This document discusses how Trend Micro's Deep Security product provides virtualization and cloud security through an integrated platform. It offers agentless and agent-based security across physical, virtual, and cloud environments from a single management console. This consolidated security model maximizes performance and ROI while simplifying management and strengthening protection across platforms.
Organizations overwhelmingly still rely on login/password processes as the primary method for user authentication, exposing their most sensitive data and IT services to exploitation by malicious attackers.
These slides--based on the webinar featuring Steve Brasen, research director at leading IT research firm Enterprise Management Associates (EMA)--provide an informative look at the reliability, security, and value of existing and emerging passwordless authentication solutions.
Discover key findings from recent EMA research on the trends, requirements, challenges, and best practices for enabling identity and access processes that will enhance security profiles while boosting end user productivity.
Attend this day-long workshop for U.S. Federal government and Department of Defense IT professionals, architects, and administrators to learn how to architect for DoD workloads in the cloud. Join this session to map DoD requirements for cloud architecture and get hands-on experience with AWS NIST Quick Start tools, which can help fast track the FedRAMP/DoD ATO process.
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
Trend Micro Deep Security
#1 Security Platform for Virtualization and the cloud
Trend Micro Deep Discovery
Combating Advanced Persistent Treats (APT’s)
Trend Micro Mobile Security
Manage and control your mobile devices (BYOD)
In this presentation, we're discussing whether we need API gateway or not on Micro-Services Architecture. We'll see pros and cons of several ways how clients access to services.
[Updated : 13 Jan 2015] Additional cons of API gateway is added, as commented by Hyunsik Kang(강현식), Coupang.
The world of computing is moving to the cloud – shared infrastructures, shared systems, instant provisioning and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data. But how secure is your data in the cloud and do conventional security products offer the optimal approach to securing your virtualised environments?
In this presentation we examine security and performance concerns along your journey to the cloud and explore new technologies from VMware and Trend Micro. These innovations are all ready helping thousands of businesses to address the security challenges with Physical, Virtual and cloud platforms.
Organizations overwhelmingly still rely on login/password processes as the primary method for user authentication, exposing their most sensitive data and IT services to exploitation by malicious attackers.
These slides--based on the webinar featuring Steve Brasen, research director at leading IT research firm Enterprise Management Associates (EMA)--provide an informative look at the reliability, security, and value of existing and emerging passwordless authentication solutions.
Discover key findings from recent EMA research on the trends, requirements, challenges, and best practices for enabling identity and access processes that will enhance security profiles while boosting end user productivity.
Attend this day-long workshop for U.S. Federal government and Department of Defense IT professionals, architects, and administrators to learn how to architect for DoD workloads in the cloud. Join this session to map DoD requirements for cloud architecture and get hands-on experience with AWS NIST Quick Start tools, which can help fast track the FedRAMP/DoD ATO process.
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
Trend Micro Deep Security
#1 Security Platform for Virtualization and the cloud
Trend Micro Deep Discovery
Combating Advanced Persistent Treats (APT’s)
Trend Micro Mobile Security
Manage and control your mobile devices (BYOD)
In this presentation, we're discussing whether we need API gateway or not on Micro-Services Architecture. We'll see pros and cons of several ways how clients access to services.
[Updated : 13 Jan 2015] Additional cons of API gateway is added, as commented by Hyunsik Kang(강현식), Coupang.
The world of computing is moving to the cloud – shared infrastructures, shared systems, instant provisioning and pay-as-you-go services. And users can enjoy anytime, anywhere access to services and their data. But how secure is your data in the cloud and do conventional security products offer the optimal approach to securing your virtualised environments?
In this presentation we examine security and performance concerns along your journey to the cloud and explore new technologies from VMware and Trend Micro. These innovations are all ready helping thousands of businesses to address the security challenges with Physical, Virtual and cloud platforms.
Enriching your CMDB data
Automated population of the CMDB
Straightening out the Product Catalog with Normalization
Reconciliation tips and performance tuning
Benefits
Building an Effective Identity Management StrategyNetIQ
Very few organizations do identity management as effectively as they could.
They have trouble developing effective methods for provisioning new users, de-provisioning old users, updating access privileges as users move around the organization, and automating the user change and configuration processes.
This presentation by identity and access management (IAM) experts, Adrian Lane, CTO and analyst at Securosis, and Rick Wagner, director of product management at NetIQ covered key elements of building a strong IAM strategy and the leading industry practices behind those strategies.
Originally presented as a UBM TechWeb DarkReading webinar the on-demand version will be available at: http://bit.ly/UUABIz until July 1st 2013.
In this updated slideshare, Principal Security Engineer, Eric Johnson shows engineers, developers and application security professionals how to start conversations on implementing security into the DevOps workflow.
You’ll learn about:
1) Cloud and DevSecOps Practices
2) Pre-Commit: The Paved Road
3) Commit: CI / CD Security Controls
4) Acceptance: Supply Chain Security
5) Operations: Continuous Security Compliance
For questions, please contact our team at sales [at] pumascan [dot] com.
Thanks for taking time to further your understanding of DevSecOps!
