Trend micro v2


Published on

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Customers know they can trust Trend Micro security solutions. We have penetrated 48 of the top 50 Global Corporations, including…[step through the top bullets on the slide—DO NOT cover the %s at the bottom]
  • The different aspects of the journey to the cloud that we saw on the previous slide can be placed into three platforms: The first is physical; The second is virtual, including server and desktop virtualization; And the third is cloud, including private, public, and hybrid clouds.But just because the data center is evolving to include new platforms doesn’t mean the threat landscape is static—we still have evolving threats like data-stealing malware, botnets and targeted attacks (sometimes called APTs or Advanced Persistent Threats) and others. Integrated, layered security is needed across all of three of these platforms to defend against these threats. So although the threat landscape still has all these elements, there are unique security risks that must be considered for each platform. So the solution must recognize the specific security requirements of each individual platform.
  • Each of these platforms has unique security concerns. With physical machines, the manageability of various security solutions can be an issue.There can be a glut of security products—either through excessive layering or overly specialized products. This increases hardware and software costs. Also, management across the different products can be difficult – causing security gaps. And collectively these issues create a higher Total Cost of Ownership.The solution is to reduce complexity by consolidating security vendors and correlating protection.[click]With virtualization, the risks pertain to both performance and threats specific to virtual environments. There is a concern that security will reduce performance, which reduces the ROI of a virtual infrastructure. Also there are unique virtual machine attacks, such as inter-VM threats. Here the solution is increased efficiency—security that optimizes performance while also defending against traditional as well as virtualization-specific threats. [click]With cloud services, the risks pertain to less visibility and cloud-specific threats. Companies are concerned about having less visibility into their applications and data. And they are concerned about increased external threats, especially in multi-tenant environments.For the cloud, businesses need security that allows them to use the cloud to deliver IT agility. Data must be able to safely migrate from on-premise data centers to private clouds to public clouds so organizations can make the best use of resources. [click]As we’ll see later, all of these concerns can be addressed. And through protection that is provided in an integrated security solution all managed through one console. With cross-platform security, you’ll stay protected as your data center and virtual or cloud deployments evolve, allowing you to leverage the benefits of each platform while defending against the threats unique to each environment.
  • Now we’ll step through each platform individually, starting with physical servers and endpoints. Regardless of how your business evolves, you’ll still need dedicated physical servers. They give you the highest level of visibility and control, provide dedicated computing resources, and support specialty hardware and software. Today, the security that is needed for physical machines is relatively well known. The issue is more, how do I deploy effective protection while reducing management. Integrating security onto one platform reduces the glut of security products which in turn reduces management and costs.
  • As you can see here, an integrated approach to server security includes a Firewall, HIPS and Virtual Patching, Web Application Protection, Antivirus, File Integrity Monitoring, and Log Inspection. [click]To reduce complexity, all of these capabilities should be integrated into one solution and should be managed through one console with advanced reporting capabilities. Here we’re talking about how to reduce complexity with your physical server security. But when this protection is provided in a cross-platform solution, your security can also travel with you as your business evolves to use virtualization and the cloud.
  • The next platform we’ll discuss is virtualization. Most companies are virtualizing their data centers. In a recent survey by Trend Micro, 59% of respondents had server virtualization in production or trial, and 52% had desktop virtualization in As the foundation to the cloud, businesses should deploy virtualization security that protects their data center virtual machines as well as their virtual machines that are moved to private and public cloud environments. In the next few slides, we will discuss virtualization security challenges and the solutions to address these challenges, using virtualization-aware security.
  • The first security challenge, resource contention, goes to the heart of the performance concerns. [click]Traditional antivirus security was not designed for a virtual environment. When traditional security is applied to virtual machines, it does not realize it is in a shared resource environment and the antivirus scans or scheduled updates are automatically initiated across multiple VMs at the same time. [click]This can burden the host, resulting in an “antivirus storm.” This causes debilitating performance degradation on the underlying host machine. This problem is not limited to antivirus. Other security scans and updates can also overburden the system if initiated simultaneously. [click]The solution is a dedicated security virtual appliance that recognizes that it is in a virtual environment and staggers scans and updates across guest VMs. Agentless security further reduces the resource usage, increasing performance and consolidation rations. We’ll discuss these solutions in more detail in a moment.
