Introduction - Trend Micro Deep Security

Deep Security 8

A Server Security Platform for Physical Virtual Cloud

Siupan Chan – Principal Consultant, Trend Micro Hong Kong
Copyright 2009 Trend Micro Inc.

Key Trends: Datacenter Consolidation

• Traditional security adds operational challenges and security risks
• Increases Security TCO and limits virtualization/cloud adoption

Physical
y Virtual Cloud
servers servers servers
• Glut of security • Security reduces • Less visibility
products performance • More external risks
• Higher TCO • Mixed workloads


2009: A Historic Year for Servers

16
Virtual machine shipments surpassed physical server shipped
14

12

10
百萬
萬

8

6

4

2

0
2005 2006 2007 2008 2009 2010 2011 2012 2013

Physical Hosts Virtual Machines

Virtualization changed and simplified how IT
manages servers and datacenters


Key Trends: Sophisticated data-stealing threats
Data security is more challenging than ever before

• More Profitable

• More Sophisticated

• More Frequent Advanced
Persistent
Threats
De-Perimeterization

• More Targeted

Perimeter defenses are not adequate anymore
4


Key Trends: Regulatory Compliance
Solutions Need to Achieve Broader Coverage with Lower TCO

More standards:
• PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS…
, , , , ,

More specific security requirements
Virtualization, Web applications, EHR, PII…
• Vi t li ti W b li ti EHR

More penalties & fines
• HITECH, Breach notifications, civil litigation

“ DMZ consolidation using virtualization will be a "hot spot” for
auditors, given the greater risk of mis-configuration and
lower visibility of DMZ policy violation. Through year end
violation year-end
2011, auditors will challenge virtualized deployments in the
DMZ more than non-virtualized DMZ solutions.
-- Neil MacDonald, Gartner
Copyright 2009 Trend Micro Inc. 5
”

Recap: Security Inhibitors to Virtualization

1 Resource Contention 3:00am Scan

2 Instant-on Gaps



3 Inter-VM Attacks / Blind Spots

4 Management Complexity


Deep Security 8
Agentless Security for VMware

Trend Micro Deep Security
Integrates Agentless
with 1
IDS / IPS VMsafe
VM f
vCenter
APIs
Web Application Protection

Application Control
pp Security
Virtual
Firewall
Machine
g
Agentless
v
2 S
vShield
Antivirus p
Endpoint
Agentless h
3 e
Integrity Monitoring vShield
Endpoint r
e
Agent-based
4
Log Inspection
Security agent
on individual VMs

Deep Security 8 Integrity Monitoring
Agentless Integrity Monitoring

The Old Way With Agent-less Integrity Monitoring

Security
VM VM VM Virtual
Appliance
VM VM VM VM

Zero Added Faster Better Stronger
Footprint
F t i t Performance
P f Manageability
M bilit Security
S it

• Zero added footprint: Integrity monitoring in the same virtual appliance that also
provides agentless AV and Deep Packet Inspection
• Stronger Security: Expands security footprint on VMs, built in tamperproofing
• Order of Magnitude savings in manageability
• Virtual Appliance avoids performance degradation from FIM storms
8
8

Deep Security 8
Agent-based Anti-malware

Deep Packet
Firewall
Inspection

Anti-malware
A ti l

WEB REPUTATION
VDI Local Mode
SERVICES Hyper-V & Xen-based
Integrity Log Virtual Servers
Monitoring Inspection

• New Agent-based AV for physical Windows and Linux* systems, Hyper-V
& Xen based virtual servers, and virtual desktops in local mode
Xen-based
*Linux AV = scheduled scan, agent only,
coming Q1 2012

• Web reputation services through integration with Smart Protection
Network protects systems/users from access to malicious websites

Deep Security 8
Integrity Monitoring Ease of Use Enhancements (Agent + Agentless)

Destination
Certified Safe
Software
Service

• Good Events (eg. Windows
Source Destination
Destination SP Roll out) typically add
operational complexity

• Nominating system as
Golden Host creates
template for good events for
remaining systems
Destination
• Cloud-based event
whitelisting further reduces
IT burden

10

Summary / Key Messages
Deep Security 8 extends its leadership in server and virtualization security
• A fully integrated server security platform built for physical virtual and
cloud
• Agentless integrity monitoring adds to other agentless modules, enables
better security and compliance without added cost or complexity
• Agent-based AV extends common protection across all aspects of PVC
• Integration with SecureCloud 2 adds context-aware data protection in
cloud environments

Trend
Micro Trend Micro

22.9% 13%

All All Others Top ratings for
Others Virtualization
Combined Security
77.1%
87%
Source: Worldwide Endpoint Source: 2011 Technavio –
Security 2010-2014 Forecast Global Virtualization Security
and 2009 Vendor Shares, IDC Management Solutions
11

Trend Micro: VMware #1 Security Partner and
2011 Technology Alliance Partner of the Year

Improves Security Improves Virtualization
by
b providing the most
idi th t by
b providing security solutions
idi it l ti
secure virtualization infrastructure, architected to fully exploit
with APIs, and certification programs the VMware platform

VMworld: Trend Micro Dec: Deep Security 7.5
virtsec customer Nov: Deep Security 7 w/ Agentless AntiVirus
with virtual appliance Vmworld: Announce
May: Trend
acquires
i RSA: Trend Micro
RSA T d Mi Deep Security 8
Feb: Join Third Brigade Demos Agentless & vShield OEM
VMsafe RSA: Other vendors
program Sale of DS 7.5 “announce” Agentless
Before GA

2008 2009 2010 2011

July: VMworld: Announce Q1: VMware buys
RSA: Trend Micro
CPVM Deep Security 7.5 Deep Security for
announces Coordinated
GA Internal VDI Use
approach & Virtual pricing
And shows Vmsafe demo Q4: Joined EPSEC 2010:
RSA: Trend Micro
vShield Program >100 customers
announces virtual
>$1M revenue
appliance

Introduction - Trend Micro Deep Security

More Related Content

What's hot

Viewers also liked

Similar to Introduction - Trend Micro Deep Security

More from Andrew Wong

Recently uploaded

Introduction - Trend Micro Deep Security