Prowler: Cloud Security Assessment, Auditing, Hardening, Compliance and Forensics Readiness Tool
Prowler helps to assess, audit and harden your AWS account configuration and resources. It also helps to check your configuration with CIS recommendations, and check if your cloud infrastructure is GDPR compliance or if you are ready for a proper forensic investigation. It is a command line tool that provides direct and clear information about configuration status related to security of a given AWS account, it performs more than 80 checks.
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
Effectively Planning for an Enterprise-Scale CMDB ImplementationAntonio Rolle
Provies a review of why a CMDB is essential to and is the foundation of your BSM strategy. I also outline the known challenges that require planning at the outset of a CMDB initiative. Includes a case study which details the approach and lessons learned in the initial stages of a CMDB rollout for one of the largest financial institutions in North America
CMDB - Strategic Role in IT Services - Configuration Management Moves Front a...Evergreen Systems
Most CMDB’s have not delivered any real value. Although we have collected and stored lots of data, the CMDB has been a solution in search of a problem. No longer. As IT moves from technical activities to customer centric IT services, the CMBD plays a critical, strategic role.
As we build and deliver IT services to our customers (employees), IT Service Owners will be very visible – and intently focused on delivering high quality outcomes, on time, with service availability and cost as advertised. Without effective configuration management, this cannot be done.
Please join us as we explore the new strategic role of the CMDB, and how processes, people, costs & technologies converge into services – with the CMDB aligning, connecting and managing the configuration items to make this all possible.
We will also demo our always evolving view of a very advanced, self-service catalog & portal, with a focus on the service owner & the role of the CMDB.
Full webinar recording available at:
http://content.evergreensys.com/cmdb-webinar-it-services-strategic-role
Enriching your CMDB data
Automated population of the CMDB
Straightening out the Product Catalog with Normalization
Reconciliation tips and performance tuning
Benefits
Building an Effective Identity Management StrategyNetIQ
Very few organizations do identity management as effectively as they could.
They have trouble developing effective methods for provisioning new users, de-provisioning old users, updating access privileges as users move around the organization, and automating the user change and configuration processes.
This presentation by identity and access management (IAM) experts, Adrian Lane, CTO and analyst at Securosis, and Rick Wagner, director of product management at NetIQ covered key elements of building a strong IAM strategy and the leading industry practices behind those strategies.
Originally presented as a UBM TechWeb DarkReading webinar the on-demand version will be available at: http://bit.ly/UUABIz until July 1st 2013.
In this updated slideshare, Principal Security Engineer, Eric Johnson shows engineers, developers and application security professionals how to start conversations on implementing security into the DevOps workflow.
You’ll learn about:
1) Cloud and DevSecOps Practices
2) Pre-Commit: The Paved Road
3) Commit: CI / CD Security Controls
4) Acceptance: Supply Chain Security
5) Operations: Continuous Security Compliance
For questions, please contact our team at sales [at] pumascan [dot] com.
Thanks for taking time to further your understanding of DevSecOps!
Prowler: Cloud Security Assessment, Auditing, Hardening, Compliance and Forensics Readiness Tool
Prowler helps to assess, audit and harden your AWS account configuration and resources. It also helps to check your configuration with CIS recommendations, and check if your cloud infrastructure is GDPR compliance or if you are ready for a proper forensic investigation. It is a command line tool that provides direct and clear information about configuration status related to security of a given AWS account, it performs more than 80 checks.
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
Effectively Planning for an Enterprise-Scale CMDB ImplementationAntonio Rolle
Provies a review of why a CMDB is essential to and is the foundation of your BSM strategy. I also outline the known challenges that require planning at the outset of a CMDB initiative. Includes a case study which details the approach and lessons learned in the initial stages of a CMDB rollout for one of the largest financial institutions in North America
CMDB - Strategic Role in IT Services - Configuration Management Moves Front a...Evergreen Systems
Most CMDB’s have not delivered any real value. Although we have collected and stored lots of data, the CMDB has been a solution in search of a problem. No longer. As IT moves from technical activities to customer centric IT services, the CMBD plays a critical, strategic role.
As we build and deliver IT services to our customers (employees), IT Service Owners will be very visible – and intently focused on delivering high quality outcomes, on time, with service availability and cost as advertised. Without effective configuration management, this cannot be done.
Please join us as we explore the new strategic role of the CMDB, and how processes, people, costs & technologies converge into services – with the CMDB aligning, connecting and managing the configuration items to make this all possible.
We will also demo our always evolving view of a very advanced, self-service catalog & portal, with a focus on the service owner & the role of the CMDB.
Full webinar recording available at:
http://content.evergreensys.com/cmdb-webinar-it-services-strategic-role
Attacks are evolving and so must the response – but how? This presentation explores how you get beyond the APT hype and strike a sensible balance between security expenditure and commercial risk. We explain what do you need to just keep doing, what’s new and what’s no longer effective.
Productive and integrated digital media services for Trend Micro India by ADG Online Solutions.
We have put together a brief of our detailed efforts towards increasing the outreach of Trend Micro on the digital platform.
HBaseCon 2012 | HBase Security for the Enterprise - Andrew Purtell, Trend MicroCloudera, Inc.