  • Next we’ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected. [click]Again the solution is a dedicated security virtual appliance that can ensure that guest VMs on the same host have up-to-date security if accessed or reactivated, and can make sure that newly provisioned VMs also have current security. This security virtual appliance should include layered protection that integrates multiple technologies such as antivirus, integrity monitoring, intrusion detection and prevention, virtual patching, and more. .
  • The final virtualization challenge we’ll discuss is the complexity of management. Virtual machines are dynamic. They can quickly be reverted to previous instances, paused, and restarted, all relatively easily. They can also be readily cloned and seamlessly moved between physical servers. Vulnerabilities or configuration errors may be unknowingly propagated. Also, it is difficult to maintain an auditable record of the security state of a virtual machine at any given point in time.[click]This dynamic nature and potential for VM sprawl makes it difficult to achieve and maintain consistent security. Hypervisor introspection is needed for visibility and control. Security that leverages the hypervisor APIs can ensure that each guest VM on the host remains secure and that this security coordinates with the virtualization platform.
  • I’d now like to highlight a couple of additional virtualization challenges. The next one we’ll discuss today is inter-VM attacks and blind spots. [click]When a threat penetrates a virtual machine, the threat can then spread to other virtual machines on the same host. Traditional security such as hardware-based firewalls might protect the host, but not the guest virtual machines. And cross-VM communication might not leave the host to be routed through other forms of security, creating a blind spot. [click]For the solution, protection must be applied on an individual virtual machine level, not host level, to ensure security. And integration with the virtualization platform, such as VMware, provide the ability to communicate with the guest virtual machines. Also, virtual patching ensures that VMs stay secure until patches can be deployed.
  • Both of the previous challenges mentioned a dedicated security virtual appliance as a solution. I want to take a moment to explain this approach in more detail. The old approach put the full antivirus solution on each virtual machine. Duplicating the full solution on each VM burdens the host. But it also means that security can become out of date if that VM becomes dormant.But with a dedicated security virtual machine, the solution uses hypervisor introspection to ensure that all guest VMs have up to date security—when accessed, provisioned, or reactivated. This avoids security instant-on gaps.A dedicated security virtual machine can also enable agentless security. For example a solution that integrates with VMware vShield Endpoint, part of VMware vSphere, can use vShield Endpoint APIs to communicate with guest VMs without requiring a separate security agent on each VM. And the security virtual appliance can coordinate and stagger scans to avoid resource contention and also preserve the performance profile of virtual servers by running resource-intensive operations, such as full system scans, from the separate scanning virtual machine. This agentless security approach was initiated with agentless antivirus, but it can now encompass a full range of server security technologies[click]In addition to antivirus, agentless security now extends to integrity monitoring, intrusion prevention, virtual patching, firewall, and web application protection.[click]Collectively this approach to securing virtual machines maximizes protection and ROI, letting you get the most out of your virtual server and desktop efforts.
  • I mentioned that the agentless approach began with agentless antivirus. Trend Micro’s agentless antivirus solution was available starting in 2010, so there’s been an opportunity to test its success. In an independent study by Tolly Enterprises, Trend Micro agentless antivirus was tested against leading traditional antivirus solutions that do not use a dedicated security virtual appliance and agentless antivirus, and the results were striking. Trend Micro’s agentless antivirus achieved 3 times higher VDI VM consolidation ratios—and similar results also extended to server virtualization as well. The VDI results translate into saving almost $540,000 every 3 years for each 1000 virtual desktops.
  • Benefits:Logical separation of tenant policies and data; allows separate tenants or business units to manage policies independently Delivers security-as-service to consumers of IaaS providers Elasticity of security infrastructure to cloud-scale; automatically provision security to new VM's in dynamic environments Extensibility and integration to modern cloud management infrastructure
  • Trend Micro agentless security is really picking up momentum. [Step through points on slide—will be pulled up one at a time.Note: “multiple agentless security module available” includes AV, FIM, intrusion prevention, web application protection, and firewall.]
