"In this session, learn how Trend Micro built Deep Security as a service on AWS. This service offers enterprise-grade security controls for AWS deployments in the form of intrusion detection and prevention, anti-malware, a firewall, web reputation, and integrity monitoring.
With over 400 internal requirements set by their in-house Information Security and IT Operations teams, the Service team was challenged with building the case to deploy Deep Security as a service on AWS instead of in-house. This session walks through the reasons why the team chose AWS, the design decisions they made, and how they were able to meet or exceed their in-house requirements while deploying on AWS."
2. "The following story is fictional and does
not depict any actual person or event"
Friday, November 15, 13
3. "The following story is completely real and
depicts actual people & events"
* Only the names have been changes to protect the innocent ;-)
Friday, November 15, 13
11. What was
Determine what an
appropriate visual here would
be (old style for contrast?)
Friday, November 15, 13
12. What was
•
Determine what an
appropriate visual here would
be (old style for contrast?)
Friday, November 15, 13
For the data center
13. What was
For the data center
• In the data center
•
Determine what an
appropriate visual here would
be (old style for contrast?)
Friday, November 15, 13
15. Deep Security—The Early Years
Security for servers and virtual machines
Friday, November 15, 13
16. Deep Security—The Early Years
Security for servers and virtual machines
Product focus
•
Enterprise only
•
Tight integration with virtualization platform
•
Focused on Windows platforms
Friday, November 15, 13
17. Deep Security—The Middle Years
Security for servers and virtual machines
Friday, November 15, 13
18. Deep Security—The Middle Years
Security for servers and virtual machines
Big changes
•
Acquired by Trend Micro in 2009
•
Provided more protection
•
Agentless protection is key
•
Expanded platform support
Friday, November 15, 13
21. Deep Security—Now
Security for servers, virtual machines
Product changes
•
Protection regardless of location
•
“Single pane of glass”
•
Smart, simple, security that fits taken to heart
Friday, November 15, 13
22. Deep Security—Now
Security for servers, virtual machines, & the cloud
Product changes
•
Protection regardless of location
•
“Single pane of glass”
•
Smart, simple, security that fits taken to heart
Friday, November 15, 13
25. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
Friday, November 15, 13
26. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
•
Work directly with clients
Friday, November 15, 13
27. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
•
Work directly with clients
•
Smaller feedback loop for new features
Friday, November 15, 13
30. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
Friday, November 15, 13
31. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
Friday, November 15, 13
32. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
People to win over
Executives
Information Security
Operations
R&D Product Team
Friday, November 15, 13
33. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
vs
People to win over
Executives
Information Security
Operations
R&D Product Team
Friday, November 15, 13
34. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
vs
People to win over
Executives
Information Security
Operations
R&D Product Team
Friday, November 15, 13
35. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
Friday, November 15, 13
+
People who helped
Executives
Information Security
Operations
R&D Product Team
36. Internal Teams
The Service Team
Executive sponsor
Key R&D product team
members
DevOps*
Friday, November 15, 13
+
People who helped
Executives
Information Security
Operations
R&D Product Team
41. Team Profile
Information Security
•
Own existing security policy
•
400+ requirements for operational services
•
Wants development of cloud best practices
Friday, November 15, 13
44. Team Profile
Operations
•
Run several data centers worldwide
•
Rigid change management with complex schedules
•
Wants development of DevOps runbook
Friday, November 15, 13
46. Team Profile
R&D Product Team
•
Develop & maintain the product
•
Only operational work is emergency support
Friday, November 15, 13
47. Team Profile
R&D Product Team
•
Develop & maintain the product
•
Only operational work is emergency support
•
Wants tighter feedback loop
Friday, November 15, 13
86. Manager + Relay
AWS Windows Base
Met requirements
Harder to script
More expensive
Friday, November 15, 13
87. Manager + Relay
AWS Windows Base
AWS Linux Base
Met requirements
Met requirements
Harder to script
Simple scripting
More expensive
Cheaper
Friday, November 15, 13
106. Manager + Relay
on Amazon EC2
Met requirements
2x cost for clustered pairs
More maintenance
Friday, November 15, 13
107. Manager + Relay
on Amazon EC2
on Amazon RDS
Met requirements
Can meet requirements
2x cost for clustered pairs
1.3x cost for clustered pairs
More maintenance
Less effort
Friday, November 15, 13
108. Manager + Relay
MS SQL
Teams are more familiar
Better tools available*
30 DB limit per Amazon RDS
instance
Friday, November 15, 13
109. Manager + Relay
MS SQL
Oracle
Teams are more familiar
Forces product improvements
Better tools available*
“Encourages” learning
30 DB limit per Amazon RDS
instance
No tablespace limits
Friday, November 15, 13
129. Team Profile
Validating lessons for the
team
Information Security
•
Own existing security policy
•
400+ requirements for operational services
Friday, November 15, 13
130. Team Profile
Validating lessons for the
team
Information Security
•
Own existing security policy
•
400+ requirements for operational services
•
Wants development of cloud best practices
Friday, November 15, 13
132. Team Profile
Validating lessons for the
team
Operations
•
Run several data centers worldwide
•
Rigid change management with complex schedules
Friday, November 15, 13
133. Team Profile
Validating lessons for the
team
Operations
•
Run several data centers worldwide
•
Rigid change management with complex schedules
•
Wants development of DevOps runbook
Friday, November 15, 13
134. Chart Example
Region 1
Region 2
2007
Add stats for Service
2008
Add goals for other Trend
services
2009
2010
0
Friday, November 15, 13
25
50
75
100
136. Team Profile
Validating lessons for the
team
R&D Product Team
•
Develop & maintain the product
•
Only operational work is emergency support
Friday, November 15, 13
137. Team Profile
Validating lessons for the
team
R&D Product Team
•
Develop & maintain the product
•
Only operational work is emergency support
•
Wants tighter feedback loop
Friday, November 15, 13
140. Team Profile
Validating lessons for the
team
Service Team
•
Own existing security policy
•
400+ requirements for operational services
Friday, November 15, 13
141. Team Profile
Validating lessons for the
team
Service Team
•
Own existing security policy
•
400+ requirements for operational services
•
Wants development of cloud best practices
Friday, November 15, 13
145. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
Friday, November 15, 13
146. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
•
Work directly with clients
Friday, November 15, 13
147. Why a Service?
Security for servers, virtual machines
Drivers
•
Face the same challenges as our clients
•
Work directly with clients
•
Smaller feedback loop for new features
Friday, November 15, 13
148. Please give us your feedback on this
presentation
SEC307
As a thank you, we will select prize
winners daily for completed surveys!
Friday, November 15, 13
Thank You