Trend Micro developed the new security features in HBase 0.92 and has the first known deployment of secure HBase in production. We will share our motivations, use cases, experiences, and provide a 10 minute tutorial on how to set up a test secure HBase cluster and a walk through of a simple usage example. The tutorial will be carried out live on an on-demand EC2 cluster, with a video backup in case of network or EC2 unavailability.
Cyber security awareness training by cyber security infotech(csi), Information Security,
website development company,
Employee Monitoring System,
Employee Monitoring Software
Cyber Security Awareness introduction. Why is Cyber Security important? What do I have to do to protect me from Cyber attacks? How to create a IT Security Awareness Plan ?
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
I developed "Cyber Security 101: Training, awareness, strategies for small to medium sized business" for the second annual Small Business Summit on Security, Privacy, and Trust, co-hosted by ADP in New Jersey, October 2013.
VMware and Trend Micro, partnering to revolutionise virtualised securityArrow ECS UK
VMware and Trend Micro have teamed up to deliver the first and only agentless anti-virus solution built for VMware virtualised desktops and data centres, the industry's first VDI-optimised endpoint security solution and the first product to successfully complete all test cases in the VMsafe appliance certification testing.
At VMworld 2012, Symantec announced new solutions and technical integrations with VMware across its entire product portfolio to ensure higher levels of protection for virtualized environments. Together, Symantec and VMware enable SMBs and enterprises to use the benefits of virtualization without compromising protection.
RSA 2012 Virtualization Security February 2012Symantec
At RSA 2012 Symantec and VMware announced five new security integrations with the VMware cloud infrastructure suite designed to deliver extensive protection for virtual and cloud environments along with operational cost savings. With new VMware integrations, Symantec enables joint customers to completely protect their virtual infrastructure and business-critical applications with data loss prevention, IT risk an compliance, data center protection, security information and event management (SIEM) and endpoint protection solutions – delivering unparalleled security, scalability and cost reductions for rapid services delivery and enhanced business agility for the cloud.
Virtualization vulnerabilities, security issues, and solutions:
Virtualization is technological revolution that
separates functions from underlying hardware and allows
us to create useful environment from abstract resources.
Virtualization technology has been targeted by attackers
for malicious activity. Attackers could compromise VM
infrastructures, allowing them to access other VMs on the
same system and even the host.
This presentation emphasize on
the assessment of virtualization specific vulnerabilities,
security issues and possible solutions.
By-Nitish Awasthi
B.Tech.CTIS
Invertis University Bareilly
La solución de datacenter virtual alojada en los nodos de COLT en Barcelona y Madrid permite un despliegue rápido y flexible de infraestructura.
Está basado en la solución de virtualización de VMware por lo que es compatible con multitud de appliances y permite crear nubes híbridas fácilmente.
1. How to Simplify – Automate and
Optimize for a Secure Virtual
Environment
JD Sherry– Global Director Public Technology and Solutions
twitter @jdsherry
jd_sherry@trendmicro.com
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
2. Your Data’s Journey in the Cloud
Where is Your Data?
BYOPC
Public
Hybrid Cloud Cloud
Server
Virtualization Physical
Desktops & Servers
Desktop
Virtualization Private
Cloud
Mobile
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
3. Trend Micro Global Protection
•
• Total Number of Queries 2008 – 8bil Today – 3.9tril
• Total Number of Blocks 2008 – 800mil Today – 73.6bil
• Daily Avg. Sensors 2008 – 5mil Today – 27mil
Trust Trend Micro security solutions*
Trend Micro Trend Micro Trend Micro Trend Micro Trend Micro
protects protects protects protects protects
96% of the top 50 100% of the top 100% of the top 80% of the top 90% of the top
global 10 automotive 10 telecom 10 banks. 10 oil companies.
corporations. companies. companies.
* In calculating the above data, the percentage use of Trend Micro products include usage by
parent companies and/or usage by any of their subsidiaries of any Trend Micro product or service.
4. Cross-platform Security
One Security Model is Possible
across Physical, Virtual, and Cloud Environments
Physical Virtual Cloud
• New platforms don’t change the threat landscape
• Each platform has unique security risks
• Integrated security is needed across all platforms
5. Platform-specific Security Risks
One Security Model is Possible
across Physical, Virtual, and Cloud Environments
Physical Virtual Cloud
Manageability Performance & Threats Visibility & Threats
• Glut of security • Traditional security • Less visibility
products degrades performance
• More external risks
• Less security • New VM-based threats
• Higher TCO
Reduce Complexity Increase Efficiency Deliver Agility
Integrated Security
Single Management Console
6. Today’s Cloud Includes Integrated Stack Vendors
• What are integrated stack vendors?
Solutions comprised of storage, networking and software for next-gen
datacenters and VDI that have done due diligence for VMware and Trend
solutions – examples are Cisco, EMC, NetApp, VCE
• What’s the VMware angle?
All of these solutions either offer VMware as the main virtualization part of the
stack (NetApp, Cisco, EMC), or standardize on VMware (VCE)
• How is this important to a Customer?
Trend is the selected virtualization security partner of choice for the above
vendors via technical validations of Deep Security on VMware-based stacks
All testing has been done on these platforms – so you don’t have to…
2/6/2013 Copyright 2012 Trend Micro Inc.
