Uploaded bydvmug1
PPTX, PDF491 views

Vmug birmingham mar2013 trendmicro

The document discusses security challenges posed by virtualization and cloud computing. It outlines three stages in the evolution of data centers from consolidation to private and public clouds. This evolution introduces new security challenges including inter-VM attacks, vulnerabilities in dormant or cloned VMs, and difficulties maintaining compliance across complex cloud environments. The document proposes that security solutions need to improve performance in virtual environments, provide visibility across platforms, and integrate management to address threats consistently across physical, virtual and cloud systems.

Businessโ—ฆTechnologyโ—ฆ

Embed presentation

Download to read offline
Giovanni Alberici โ€ข EMEA Product Marketing Addressing the new security challenges posed by virtualisation & cloud computing
Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud 15% 30% 70% 85% Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ Data centres are evolving to drive down costs and increase business flexibility The evolving data centre
Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ 15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
Cloned ๏ƒป Challenge: Instant-on Gaps ๏ƒผ ๏ƒผ๏ƒผ ๏ƒผ DormantActive Reactivated with out dated security ๏ƒป ๏ƒป New, reactivated and cloned VMs can have out-of-date security
Attacks can spread across VMs Challenge: Inter-VM Attacks / Blind Spots
Not Patched ๏ƒผ ๏ƒผ Patched ๏ƒผ ๏ƒผ ๏ƒป ๏ƒป ๏ƒป Virtualization - patching doesnโ€™t go away 6/18/2013 6 Copyright 2012 Trend Micro Inc. โ€œโ€ฆvirtual machine proliferation could soon make it very difficult to maintain compliant environments.โ€ VMware on Patch Management
Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ 15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Service Provider (in)Security Multi-tenancy Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
Data security challenges in the cloud Encryption rarely used: - Who can see your information? Storage volumes and servers are mobile: - Where is your data? Has it moved? Rogue servers might access data: - Who is attaching to your storage? Audit and alerting modules lacking: - What happened when you werenโ€™t looking? Encryption keys tied to vendor: - Are you locked into a single security solution? Who has access to your keys? Storage volumes contain residual data: - Are your storage devices recycled securely? Classification 6/18/2013 9 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732โ€ฆ Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732โ€ฆ
Challenges for public cloud Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall โ€“ Lowest common denominator โ€“ less fine grained control Multiple customers on one physical server โ€“ potential for attacks via the hypervisor Shared storage โ€“ is customer segmentation secure against attack? Easily copied machine images โ€“ who else has your server? Internet
Public Cloud: Private Security Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall โ€“ Lowest common denominator โ€“ less fine grained control Multiple customers on one physical server โ€“ potential for attacks via the hypervisor Shared storage โ€“ is customer segmentation secure against attack? Easily copied machine images โ€“ who else has your server? Doesnโ€™t matter โ€“ the edge of my virtual machine is protected Doesnโ€™t matter โ€“ treat the LAN as public Doesnโ€™t matter โ€“ treat the LAN as public Doesnโ€™t matter โ€“ They can start my server but only I can unlock my data Doesnโ€™t matter โ€“ My data is encrypted Internet
Copyright 2013 Trend Micro Inc. Data Center Physical Enabling the Data Center (R)evolution Virtual Private Cloud Public Cloud Deep Security Agent/Agentless Anti-Malware Integrity Monitoring Application Control Log Inspection Firewall Virtual Patching Data Center Ops Security By 2016, 71% of server workloads will be virtualized
Any Hypervisor Virtualization Security - Agent Based VMware Hypervisor Virtualization Security - Agentless