  • So what is the solution to these final two challenges? Layered virtualization-aware security in one platform. The security virtual appliance with agentless security that we discussed earlier can provide multiple modules, as listed here—antivirus, integrity monitoring, intrusion prevention, Web application protection, application control, firewall, and log inspection. With this integrated protection that is designed for a virtual environment, you can achieve higher consolidation ratios, faster performance, better manageability, and stronger overall security.
  • VMware controls more than half of the virtualization market. Virtualization security must fit into the VMware ecosystem to effectively support enterprise virtualization efforts. Here we demonstrate the different VM-security aspects and how they can fit into a VMware infrastructure.[click]The pairing of agent-less antivirus and agentless integrity monitoring with vShield Endpoint enables massive reduction in memory footprint for security on virtual hosts by eliminating security agents from the guest virtual machines and centralizing those functions on a dedicated security virtual machine. [click]Protection such as intrusion detection and prevention, web application protection, application control, and firewall can be integrated with VMware using VMsafe APIs, integrating security with VMware vSphere environments. Again this can be an agent-less option.[click]And finally, log inspection which optimizes the identification of important security events buried in log entries, can be applied through agent-based protection on each VM. [click]These elements can be integrated and centrally managed with VMware vCenter Server. Together, these provide comprehensive, integrated virtual server and desktop security.
  • Now we’ll cover the final platform, cloud computing. Cloud computing is usually built on virtualization. So, all of the previous challenges and solutions we discussed in the previous section on virtualization apply to the cloud. But cloud computing also introduces its own challenges as well as solutions. Let’s take a look.
  • When planning to deploy your data to the cloud, you must assess your security requirements and select a cloud model that is going to meet your business needs and objectives. Visibility and control decrease as you move from on-site virtualization and private cloud environments to public cloud models. With a private cloud, you control your assets, but with a public cloud, the service provider controls the underlying infrastructure, ultimately controlling access to your IT assets. This raises particular security concerns for a public cloud environment.[click]The degree to which you control and are responsible for security in the public cloud varies by public cloud model. [click]With an Infrastructure as a Service cloud, the service provider is responsible for securing the underlying hardware, but businesses are expected to secure their virtual infrastructure and their applications and data built on top of it.[click]With Software as a Service and Platform as a Service clouds, the service provider is responsible for most of the security. However, businesses should not assume that service providers provide sufficient security and should ask about the types of protection provided. In addition, you need to secure your endpoints that connect to the service to ensure that the cloud service does not compromise endpoint resources and data. For this presentation, when discussing the public cloud, we’ll focus on Infrastructure as a Service cloud because businesses are responsible for most of the security, including protecting their virtual infrastructure and their applications and data built on top of it..
  • The final cloud computing challenge we’ll discuss today is data destruction. As I mentioned before, cloud data can move to make the best use of resources. [click]But when data is moved, sometimes remnants remain if the data in the previous location is not completely shredded. These remaining data remnants can create a security concern. [click]Again encryption is the solution because any remaining data remnants are unreadable if accessed by unauthorized users.
  • So what is the solution? Cloud protection should include self-defending VM security that travels with the virtual machine into a cloud infrastructure. This allows businesses to transfer a complete security stack into the cloud and retain control. And this cloud security should be provided in a modular infrastructure with both agentless and agent-based options so it can be customized to your individual cloud deployment needs. The security should be provided on one platform that is managed through a single console—across your physical, virtual, and cloud deployments, including private, public, and hybrid clouds. [click]Another method of protecting data in the cloud is encryption with policy-based key management. The solution should start with industry-standard encryption that renders your data unreadable to outsiders. Even if your data is moved and residual data is left behind, the data in the recycled devices is obscured. It is critical to have this encryption accessed through policy-based key management to specify when and where your data is accessed. And through policies, identity- and integrity-based validation rules specify which servers have access to decryption keys.An encryption solution should also give the option to access keys through a SaaS or on-site virtual appliance with customer control over the keys to support a clear separation of duties and to avoid vendor lock-in. An encryption solution with policy-based key management allows even heavily regulated companies to leverage the flexibility and cost savings of the public cloud while ensuring their data stays secure. [click]These two solution elements can be integrated with a context approach to security. For example, encryption policies can specify that encryption keys will not be released unless the requesting server has up-to-date security, ensuring that the data stays protected when accessed by self-defending VM security. [click]And this security should work with multiple cloud platforms—allowing you to create the right cloud environment for your business.