7. Integrated Stack Vendors
• VCE
DS certified for Vblock in April 2012
• Cisco
Validated by Cisco UCS in Aug 2012
Approved for Cisco SIP (when sold with UCS) in Oct 2012
CVD granted on FlexPod architecture in Q4 2011
• EMC
Validation for VSPEX coming in Q1 2013
• NetApp
DS validated for FlexPod via Cisco CVD
(Cisco Validated Design) status
7
12. 1 Virtualization Security& Consolidation
Cost Reduction
Challenge: Instant-on Gaps
Reactivated with
Active Dormant security Cloned
out dated
Reactivated and cloned VMs can have out-of-date security
13. 1 Virtualization Security Consolidation
Cost Reduction &
Challenge: Complexity of Management
Provisioning Reconfiguring Rollout Patch
new VMs agents patterns agents
VM sprawl inhibits compliance
14. 1 Virtualization Security & Consolidation
Cost Reduction
Challenge: Inter-VM Attacks / Blind Spots
Attacks can spread across VMs
15. Virtualization Security
What is the Solution?
Trend Micro Deep Security
With a Dedicated Security Virtual Appliance
With Agentless Security
Security
Virtual VM VM VM VM
The Old Way Appliance
VM VM VM VM VM VM VM VM VM
Agentless Security for VMware — Antivirus and more
• Antivirus • Intrusion Prevention • Firewall
• Integrity Monitoring • Virtual Patching • Web Application Protection
Maximizes Performance and ROI
16. Virtualization Security
Increased ROI with Deep Security
Example: Agentless Antivirus
VM servers per host
Agentless AV 75
Traditional AV 25 3X higher VDI VM consolidation ratios
0 10 20 30 40 50 60 70 80
3-year Savings on 1000 VDI VMs = $539,600
Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI
calculations
17. Extending Datacenter Security to Hybrid Cloud
• AWS and vCloud API integration
– Single management pane-of-glass between VM’s in internal VMware
datacenters, VPC’s, and public clouds
• Hierarchical policy management
– Inheritance enables customized policies for different VM’s or
datacenters, while central IT can mandate compliant baseline
settings
Trend Micro Confidential-NDA Required
18. Agile Security Management for the Cloud
Multi-tenant Deep Security Manager architected for key attributes of cloud computing*:
• Resource-pooling – independent tenant policies/data for shared, multi-tenant clouds
• Elasticity - Automated deployment of components to cloud scale
• Self-service – Policies can be delegated by cloud admin to tenants through self-
service GUI
• Broad network access – Web-based console built on RESTful APIs for extensibility
and integration with broader cloud management frameworks
Address the Software Designed Datacenter (SDDC) with easy replication of security
policies, a single pane of glass for management and automation of policy deployment
throughout your cloud environment
*e.g. NIST definition of Cloud Computing
Extending to cloud scale
Trend Micro Confidential-NDA Required
19. Deeper Integration with VMware
• Support for latest vSphere and vShield platform capabilities
– 4th-generation enhancements across broad agentless security suite
• Improved performance
– Antivirus and integrity scan caching/de-dupe across VMs
• Significant storage I/O benefits for further VDI consolidation
– Tuning of IPS policies to guest applications(s)
• Stronger protection
– Hypervisor boot integrity – chain of
trust from VM file integrity to H/W
– Application-aware targeting of IPS
policies (agentless recommendation)
Trend Micro Confidential-NDA Required
20. Integration with Vmware API’s
Integrates Trend Micro Deep Security
Agentless
with
1
vCenter Intrusion prevention VMsafe
Firewall APIs
v
Integrates Agentless C
2 vShield
with Antivirus Security
Endpoint l
vCloud Web reputation Virtual v
APIs
Machine o
Agentless
S
3 u
vShield p
Integrates Integrity monitoring Endpoint d
with Intel h
APIs
TPM/TXT Agent-based e
4 r
Log inspection
Security agent e
on individual VMs
• 5 years of collaboration and joint product innovation
• First agent-less security platform
• First security that extends from datacenter to cloud
• Hypervisor Integrity Monitoring
21. Data Protection in the Cloud – Systems, Apps, Data
Deep Security 9
Context
Aware SecureCloud
Credit Card Payment
SensitiveMedical Numbers
Social Security Records
Patient Research Results
Information
Encryption with Policy-based
Key Management
Modular protection for
servers and applications • Data is unreadable
to unauthorized users
• Self-Defending VM Security
in the Cloud • Policy-based key management
controls and automates key
• Agent on VM allows travel
delivery
between cloud solutions
• Server validation authenticates
• One management portal for
servers requesting keys
all modules
22. Agentless Anti-virus Case Study:
The Medical Center of Central Georgia
Business Results:
• Improved consolidation ratios—13/1 for servers
• Reduced provisioning time for servers from average of
2.5 hours to 20 minutes, desktops 1.5 hours to 20
minutes
• More reliable and automated security to meet
compliance with savings of over $2,000,000 in OPEX
Solution: The Medical Center
of Central Georgia
• Deep Security VDI & Server World Class Care – right where you need it.