Improves system performance1 Eases security administration2 Improves security & compliance3 Advantages of Deep Security for Virtualization Enables workload flexibility4
15 Deep Security Virtual Appliance Improves system performance1 50% more VDIs 20 โ€“ 30% more virtual servers
Deep Security 9 Scan Cache โ€ข Separate cache for Anti-malware scheduled/on-demand and Integrity Monitoring โ€ข Up to 20x improvement for Anti-malware scans between VMs โ€ข Reduce resources and overall on-demand scan time for Anti-malware โ€ข Reduce overall baseline time for Integrity Monitoring โ€ข Great benefits for VDI (VMs are linked clones) 6/18/2013 16Confidential | Copyright 2012 Trend Micro Inc.
Anti-malware Scan Performance 6/18/2013 17Confidential | Copyright 2012 Trend Micro Inc. 1st AM scan 2nd AM scan (cached) Scan time ~ 20x faster Significant DSVA CPU Reduction Huge IO Volume Reduction
18 โ€ข Visibility into virtual and cloud environments โ€“ vCenter, Active Directory, vCloud, Amazon (AWS) โ€ข Automation & Recommendation โ€“ Identify unique security controls required โ€“ OS, applications, patch-levels, vulnerabilities โ€“ Automatically deploy and activate security policies โ€“ Example: SAP server requires 28 controls Provisioning Infrastructure vCenter, AD, vCloud and AWS Virtual Appliance Public Cloud Deep Security โ€ข Scalable โ€ข Redundant SAP Exchange Servers Oracle Web Server Web Server 73 controls 8 controls 28 controls 19 controls 15 controls Linux Server Eases security administration2
6/18/2013 19Confidential | Copyright 2012 Trend Micro Inc.
Global threat intelligence from the cloud โ€ฆ collects 6TB worth of data for analysis โ€ฆ analyses 1.15B new threat samples โ€ฆ identifies 90,000 new threats โ€ฆ blocks 200M threats EVERY 24 HOURS 20 Improves security & compliance3
Patch Management is a Growing Challenge Critical โ€œSoftware Flawโ€ Vulnerabilities in 2012 Common Vulnerabilities & Exposures (โ€œCVEโ€): Score 7-101,764 Almost 7 critical vulnerabilities everyday! 6/18/2013 21Confidential | Copyright 2013 Trend Micro Inc. โ€œDue to the increasing volume of public vulnerability reports, the Common Vulnerabilities and Exposures (CVE) project will change the syntax of its standard vulnerability identifiers so that CVE can track more than 10,000 vulnerabilities in a single year.โ€ http://cve.mitre.org/news/index.html 2012 saw 26% increase in # of vulnerabilities disclosed NSS Labs
22 Virtual Patching with Deep Security Time Vulnerability discovered Over 100 applications shielded including: Operating Systems Database servers Web app servers Mail servers FTP servers Backup servers Storage mgt servers DHCP servers Desktop applications Mail clients Web browsers Anti-virus Other applications ๏ƒผ Patch available ๏ƒผ Patch tested ๏ƒผ Patch deployed Systems at risk! Reduced risk! Virtual patch ๏ƒผ
Compliance with Deep Security 23 IDS / IPS Web Application Protection Application Control Firewall Deep Packet Inspection Integrity Monitoring Log Inspection Anti-Malware 5 Protection Modules Defence In Depth Addressing 7 PCI requirements and 20+ sub-controls including: ๏ƒพ (1.) Network Segmentation ๏ƒพ (1.x) Firewall ๏ƒพ (5.x) Anti-Malware ๏ƒพ (6.1) Virtual Patching ๏ƒพ (6.6) Web App. Protection ๏ƒพ (10.6) Daily Log Review ๏ƒพ (11.4) IDS / IPS ๏ƒพ (11.5) Integrity Monitoring PCI-DSS Compliance
Physical Database Storage Virtual Web Server Mail Server Web Server Enterprise Providers Deep Security Web Access Enables workload flexibility4
Physical Virtual Cloud Manageability Glut of security products Less security Higher TCO Reduce Complexity One Security Model is Possible across Physical, Virtual, and Cloud Environments Integrated Security: Single Management Console Performance & Threats Traditional security degrades performance New VM-based threats Increase Efficiency Visibility & Threats Less visibility More external risks Deliver Agility
Thank You! 6/18/2013 26Confidential | Copyright 2012 Trend Micro Inc.

