Virtualizing more of an organization's workloads presents both opportunities and risks. As more mission-critical workloads are virtualized, security and compliance become greater priorities. Purpose-built solutions that provide security, visibility, and control over virtual infrastructure and assets are needed. Intel, HyTrust, and McAfee are partnering to provide comprehensive solutions through technologies like Intel TXT, the HyTrust Appliance, and McAfee security products to help organizations securely virtualize more workloads while improving their security posture and compliance.

1. Virtualizing More While Improving Risk Posture –
From Bare Metal to End Point
Rishi Bhargava – Sr. Director, Product Management, Datacenter & Server Security, McAfee
James Greene – Product Marketing, Intel
Hemma Prafullchandra – CTO and SVP Products, HyTrust
© 2012, HyTrust, Inc. www.hytrust.com 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com
1

2. Agenda
Introductions
Overview: Setting the Stage
Solutions:
 Intel
 HyTrust
 McAfee
Discussion Topics/Q&A
Summary
© 2012, HyTrust, Inc. www.hytrust.com 2

3. Setting the Stage: Security and Compliance Will Be Key to
Virtualizing the Next 50% of the Data Center
100%
Cost Savings Compliance Risk Discussion
% of Workloads Virtualized
Enterprise Platform  Growth depends on
virtualizing mission
critical workloads
Extensive Production
 Virtualization platform
provides basic
Limited Production security: OK for non-
Mission-Critical Workloads critical workloads
Develop/Test  Tier 1/2 workloads
have higher security,
compliance needs
Non-Mission-Critical Workloads
 Purpose-built solutions
0%
needed
Non-Compliant Limited Compliance Compliant Best-Practice
© 2012, HyTrust, Inc. www.hytrust.com 3

4. Audience Poll
What are your virtualization priorities for 2012?
(Pick Top Priority)
 Maximize performance and availability with sophisticated monitoring
 Continue to increase consolidation ratios
 Better management of existing virtual environments
 Standardization of hypervisors and/or platforms
 Become compliant and/or other organizational mandates (i.e. 25% quota for
Federal organizations…)
 Only maintain at this point
© 2012, HyTrust, Inc. www.hytrust.com
© 2011, HyTrust, Inc. www.hytrust.com 4

5. 4 “Must Haves” For a Secure Cloud Environment
Virtual
Infrastructure
Intel TXT
© 2012, HyTrust, Inc. www.hytrust.com 5

6. Audience Poll
What security concern ranks highest in importance in your
virtualized environments in 2012?
 Lack of automation (admin is brought in for every update and change)
 Self service for line of businesses to access/manage their virtual machines
 Strength of security policies and processes around access and change controls
 Insider threat – either malicious or errant
 Logging and reporting tools for audit and/or forensics purposes
 All of the above
© 2012, HyTrust, Inc. www.hytrust.com
© 2011, HyTrust, Inc. Inc. www.hytrust.com 6
© 2012, HyTrust, www.hytrust.com

7. Intel Security Focus
Security & Trust Built-In
Identity Detection & Securing Data Recovery and
Protection & Prevention of and Assets Enhanced
Fraud Deterrence Malware Patching
Hardened Foundation for Computing
7

8. Intel® Technologies: Server Security
Encrypt Isolate Enforce
Intel® AES-NI Intel® VT & Intel® Intel® TXT
TXT
protects VM isolation
delivers built-in and provides a more establishes “trusted”
encryption acceleration secure platform status, foundation to
for better data launch control migration based
protection on security policy
VM 1 VM 2
VM 1 VM 1 VM 2
VMM
?? VMM
Establishing the Foundation for More Secure Computing
8

9. Intel® Trusted Execution Technology
Intel® TXT: Hardware Root of
Trust
• Enables isolation and tamper
detection in boot process
• Measured/Verified BIOS and
Hypervisor or OS
• Complements runtime Intel®
protections Chipset
TPM
• Reduces support and
remediation costs BIOS Flash VT VMM/OS
(MLE)
• Hardware based trust
provides visibility and
verification useful in
compliance, enforcement
Intel® TXT: Enforce Control On The Platform
9 www.intel.com/go/txt

10. Intel® TXT Use Models
Trusted Pools
2
1
Hardware enforced detection of
launch components —reduces
malware threat Trusted Launch –
1 Verified platform
integrity
2 Enforce control of VMs based
Internet
on platform trust (and more)
to better protect data
3 Hardware support for
compliance reporting
Compliance Support – enhancing
3 auditability of cloud environment
Powerful Benefits: Protection, Visibility and Control
*Other names and brands may be claimed as the property of others
10 www.intel.com/go/txt