Agentless Antivirus 431 VMs on 32 Host Machines
4000 PCs
• DLP 80 VDI Desktops
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
23. Agentless Anti-virus Case Study:
The Medical Center of Central Georgia
“VMware and Trend Micro are moving in the right
direction, by partnering on compatible products and
suites. With the new platforms and security, the
big picture is coming together.”
Ty Smallwood
Information Services Security Officer
Medical Center of Central Georgia
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
24. Agentless Anti-virus Case Study:
ACXIOM – A Marketing Services Firm
Business Results:
• Needed to improve the speed and simplify a complex
security-audit process
• Requirement to reduce expenditures, saved
approximately $200,000 annually (software contracts
and staff salary)
• Provide an environment that support business
growth, revenue generation
Solution:
• Deep Security
Agentless Antivirus $1.16bil Marketing
Services Firm
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
25. Agentless Anti-virus Case Study:
ACXIOM – A Marketing Services Firm
“Using vShield vApp, we built flows and firewall-type
rules to control low-level traffic,” Nelson says. “vShield
Endpoint, integrated with VMware partner Trend
Micro’s Deep Security 8 solution, allowed us to protect
our machines from malware at a much lower level than
before.”
Brandon Nelson
Team Leader and Systems Engineer
Acxiom
$1.16bil Marketing
Services Firm
2/6/2013 Confidential | Copyright 2012 Trend Micro Inc.
26. 1 Deep Security Agentless Security
Cost Reduction & Consolidation
Trend Micro Market Momentum
Hypervisor-integrated agentless antivirus released 11/2010
1000 agentless security customers in the first year
Over 250,000 VMs are licensed for agentless antivirus
Agentless FIM released in 2012
Multiple agentless security modules available
Most dense deployment is 300 VMs/host by VMware in 2011
―Deep Security provides a robust set of tools to add to your toolbox.
The perceived performance improvement is visible to the naked eye.‖
- Ed Haletky, Virtualization Practice (www.virtualizationpractice.com)
27. Virtualization Security
What is the Solution?
Layered, Virtualization-Aware Security in One Platform
Deep Security Integrated Modules: With Agentless Security
• Antivirus Security
Virtual VM VM VM VM
• Integrity Monitoring Appliance
• Intrusion Prevention
VM VM VM VM VM VM
• Web Application Protection
• Application Control
• Firewall
• Log Inspection
Higher Optimized Simplified Stronger
Density Resources Management Security
Maximizes Performance and ROI
28. 1 Virtualization Security & Consolidation
Cost Reduction
Fitting into the VMware Ecosystem
Trend Micro Deep Security
Agentless
vShield Antivirus
Security Endpoint
Virtual Integrity Monitoring
Machine
Agentless
IDS / IPS
Other
VMware Web Application Protection
APIs Application Control
Firewall
Integrates Agent-based
with
Security agent
vCenter Log Inspection
on individual VMs
vSphere Virtual Environment
30. 1 Cloud Security
Cost Reduction & Consolidation
Cloud Models: Who Has Control?
Servers Virtualization & Public Cloud Public Cloud Public Cloud
Private Cloud IaaS PaaS SaaS
End-User (Enterprise) Service Provider
Who is responsible for security?
• With IaaS the customer is responsible for VM-level security
• With SaaS or PaaS the service provider is responsible for security
31. 1 Cost Reduction & Consolidation
Cloud Security
Challenge: Data Destruction
10011
10011
011100
00101
00101
10011
01110
00101
When data is moved, unsecured data remnants can remain
32. 1 CloudCost Reduction & Consolidation
Security
What is the Solution? Data Protection
Server & App Security
Data Security
Credit Card Payment
Encryption
Modular Protection SensitiveMedical Numbers
Social Security Records
Patient Research Results
Information
with Policy-based
Key Management
• Unreadable for unauthorized
users
• Self-defending VM security • Control of when and
where data is accessed
• Agentless and agent-based
• Server validation
• One management portal for all
modules, all deployments • Custody of keys
Integration ensures servers have up-to-date
security before encryption keys are released
vSphere & vCloud
33. 1 Cloud Security
Cost Reduction & Consolidation
Fitting Encryption into a VMware Ecosystem
Trend Micro
SecureCloud VMware vCloud
VMware
vSphere
Data Center Private Cloud Public Cloud
Key Service
Console
VM VM VM VM VM VM VM VM VM VM VM VM
Enterprise Key
Encryption throughout your cloud journey—
data protection for virtual & cloud environments
34. Virtualization and Cloud Security
Pulling It All Together
Physical Virtual Cloud
• Do you have one solution for physical, virtual, and cloud servers?
• Does your solution address the risks specific to each platform?
• Are you maximizing your performance for better ROI?
35. 1 Virtualization and Cloud Security
Cost Reduction & Consolidation
One Security Model
VMware Virtualization Private Cloud
Security Security
Virtual VM VM VM VM Virtual VM VM VM VM
Appliance Appliance
• Agentless security • Agentless security • Encryption for vCloud
• Layered server security • Layered server • Compliance support
• Encryption for vSphere security (FIM, Encryption, etc.)
Public Cloud
Server security console
VM VM VM VM
• Shared policy profile
• Vulnerability shielding
Encryption console • Agent-based security
• Shared policy profile • Layered server security
• Key ownership • Encryption for leading cloud providers
• Compliance (FIM, Encryption, etc.)