More Related Content

PPT
Cloud Security
byRashmi Agale
ย 
PPTX
Rik Ferguson
byCloudExpoEurope
ย 
PPTX
Virtualization security for the cloud computing technology
byDeep Ranjan Deb
ย 
PDF
Virtually Secure: Uncovering the risks of virtualization
bySeccuris Inc.
ย 
PPTX
New Horizons for End-User Computing Event - Trend
byArrow ECS UK
ย 
PPTX
Securing Your Public Cloud Infrastructure
byQualys
ย 
PDF
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
byVMworld
ย 
PDF
Cloud security risks
byRevital Lapidot
ย 
Cloud Security
byRashmi Agale
ย 
Rik Ferguson
byCloudExpoEurope
ย 
Virtualization security for the cloud computing technology
byDeep Ranjan Deb
ย 
Virtually Secure: Uncovering the risks of virtualization
bySeccuris Inc.
ย 
New Horizons for End-User Computing Event - Trend
byArrow ECS UK
ย 
Securing Your Public Cloud Infrastructure
byQualys
ย 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
byVMworld
ย 
Cloud security risks
byRevital Lapidot
ย 

What's hot

PDF
Avoid Meltdown from the Spectre - How to measure impact and track remediation
byQualys
ย 
PDF
Migrating to the Cloud: Lessons Learned from Federal Agencies
byVMware
ย 
PPT
Effectively and Securely Using the Cloud Computing Paradigm
byfanc1985
ย 
PDF
A Plan to Control and Protect Data in the Private and Public Cloud
byRochester Security Summit
ย 
PDF
IANS information security forum 2019 summary
byKarun Chennuri
ย 
PDF
Cloud Native Security: New Approach for a New Reality
byCarlos Andrรฉs Garcรญa
ย 
PPTX
Mohammed Al Mulla - Best practices to secure working environments
bynooralmousa
ย 
PPTX
CLOUD NATIVE SECURITY
byMaganathin Veeraragaloo
ย 
PPTX
Cloud Computing Security Threats and Responses
byshafzonly
ย 
PPTX
Virtualization: Security and IT Audit Perspectives
byJason Chan
ย 
PPT
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
byTT L
ย 
PDF
Csathreats.v1.0
byvivek_kale27
ย 
PPTX
Symantec Advances Enterprise Mobility Strategy
bySymantec
ย 
PDF
Cloud security introduction
byCalvin Lee
ย 
PDF
AWS Cloud Security From the Point of View of the Compliance
byYury Chemerkin
ย 
PDF
Symantec Virtualization Launch VMworld 2012
bySymantec
ย 
PDF
VMware vRealize Network Insight Frequently Asked Questions FAQ
byRichard Common
ย 
PPTX
Vulnerabilities in SaaS layer of cloud computing
byClinton DSouza
ย 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
byQualys
ย 
Migrating to the Cloud: Lessons Learned from Federal Agencies
byVMware
ย 
Effectively and Securely Using the Cloud Computing Paradigm
byfanc1985
ย 
A Plan to Control and Protect Data in the Private and Public Cloud
byRochester Security Summit
ย 
IANS information security forum 2019 summary
byKarun Chennuri
ย 
Cloud Native Security: New Approach for a New Reality
byCarlos Andrรฉs Garcรญa
ย 
Mohammed Al Mulla - Best practices to secure working environments
bynooralmousa
ย 
CLOUD NATIVE SECURITY
byMaganathin Veeraragaloo
ย 
Cloud Computing Security Threats and Responses
byshafzonly
ย 
Virtualization: Security and IT Audit Perspectives
byJason Chan
ย 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
byTT L
ย 
Csathreats.v1.0
byvivek_kale27
ย 
Symantec Advances Enterprise Mobility Strategy
bySymantec
ย 
Cloud security introduction
byCalvin Lee
ย 
AWS Cloud Security From the Point of View of the Compliance
byYury Chemerkin
ย 
Symantec Virtualization Launch VMworld 2012
bySymantec
ย 
VMware vRealize Network Insight Frequently Asked Questions FAQ
byRichard Common
ย 
Vulnerabilities in SaaS layer of cloud computing
byClinton DSouza
ย 

Similar to Vmug birmingham mar2013 trendmicro

PPTX
Steve Porter : cloud Computing Security
byGurbir Singh
ย 
PDF
Cw13 securing your journey to the cloud by rami naccache-trend micro
byTheInevitableCloud
ย 
PPTX
Trend micro v2
byJD Sherry
ย 
PDF
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
byMinh Le
ย 
PPTX
Check Point: Security in virtual environment
byASBIS SK
ย 
PDF
TrendMicro - Security Designed for the Software-Defined Data Center
byVMUG IT
ย 
PDF
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
byHyTrust
ย 
PPTX
CWIN17 Toulouse / Automated security for the real time enterprise-trend micro...
byCapgemini
ย 
PPTX
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
byAcrodex
ย 
PPTX
Campus jueves
bycampus party
ย 
PPTX
emc world keynote gelsinger
byOrange Business Services Business development IT
ย 
PPTX
CSO CXO Series Breakfast
byCSO_Presentations
ย 
PDF
Presentation v mware virtualization & cloud vision 2010
bysolarisyourep
ย 
PPT
CyberCrime in the Cloud and How to defend Yourself
byAlert Logic
ย 
PPT
Kevin wharram
byKevin Wharram
ย 
PDF
PCI Compliance and Cloud Reference Architecture
byHyTrust
ย 
PDF
Presentation security build for v mware
bysolarisyourep
ย 
ODP
Cloud Computing
byCommit Software Sh.p.k.
ย 
PPTX
Virtualization 2011 v1
byPini Cohen
ย 
ODP
Implementing Private Clouds
byJohn Pritchard
ย 
Steve Porter : cloud Computing Security
byGurbir Singh
ย 
Cw13 securing your journey to the cloud by rami naccache-trend micro
byTheInevitableCloud
ย 
Trend micro v2
byJD Sherry
ย 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
byMinh Le
ย 
Check Point: Security in virtual environment
byASBIS SK
ย 
TrendMicro - Security Designed for the Software-Defined Data Center
byVMUG IT
ย 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
byHyTrust
ย 
CWIN17 Toulouse / Automated security for the real time enterprise-trend micro...
byCapgemini
ย 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
byAcrodex
ย 
Campus jueves
bycampus party
ย 
emc world keynote gelsinger
byOrange Business Services Business development IT
ย 
CSO CXO Series Breakfast
byCSO_Presentations
ย 
Presentation v mware virtualization & cloud vision 2010
bysolarisyourep
ย 
CyberCrime in the Cloud and How to defend Yourself
byAlert Logic
ย 
Kevin wharram
byKevin Wharram
ย 
PCI Compliance and Cloud Reference Architecture
byHyTrust
ย 
Presentation security build for v mware
bysolarisyourep
ย 
Cloud Computing
byCommit Software Sh.p.k.
ย 
Virtualization 2011 v1
byPini Cohen
ย 
Implementing Private Clouds
byJohn Pritchard
ย 