11. HyTrust Appliance Provides Necessary Controls to
Confidently Virtualize Mission-Critical Applications
Secures the administration of the
hypervisor & virtual infrastructure:
 Enforces consistent access and
authorization policies covering all
access methods
 Provides granular, user-specific,
audit-quality logs
 Enables strong, multi-factor
authentication
 Verifies platform integrity, ensuring the
hypervisor is hardened and the virtual
infrastructure is trusted
Provides complete visibility into and control over who accesses the infrastructure, the
integrity of the infrastructure, and the validity of the changes requested.
© 2012, HyTrust, Inc. www.hytrust.com 11

12. Technology Leaders Partner With HyTrust for
Comprehensive Solutions
HyTrust is part of Intel's HyTrust event reporting and HyTrust provides
HyTrust is part of CA trusted cloud architecture TXT-based trust status
Access Control for native integration with
based on TXT being integrated with SecurID and enVision
Virtual Environments McAfee ePO
HyTrust provides HyTrust is the platform HyTrust is "go to" partner
HyTrust reporting and
combined reporting security solution - for vSphere security and
controls being integrated
with Trend's Deep access control and compliance
with Symantec CCS
Security product auditing - for vBlock
© 2012, HyTrust, Inc. www.hytrust.com 12

13. McAfee Data Center Solutions
GTI
McAfee ePO SEIM
Security Management
Server Security Network Security
13

14. McAfee Data Center
Server Security Solutions
14

15. MOVE-AV Benefits
OPTIMIZES McAfee security for
1
virtualized environments
STANDARDIZES security across all
2
major hypervisors
ENSURES best security management
3
and delivery for virtualized environments
Security Intelligence for Virtualization
15 Confidential

16. Optimizes McAfee Anti-Virus
VM VM MOVE McAfee ePO
Appliance
MOVE MOVE
MA MA MA
OS OS OS
Hypervisor
Features
• Offloads On-Access Scanning
• Enhanced scan avoidance
• Memory protection
Datacenter
• Quarantine
• GTI file reputation
• VSE license for virtual machines
16

17. 2. Standardizes Security Across Hypervisors
VM VM MOVE McAfee ePO
Appliance
MOVE MOVE
MA MA MA
OS OS OS
VMware ESX
Citrix XenServer
Features
Microsoft Hyper-V* • Hypervisor-agnostic
• Hypervisor-aware scan scheduling
• Increased hypervisor capacity
Datacenter • Offline security for inactive servers
• ePO management
17 *Not supported for MOVE Scheduler

18. Discussion topic:
Accelerating time-to-value from your security initiatives
Audience: What works and doesn’t work in your organization’s security
office?
18

19. Discussion topic:
Secure Cloud Architecture begins with Hardware Root of
Trust
 Physical Equipment
 Virtualization platform
 Virtualized physical equipment
 Management
server/appliance/portal/services
Management
Intel TXT
19

20. Discussion topic:
Drive higher efficiencies and consolidation ratios through
virtualization-optimized security solutions for the guest
and virtual infrastructure
20

21. Discussion topic:
Provide corporate with visibility and enable a state of
continuous compliance
Audience: How are you producing these insights for your management
teams now?
21

22. Summary
• Together provide more comprehensive virtualization security
• Put Intel® Cloud Builders reference solutions to work: makes it easier to
deploy and optimize cloud infrastructure
www.intel.com/cloudbuilders
• Automatically enforce use of trusted compute pools for sensitive
workloads in private, hybrid of public clouds. Highly regulated and
security conscious organizations can demand use of trusted compute
pools!
www.hytrust.com
• For more information on McAfee’s MOVE offering visit
http://www.mcafee.com/us/products/move-anti-virus.aspx
22

23. Resources Links
 Intel TXT
 http://www.intel.com/go/txt
 Intel Cloud Builders
 http://www.intel.com/cloudbuilders
 McAfee
 http://www.mcafee.com/us/products/endpoint-protection/index.aspx
 HyTrust Appliance and Video Demos
 http://www.hytrust.com/resources/product
 HyTrust Case Studies and Resources
 http://www.hytrust.com/resources/case-studies
© 2012, HyTrust, Inc. www.hytrust.com 23

24. Thank You
© 2012, HyTrust, Inc. www.hytrust.com 24