36. Virtualization and Cloud Security
One Security Model is Possible
Physical Virtual Cloud
• Reduce Your Cost of Operations
• Reduce Your Investment in Management
• Increase Application Stability and Performance
• Achieve Compliance in Virtual and Cloud Environments
• Get Higher Virtualization and Cloud ROI
• Safely Use Private, Public, and Hybrid Clouds
Customers know they can trust Trend Micro security solutions. We have penetrated 48 of the top 50 Global Corporations, including…[step through the top bullets on the slide—DO NOT cover the %s at the bottom]
The different aspects of the journey to the cloud that we saw on the previous slide can be placed into three platforms: The first is physical; The second is virtual, including server and desktop virtualization; And the third is cloud, including private, public, and hybrid clouds.But just because the data center is evolving to include new platforms doesn’t mean the threat landscape is static—we still have evolving threats like data-stealing malware, botnets and targeted attacks (sometimes called APTs or Advanced Persistent Threats) and others. Integrated, layered security is needed across all of three of these platforms to defend against these threats. So although the threat landscape still has all these elements, there are unique security risks that must be considered for each platform. So the solution must recognize the specific security requirements of each individual platform.
Each of these platforms has unique security concerns. With physical machines, the manageability of various security solutions can be an issue.There can be a glut of security products—either through excessive layering or overly specialized products. This increases hardware and software costs. Also, management across the different products can be difficult – causing security gaps. And collectively these issues create a higher Total Cost of Ownership.The solution is to reduce complexity by consolidating security vendors and correlating protection.[click]With virtualization, the risks pertain to both performance and threats specific to virtual environments. There is a concern that security will reduce performance, which reduces the ROI of a virtual infrastructure. Also there are unique virtual machine attacks, such as inter-VM threats. Here the solution is increased efficiency—security that optimizes performance while also defending against traditional as well as virtualization-specific threats. [click]With cloud services, the risks pertain to less visibility and cloud-specific threats. Companies are concerned about having less visibility into their applications and data. And they are concerned about increased external threats, especially in multi-tenant environments.For the cloud, businesses need security that allows them to use the cloud to deliver IT agility. Data must be able to safely migrate from on-premise data centers to private clouds to public clouds so organizations can make the best use of resources. [click]As we’ll see later, all of these concerns can be addressed. And through protection that is provided in an integrated security solution all managed through one console. With cross-platform security, you’ll stay protected as your data center and virtual or cloud deployments evolve, allowing you to leverage the benefits of each platform while defending against the threats unique to each environment.
Now we’ll step through each platform individually, starting with physical servers and endpoints. Regardless of how your business evolves, you’ll still need dedicated physical servers. They give you the highest level of visibility and control, provide dedicated computing resources, and support specialty hardware and software. Today, the security that is needed for physical machines is relatively well known. The issue is more, how do I deploy effective protection while reducing management. Integrating security onto one platform reduces the glut of security products which in turn reduces management and costs.
As you can see here, an integrated approach to server security includes a Firewall, HIPS and Virtual Patching, Web Application Protection, Antivirus, File Integrity Monitoring, and Log Inspection. [click]To reduce complexity, all of these capabilities should be integrated into one solution and should be managed through one console with advanced reporting capabilities. Here we’re talking about how to reduce complexity with your physical server security. But when this protection is provided in a cross-platform solution, your security can also travel with you as your business evolves to use virtualization and the cloud.
The next platform we’ll discuss is virtualization. Most companies are virtualizing their data centers. In a recent survey by Trend Micro, 59% of respondents had server virtualization in production or trial, and 52% had desktop virtualization in As the foundation to the cloud, businesses should deploy virtualization security that protects their data center virtual machines as well as their virtual machines that are moved to private and public cloud environments. In the next few slides, we will discuss virtualization security challenges and the solutions to address these challenges, using virtualization-aware security.
The first security challenge, resource contention, goes to the heart of the performance concerns. [click]Traditional antivirus security was not designed for a virtual environment. When traditional security is applied to virtual machines, it does not realize it is in a shared resource environment and the antivirus scans or scheduled updates are automatically initiated across multiple VMs at the same time. [click]This can burden the host, resulting in an “antivirus storm.” This causes debilitating performance degradation on the underlying host machine. This problem is not limited to antivirus. Other security scans and updates can also overburden the system if initiated simultaneously. [click]The solution is a dedicated security virtual appliance that recognizes that it is in a virtual environment and staggers scans and updates across guest VMs. Agentless security further reduces the resource usage, increasing performance and consolidation rations. We’ll discuss these solutions in more detail in a moment.
Next we’ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected. [click]Again the solution is a dedicated security virtual appliance that can ensure that guest VMs on the same host have up-to-date security if accessed or reactivated, and can make sure that newly provisioned VMs also have current security. This security virtual appliance should include layered protection that integrates multiple technologies such as antivirus, integrity monitoring, intrusion detection and prevention, virtual patching, and more. .