  • Earlier we reviewed how the Trend Micro server security platform with modular security integrates with a VMware ecosystem. Here we see how Trend Micro’s cloud data encryption solution—SecureCloud—supports a VMware environment.Here we see the VMware ecosystem with vSphere which creates a virtualization platform and vCloud that provides technologies to support private and public clouds. vCloud Director provides a management portal into these cloud technologies.[click]Trend Micro SecureCloud leverages information from vSphere and vCloud to provide native support for these environments. [click]Then SecureCloud can provide encryption capabilities in VMware virtual, private, and public cloud environments. [click]This gives companies encryption support today and as their data centers evolve.
  • If you’re using virtualization or cloud computing to support your business, ask yourself the following questions about your security solution. Do you have one solution for physical, virtual, and cloud servers?Does your solution address the risks specific to each platform?Are you maximizing your performance for better ROI?If you don’t answer “yes” to all three, then you may want to look at replacing your current security solution. Trend Micro provides a single security platform for your physical, virtual, and cloud servers, as well as virtual desktops. This security is designed to address the security challenges unique to each platform while maximizing performance and ROI.
  • Let’s take a look at how this one security model from Trend Micro can protect you as your data center evolves. We’ll use a VMware environment as an example. So maybe you start by using this security to protect your physical machines. But then you introduce VMware virtual machines into your data center. The dedicated security virtual appliance provides agentless security options and layered protection. And encryption secures you data in your vSphere environment.[click]Then you decide to offer a private cloud with automated provisioning of resources. The same virtualization security extends into your private cloud agentless security and layered protection. And encryption protects vCloud environments, helping to ensure compliance while using the cloud. [click]At some point maybe you find that you need additional scalability—maybe for development and testing, or additional capacity during a peak time. Instead of building out your own infrastructure, you decide to leverage the public cloud. Now you don’t have sole use of the hypervisor to be able to use agentless security, so you deploy the agent-based options. And this gives you the same layered security as the agent-less options in your virtual data center and private cloud. The encryption supports your service provider’s environment and helps you to achieve compliance while using the public cloud. [click]And your server security and encryption solutions both provide integrated management across all of these deployments—virtual data center, private cloud, public cloud, and hybrid cloud, allowing you to create a shared policy profile across these deployments. Ultimately you receive better security with simplified management.
  • But how would YOU benefit from this solution? With Trend Micro’s single security model across physical, virtual, and cloud, you would…[step through bullets on slide].Regardless of where you are on your journey to the cloud, Trend Micro’s solution can protect you today and as your data center further evolves with virtualization and cloud computing.
  • Trend micro v2

    1. 1. How to Simplify – Automate andOptimize for a Secure VirtualEnvironmentJD Sherry– Global Director Public Technology and Solutionstwitter 2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    2. 2. Your Data’s Journey in the Cloud Where is Your Data? BYOPC Public Hybrid Cloud Cloud Server Virtualization Physical Desktops & Servers Desktop Virtualization Private Cloud Mobile2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    3. 3. Trend Micro Global Protection • • Total Number of Queries 2008 – 8bil Today – 3.9tril • Total Number of Blocks 2008 – 800mil Today – 73.6bil • Daily Avg. Sensors 2008 – 5mil Today – 27mil Trust Trend Micro security solutions* Trend Micro Trend Micro Trend Micro Trend Micro Trend Micro protects protects protects protects protects 96% of the top 50 100% of the top 100% of the top 80% of the top 90% of the top global 10 automotive 10 telecom 10 banks. 10 oil companies. corporations. companies. companies. * In calculating the above data, the percentage use of Trend Micro products include usage byparent companies and/or usage by any of their subsidiaries of any Trend Micro product or service.
