple agentless security modules available Most dense deployment is 300 VMs/host by VMware in 2011 ―Deep Security provides a robust set of tools to add to your toolbox. The perceived performance improvement is visible to the naked eye.‖ - Ed Haletky, Virtualization Practice (www.virtualizationpractice.com)
  27. 27. Virtualization SecurityWhat is the Solution?Layered, Virtualization-Aware Security in One Platform Deep Security Integrated Modules: With Agentless Security• Antivirus Security Virtual VM VM VM VM• Integrity Monitoring Appliance• Intrusion Prevention VM VM VM VM VM VM• Web Application Protection• Application Control• Firewall• Log Inspection Higher Optimized Simplified Stronger Density Resources Management Security Maximizes Performance and ROI
  28. 28. 1 Virtualization Security & Consolidation Cost Reduction Fitting into the VMware Ecosystem Trend Micro Deep Security Agentless vShield Antivirus Security Endpoint Virtual Integrity Monitoring Machine Agentless IDS / IPS Other VMware Web Application Protection APIs Application Control Firewall Integrates Agent-based with Security agent vCenter Log Inspection on individual VMs vSphere Virtual Environment
  29. 29. Deliver AgilityCloud Deployments and Security Cloud Computing
  30. 30. 1 Cloud Security Cost Reduction & Consolidation Cloud Models: Who Has Control?Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud IaaS PaaS SaaS End-User (Enterprise) Service Provider Who is responsible for security? • With IaaS the customer is responsible for VM-level security • With SaaS or PaaS the service provider is responsible for security
  31. 31. 1 Cost Reduction & Consolidation Cloud Security Challenge: Data Destruction 10011 10011 011100 00101 00101 10011 01110 00101 When data is moved, unsecured data remnants can remain
  32. 32. 1 CloudCost Reduction & Consolidation Security What is the Solution? Data Protection Server & App Security Data Security Credit Card Payment Encryption Modular Protection SensitiveMedical Numbers Social Security Records Patient Research Results Information with Policy-based Key Management • Unreadable for unauthorized users• Self-defending VM security • Control of when and where data is accessed• Agentless and agent-based • Server validation• One management portal for all modules, all deployments • Custody of keys Integration ensures servers have up-to-date security before encryption keys are released vSphere & vCloud
  33. 33. 1 Cloud Security Cost Reduction & Consolidation Fitting Encryption into a VMware Ecosystem Trend Micro SecureCloud VMware vCloud VMware vSphere Data Center Private Cloud Public Cloud Key Service Console VM VM VM VM VM VM VM VM VM VM VM VM Enterprise Key Encryption throughout your cloud journey— data protection for virtual & cloud environments
  34. 34. Virtualization and Cloud Security Pulling It All Together Physical Virtual Cloud• Do you have one solution for physical, virtual, and cloud servers?• Does your solution address the risks specific to each platform?• Are you maximizing your performance for better ROI?
  35. 35. 1 Virtualization and Cloud Security Cost Reduction & Consolidation One Security Model VMware Virtualization Private Cloud Security Security Virtual VM VM VM VM Virtual VM VM VM VM Appliance Appliance• Agentless security • Agentless security • Encryption for vCloud• Layered server security • Layered server • Compliance support• Encryption for vSphere security (FIM, Encryption, etc.) Public Cloud Server security console VM VM VM VM • Shared policy profile • Vulnerability shielding Encryption console • Agent-based security • Shared policy profile • Layered server security • Key ownership • Encryption for leading cloud providers • Compliance (FIM, Encryption, etc.)
  36. 36. Virtualization and Cloud SecurityOne Security Model is Possible Physical Virtual Cloud • Reduce Your Cost of Operations • Reduce Your Investment in Management • Increase Application Stability and Performance • Achieve Compliance in Virtual and Cloud Environments • Get Higher Virtualization and Cloud ROI • Safely Use Private, Public, and Hybrid Clouds
  37. 37. Thank You!2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.

×