The final virtualization challenge we’ll discuss is the complexity of management. Virtual machines are dynamic. They can quickly be reverted to previous instances, paused, and restarted, all relatively easily. They can also be readily cloned and seamlessly moved between physical servers. Vulnerabilities or configuration errors may be unknowingly propagated. Also, it is difficult to maintain an auditable record of the security state of a virtual machine at any given point in time.[click]This dynamic nature and potential for VM sprawl makes it difficult to achieve and maintain consistent security. Hypervisor introspection is needed for visibility and control. Security that leverages the hypervisor APIs can ensure that each guest VM on the host remains secure and that this security coordinates with the virtualization platform.
I’d now like to highlight a couple of additional virtualization challenges. The next one we’ll discuss today is inter-VM attacks and blind spots. [click]When a threat penetrates a virtual machine, the threat can then spread to other virtual machines on the same host. Traditional security such as hardware-based firewalls might protect the host, but not the guest virtual machines. And cross-VM communication might not leave the host to be routed through other forms of security, creating a blind spot. [click]For the solution, protection must be applied on an individual virtual machine level, not host level, to ensure security. And integration with the virtualization platform, such as VMware, provide the ability to communicate with the guest virtual machines. Also, virtual patching ensures that VMs stay secure until patches can be deployed.
Both of the previous challenges mentioned a dedicated security virtual appliance as a solution. I want to take a moment to explain this approach in more detail. The old approach put the full antivirus solution on each virtual machine. Duplicating the full solution on each VM burdens the host. But it also means that security can become out of date if that VM becomes dormant.But with a dedicated security virtual machine, the solution uses hypervisor introspection to ensure that all guest VMs have up to date security—when accessed, provisioned, or reactivated. This avoids security instant-on gaps.A dedicated security virtual machine can also enable agentless security. For example a solution that integrates with VMware vShield Endpoint, part of VMware vSphere, can use vShield Endpoint APIs to communicate with guest VMs without requiring a separate security agent on each VM. And the security virtual appliance can coordinate and stagger scans to avoid resource contention and also preserve the performance profile of virtual servers by running resource-intensive operations, such as full system scans, from the separate scanning virtual machine. This agentless security approach was initiated with agentless antivirus, but it can now encompass a full range of server security technologies[click]In addition to antivirus, agentless security now extends to integrity monitoring, intrusion prevention, virtual patching, firewall, and web application protection.[click]Collectively this approach to securing virtual machines maximizes protection and ROI, letting you get the most out of your virtual server and desktop efforts.
I mentioned that the agentless approach began with agentless antivirus. Trend Micro’s agentless antivirus solution was available starting in 2010, so there’s been an opportunity to test its success. In an independent study by Tolly Enterprises, Trend Micro agentless antivirus was tested against leading traditional antivirus solutions that do not use a dedicated security virtual appliance and agentless antivirus, and the results were striking. Trend Micro’s agentless antivirus achieved 3 times higher VDI VM consolidation ratios—and similar results also extended to server virtualization as well. The VDI results translate into saving almost $540,000 every 3 years for each 1000 virtual desktops.
Benefits:Logical separation of tenant policies and data; allows separate tenants or business units to manage policies independently Delivers security-as-service to consumers of IaaS providers Elasticity of security infrastructure to cloud-scale; automatically provision security to new VM's in dynamic environments Extensibility and integration to modern cloud management infrastructure
Trend Micro agentless security is really picking up momentum. [Step through points on slide—will be pulled up one at a time.Note: “multiple agentless security module available” includes AV, FIM, intrusion prevention, web application protection, and firewall.]
So what is the solution to these final two challenges? Layered virtualization-aware security in one platform. The security virtual appliance with agentless security that we discussed earlier can provide multiple modules, as listed here—antivirus, integrity monitoring, intrusion prevention, Web application protection, application control, firewall, and log inspection. With this integrated protection that is designed for a virtual environment, you can achieve higher consolidation ratios, faster performance, better manageability, and stronger overall security.
VMware controls more than half of the virtualization market. Virtualization security must fit into the VMware ecosystem to effectively support enterprise virtualization efforts. Here we demonstrate the different VM-security aspects and how they can fit into a VMware infrastructure.[click]The pairing of agent-less antivirus and agentless integrity monitoring with vShield Endpoint enables massive reduction in memory footprint for security on virtual hosts by eliminating security agents from the guest virtual machines and centralizing those functions on a dedicated security virtual machine. [click]Protection such as intrusion detection and prevention, web application protection, application control, and firewall can be integrated with VMware using VMsafe APIs, integrating security with VMware vSphere environments. Again this can be an agent-less option.[click]And finally, log inspection which optimizes the identification of important security events buried in log entries, can be applied through agent-based protection on each VM. [click]These elements can be integrated and centrally managed with VMware vCenter Server. Together, these provide comprehensive, integrated virtual server and desktop security.
Now we’ll cover the final platform, cloud computing. Cloud computing is usually built on virtualization. So, all of the previous challenges and solutions we discussed in the previous section on virtualization apply to the cloud. But cloud computing also introduces its own challenges as well as solutions. Let’s take a look.