    4. 4. Cross-platform SecurityOne Security Model is Possibleacross Physical, Virtual, and Cloud Environments Physical Virtual Cloud• New platforms don’t change the threat landscape• Each platform has unique security risks• Integrated security is needed across all platforms
    5. 5. Platform-specific Security Risks One Security Model is Possible across Physical, Virtual, and Cloud Environments Physical Virtual CloudManageability Performance & Threats Visibility & Threats• Glut of security • Traditional security • Less visibility products degrades performance • More external risks• Less security • New VM-based threats• Higher TCO Reduce Complexity Increase Efficiency Deliver Agility Integrated Security Single Management Console
    6. 6. Today’s Cloud Includes Integrated Stack Vendors • What are integrated stack vendors? Solutions comprised of storage, networking and software for next-gen datacenters and VDI that have done due diligence for VMware and Trend solutions – examples are Cisco, EMC, NetApp, VCE • What’s the VMware angle? All of these solutions either offer VMware as the main virtualization part of the stack (NetApp, Cisco, EMC), or standardize on VMware (VCE) • How is this important to a Customer? Trend is the selected virtualization security partner of choice for the above vendors via technical validations of Deep Security on VMware-based stacks All testing has been done on these platforms – so you don’t have to…2/6/2013 Copyright 2012 Trend Micro Inc.
    7. 7. Integrated Stack Vendors• VCE DS certified for Vblock in April 2012• Cisco Validated by Cisco UCS in Aug 2012 Approved for Cisco SIP (when sold with UCS) in Oct 2012 CVD granted on FlexPod architecture in Q4 2011• EMC Validation for VSPEX coming in Q1 2013• NetApp DS validated for FlexPod via Cisco CVD (Cisco Validated Design) status 7
    8. 8. Reduce ComplexityConsolidate Physical Security Physical
    9. 9. Reduce Complexity One Server Security Platform HIPS / Web Integrity Log Virtual ApplicationFirewall Antivirus Monitoring Inspection Patching Protection Single Management Console Advanced Reporting Module
    10. 10. Increase EfficiencyServer and Desktop Virtualization Security Virtual
    11. 11. Virtualization SecurityChallenge: Resource Contention Typical AV Console 3:00am Scan Antivirus StormAutomatic security scans overburden the system
    12. 12. 1 Virtualization Security& Consolidation Cost Reduction Challenge: Instant-on Gaps Reactivated with Active Dormant security Cloned out dated        Reactivated and cloned VMs can have out-of-date security
    13. 13. 1 Virtualization Security Consolidation Cost Reduction & Challenge: Complexity of Management Provisioning Reconfiguring Rollout Patch new VMs agents patterns agents VM sprawl inhibits compliance
    14. 14. 1 Virtualization Security & Consolidation Cost Reduction Challenge: Inter-VM Attacks / Blind Spots Attacks can spread across VMs
    15. 15. Virtualization Security What is the Solution? Trend Micro Deep Security With a Dedicated Security Virtual Appliance With Agentless Security Security Virtual VM VM VM VM The Old Way Appliance VM VM VM VM VM VM VM VM VM Agentless Security for VMware — Antivirus and more• Antivirus • Intrusion Prevention • Firewall• Integrity Monitoring • Virtual Patching • Web Application Protection Maximizes Performance and ROI
    16. 16. Virtualization Security Increased ROI with Deep Security Example: Agentless Antivirus VM servers per host Agentless AV 75 Traditional AV 25 3X higher VDI VM consolidation ratios 0 10 20 30 40 50 60 70 80 3-year Savings on 1000 VDI VMs = $539,600Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations
    17. 17. Extending Datacenter Security to Hybrid Cloud• AWS and vCloud API integration – Single management pane-of-glass between VM’s in internal VMware datacenters, VPC’s, and public clouds• Hierarchical policy management – Inheritance enables customized policies for different VM’s or datacenters, while central IT can mandate compliant baseline settings Trend Micro Confidential-NDA Required