When planning to deploy your data to the cloud, you must assess your security requirements and select a cloud model that is going to meet your business needs and objectives. Visibility and control decrease as you move from on-site virtualization and private cloud environments to public cloud models. With a private cloud, you control your assets, but with a public cloud, the service provider controls the underlying infrastructure, ultimately controlling access to your IT assets. This raises particular security concerns for a public cloud environment.[click]The degree to which you control and are responsible for security in the public cloud varies by public cloud model. [click]With an Infrastructure as a Service cloud, the service provider is responsible for securing the underlying hardware, but businesses are expected to secure their virtual infrastructure and their applications and data built on top of it.[click]With Software as a Service and Platform as a Service clouds, the service provider is responsible for most of the security. However, businesses should not assume that service providers provide sufficient security and should ask about the types of protection provided. In addition, you need to secure your endpoints that connect to the service to ensure that the cloud service does not compromise endpoint resources and data. For this presentation, when discussing the public cloud, we’ll focus on Infrastructure as a Service cloud because businesses are responsible for most of the security, including protecting their virtual infrastructure and their applications and data built on top of it..
The final cloud computing challenge we’ll discuss today is data destruction. As I mentioned before, cloud data can move to make the best use of resources. [click]But when data is moved, sometimes remnants remain if the data in the previous location is not completely shredded. These remaining data remnants can create a security concern. [click]Again encryption is the solution because any remaining data remnants are unreadable if accessed by unauthorized users.
So what is the solution? Cloud protection should include self-defending VM security that travels with the virtual machine into a cloud infrastructure. This allows businesses to transfer a complete security stack into the cloud and retain control. And this cloud security should be provided in a modular infrastructure with both agentless and agent-based options so it can be customized to your individual cloud deployment needs. The security should be provided on one platform that is managed through a single console—across your physical, virtual, and cloud deployments, including private, public, and hybrid clouds. [click]Another method of protecting data in the cloud is encryption with policy-based key management. The solution should start with industry-standard encryption that renders your data unreadable to outsiders. Even if your data is moved and residual data is left behind, the data in the recycled devices is obscured. It is critical to have this encryption accessed through policy-based key management to specify when and where your data is accessed. And through policies, identity- and integrity-based validation rules specify which servers have access to decryption keys.An encryption solution should also give the option to access keys through a SaaS or on-site virtual appliance with customer control over the keys to support a clear separation of duties and to avoid vendor lock-in. An encryption solution with policy-based key management allows even heavily regulated companies to leverage the flexibility and cost savings of the public cloud while ensuring their data stays secure. [click]These two solution elements can be integrated with a context approach to security. For example, encryption policies can specify that encryption keys will not be released unless the requesting server has up-to-date security, ensuring that the data stays protected when accessed by self-defending VM security. [click]And this security should work with multiple cloud platforms—allowing you to create the right cloud environment for your business.
Earlier we reviewed how the Trend Micro server security platform with modular security integrates with a VMware ecosystem. Here we see how Trend Micro’s cloud data encryption solution—SecureCloud—supports a VMware environment.Here we see the VMware ecosystem with vSphere which creates a virtualization platform and vCloud that provides technologies to support private and public clouds. vCloud Director provides a management portal into these cloud technologies.[click]Trend Micro SecureCloud leverages information from vSphere and vCloud to provide native support for these environments. [click]Then SecureCloud can provide encryption capabilities in VMware virtual, private, and public cloud environments. [click]This gives companies encryption support today and as their data centers evolve.
If you’re using virtualization or cloud computing to support your business, ask yourself the following questions about your security solution. Do you have one solution for physical, virtual, and cloud servers?Does your solution address the risks specific to each platform?Are you maximizing your performance for better ROI?If you don’t answer “yes” to all three, then you may want to look at replacing your current security solution. Trend Micro provides a single security platform for your physical, virtual, and cloud servers, as well as virtual desktops. This security is designed to address the security challenges unique to each platform while maximizing performance and ROI.
Let’s take a look at how this one security model from Trend Micro can protect you as your data center evolves. We’ll use a VMware environment as an example. So maybe you start by using this security to protect your physical machines. But then you introduce VMware virtual machines into your data center. The dedicated security virtual appliance provides agentless security options and layered protection. And encryption secures you data in your vSphere environment.[click]Then you decide to offer a private cloud with automated provisioning of resources. The same virtualization security extends into your private cloud agentless security and layered protection. And encryption protects vCloud environments, helping to ensure compliance while using the cloud. [click]At some point maybe you find that you need additional scalability—maybe for development and testing, or additional capacity during a peak time. Instead of building out your own infrastructure, you decide to leverage the public cloud. Now you don’t have sole use of the hypervisor to be able to use agentless security, so you deploy the agent-based options. And this gives you the same layered security as the agent-less options in your virtual data center and private cloud. The encryption supports your service provider’s environment and helps you to achieve compliance while using the public cloud. [click]And your server security and encryption solutions both provide integrated management across all of these deployments—virtual data center, private cloud, public cloud, and hybrid cloud, allowing you to create a shared policy profile across these deployments. Ultimately you receive better security with simplified management.
But how would YOU benefit from this solution? With Trend Micro’s single security model across physical, virtual, and cloud, you would…[step through bullets on slide].Regardless of where you are on your journey to the cloud, Trend Micro’s solution can protect you today and as your data center further evolves with virtualization and cloud computing.