    18. 18. Agile Security Management for the CloudMulti-tenant Deep Security Manager architected for key attributes of cloud computing*:• Resource-pooling – independent tenant policies/data for shared, multi-tenant clouds• Elasticity - Automated deployment of components to cloud scale• Self-service – Policies can be delegated by cloud admin to tenants through self- service GUI• Broad network access – Web-based console built on RESTful APIs for extensibility and integration with broader cloud management frameworksAddress the Software Designed Datacenter (SDDC) with easy replication of securitypolicies, a single pane of glass for management and automation of policy deploymentthroughout your cloud environment *e.g. NIST definition of Cloud Computing Extending to cloud scale Trend Micro Confidential-NDA Required
    19. 19. Deeper Integration with VMware• Support for latest vSphere and vShield platform capabilities – 4th-generation enhancements across broad agentless security suite• Improved performance – Antivirus and integrity scan caching/de-dupe across VMs • Significant storage I/O benefits for further VDI consolidation – Tuning of IPS policies to guest applications(s)• Stronger protection – Hypervisor boot integrity – chain of trust from VM file integrity to H/W – Application-aware targeting of IPS policies (agentless recommendation) Trend Micro Confidential-NDA Required
    20. 20. Integration with Vmware API’sIntegrates Trend Micro Deep Security Agentless with 1 vCenter Intrusion prevention VMsafe Firewall APIs vIntegrates Agentless C 2 vShield with Antivirus Security Endpoint l vCloud Web reputation Virtual v APIs Machine o Agentless S 3 u vShield pIntegrates Integrity monitoring Endpoint d with Intel h APIs TPM/TXT Agent-based e 4 r Log inspection Security agent e on individual VMs • 5 years of collaboration and joint product innovation • First agent-less security platform • First security that extends from datacenter to cloud • Hypervisor Integrity Monitoring
    21. 21. Data Protection in the Cloud – Systems, Apps, Data Deep Security 9 Context Aware SecureCloud Credit Card Payment SensitiveMedical Numbers Social Security Records Patient Research Results Information Encryption with Policy-based Key Management Modular protection for servers and applications • Data is unreadable to unauthorized users• Self-Defending VM Security in the Cloud • Policy-based key management controls and automates key• Agent on VM allows travel delivery between cloud solutions • Server validation authenticates• One management portal for servers requesting keys all modules
    22. 22. Agentless Anti-virus Case Study: The Medical Center of Central Georgia Business Results: • Improved consolidation ratios—13/1 for servers • Reduced provisioning time for servers from average of 2.5 hours to 20 minutes, desktops 1.5 hours to 20 minutes • More reliable and automated security to meet compliance with savings of over $2,000,000 in OPEX Solution: The Medical Center of Central Georgia • Deep Security VDI & Server World Class Care – right where you need it. Agentless Antivirus 431 VMs on 32 Host Machines 4000 PCs • DLP 80 VDI Desktops2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    23. 23. Agentless Anti-virus Case Study: The Medical Center of Central Georgia “VMware and Trend Micro are moving in the right direction, by partnering on compatible products and suites. With the new platforms and security, the big picture is coming together.” Ty Smallwood Information Services Security Officer Medical Center of Central Georgia2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    24. 24. Agentless Anti-virus Case Study: ACXIOM – A Marketing Services Firm Business Results: • Needed to improve the speed and simplify a complex security-audit process • Requirement to reduce expenditures, saved approximately $200,000 annually (software contracts and staff salary) • Provide an environment that support business growth, revenue generation Solution: • Deep Security Agentless Antivirus $1.16bil Marketing Services Firm2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    25. 25. Agentless Anti-virus Case Study: ACXIOM – A Marketing Services Firm “Using vShield vApp, we built flows and firewall-type rules to control low-level traffic,” Nelson says. “vShield Endpoint, integrated with VMware partner Trend Micro’s Deep Security 8 solution, allowed us to protect our machines from malware at a much lower level than before.” Brandon Nelson Team Leader and Systems Engineer Acxiom $1.16bil Marketing Services Firm2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
    26. 26. 1 Deep Security Agentless Security Cost Reduction & Consolidation Trend Micro Market Momentum Hypervisor-integrated agentless antivirus released 11/2010  1000 agentless security customers in the first year  Over 250,000 VMs are licensed for agentless antivirus Agentless FIM released in 2012 Multiple agentless security modules available Most dense deployment is 300 VMs/host by VMware in 2011 ―Deep Security provides a robust set of tools to add to your toolbox. The perceived performance improvement is visible to the naked eye.‖ - Ed Haletky, Virtualization Practice (
    27. 27. Virtualization SecurityWhat is the Solution?Layered, Virtualization-Aware Security in One Platform Deep Security Integrated Modules: With Agentless Security• Antivirus Security Virtual VM VM VM VM• Integrity Monitoring Appliance• Intrusion Prevention VM VM VM VM VM VM• Web Application Protection• Application Control• Firewall• Log Inspection Higher Optimized Simplified Stronger Density Resources Management Security Maximizes Performance and ROI
    28. 28. 1 Virtualization Security & Consolidation Cost Reduction Fitting into the VMware Ecosystem Trend Micro Deep Security Agentless vShield Antivirus Security Endpoint Virtual Integrity Monitoring Machine Agentless IDS / IPS Other VMware Web Application Protection APIs Application Control Firewall Integrates Agent-based with Security agent vCenter Log Inspection on individual VMs vSphere Virtual Environment
    29. 29. Deliver AgilityCloud Deployments and Security Cloud Computing
    30. 30. 1 Cloud Security Cost Reduction & Consolidation Cloud Models: Who Has Control?Servers Virtualization & Public Cloud Public Cloud Public Cloud Private Cloud IaaS PaaS SaaS End-User (Enterprise) Service Provider Who is responsible for security? • With IaaS the customer is responsible for VM-level security • With SaaS or PaaS the service provider is responsible for security
    31. 31. 1 Cost Reduction & Consolidation Cloud Security Challenge: Data Destruction 10011 10011 011100 00101 00101 10011 01110 00101 When data is moved, unsecured data remnants can remain
    32. 32. 1 CloudCost Reduction & Consolidation Security What is the Solution? Data Protection Server & App Security Data Security Credit Card Payment Encryption Modular Protection SensitiveMedical Numbers Social Security Records Patient Research Results Information with Policy-based Key Management • Unreadable for unauthorized users• Self-defending VM security • Control of when and where data is accessed• Agentless and agent-based • Server validation• One management portal for all modules, all deployments • Custody of keys Integration ensures servers have up-to-date security before encryption keys are released vSphere & vCloud
    33. 33. 1 Cloud Security Cost Reduction & Consolidation Fitting Encryption into a VMware Ecosystem Trend Micro SecureCloud VMware vCloud VMware vSphere Data Center Private Cloud Public Cloud Key Service Console VM VM VM VM VM VM VM VM VM VM VM VM Enterprise Key Encryption throughout your cloud journey— data protection for virtual & cloud environments
    34. 34. Virtualization and Cloud Security Pulling It All Together Physical Virtual Cloud• Do you have one solution for physical, virtual, and cloud servers?• Does your solution address the risks specific to each platform?• Are you maximizing your performance for better ROI?
    35. 35. 1 Virtualization and Cloud Security Cost Reduction & Consolidation One Security Model VMware Virtualization Private Cloud Security Security Virtual VM VM VM VM Virtual VM VM VM VM Appliance Appliance• Agentless security • Agentless security • Encryption for vCloud• Layered server security • Layered server • Compliance support• Encryption for vSphere security (FIM, Encryption, etc.) Public Cloud Server security console VM VM VM VM • Shared policy profile • Vulnerability shielding Encryption console • Agent-based security • Shared policy profile • Layered server security • Key ownership • Encryption for leading cloud providers • Compliance (FIM, Encryption, etc.)
    36. 36. Virtualization and Cloud SecurityOne Security Model is Possible Physical Virtual Cloud • Reduce Your Cost of Operations • Reduce Your Investment in Management • Increase Application Stability and Performance • Achieve Compliance in Virtual and Cloud Environments • Get Higher Virtualization and Cloud ROI • Safely Use Private, Public, and Hybrid Clouds
    37. 37. Thank You!2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.