More from dvmug1

PDF
V mware
bydvmug1
ย 
PDF
S3
bydvmug1
ย 
PDF
Hp
bydvmug1
ย 
PPTX
E g innovations
bydvmug1
ย 
PPTX
Nimble storage
bydvmug1
ย 
PDF
Andrew bettany slides
bydvmug1
ย 
PPTX
10 zig
bydvmug1
ย 
PDF
Vmug azure vm_chris guestslides
bydvmug1
ย 
PPTX
Veeam presentation
bydvmug1
ย 
PPTX
Freeform dynamics
bydvmug1
ย 
PPTX
10 zig presentation
bydvmug1
ย 
PPTX
Vmug birmingham mar2013 trendmicro
bydvmug1
ย 
V mware
bydvmug1
ย 
S3
bydvmug1
ย 
Hp
bydvmug1
ย 
E g innovations
bydvmug1
ย 
Nimble storage
bydvmug1
ย 
Andrew bettany slides
bydvmug1
ย 
10 zig
bydvmug1
ย 
Vmug azure vm_chris guestslides
bydvmug1
ย 
Veeam presentation
bydvmug1
ย 
Freeform dynamics
bydvmug1
ย 
10 zig presentation
bydvmug1
ย 
Vmug birmingham mar2013 trendmicro
bydvmug1
ย 

Recently uploaded

PDF
๐–๐š๐  ๐‚๐ฅ๐จ๐ง๐ž ๐๐ž๐ญ ๐‚๐š๐ซ๐ž ๐€๐ฉ๐ฉ ๐ƒ๐ž๐ฏ๐ž๐ฅ๐จ๐ฉ๐ฆ๐ž๐ง๐ญ
byV3CUBE TECHNOLABS
ย 
PDF
A Brief Introduction About Xin Yi Hoo
byXin Yi Hoo
ย 
PDF
8 Best Marketplaces to Buy Facebook Accounts.pdf
bysmmsellerit.com
ย 
PDF
Where to Buy Facebook Accounts safely.pdf
bysmmsellerit.com
ย 
PDF
Company Valuation webinar - Feb 2026.pdf
byFelixPerez547899
ย 
PDF
What Is the Fastest Way to Buy Facebook Accounts.pdf
byFacebook Accounts
ย 
PPTX
Levels of Management: Top, Middle and Lower Management Explained
bychrispshajugig
ย 
PDF
Prasenjit Bhaumik Plano - Proficient In JavaScript, Python, And Database Mana...
byPrasenjit Bhaumik Plano
ย 
PPTX
5, Money Number Tax and Wages 19072017.pptx
byAdrian Hawkes
ย 
PDF
Safe Ways to Purchase Gmail Accounts (PVA & Aged) for Your Team.pdf
bypvaisback
ย 
PDF
Comments on Ultra Map Section II Multifaceted Second Edition.pdf
byBrij Consulting, LLC
ย 
PDF
How to Buy Verified Bybit Accounts in 2026.pdf
bymarketing
ย 
DOCX
Important Asset To know About Buying Old or Aged Verified Bybit Accounts.docx
byTopSelleriTDotCom
ย 
DOCX
8 Best Places to Buy Facebook Accounts at Wholesale Prices.docx
byFacebook Accounts
ย 
PDF
Best Place to Learn Old or Aged Verified Paysera Accounts in WWW.pdf
byTopSelleriT
ย 
PDF
Top Platform to Buy Facebook Accounts in Bulk Safely.pdf
byBuy Facebook Accounts
ย 
PDF
Kirill Klip GEM Royalty TNR Gold Presentation
byKirill Klip
ย 
PDF
๐‹๐š๐ฎ๐ง๐œ๐ก ๐˜๐จ๐ฎ๐ซ ๐Ž๐ฐ๐ง ๐€๐ฅ๐ฅ ๐ข๐ง ๐Ž๐ง๐ž ๐ƒ๐ž๐ฅ๐ข๐ฏ๐ž๐ซ๐ฒ ๐€๐ฉ๐ฉ ๐๐ฅ๐š๐ญ๐Ÿ๐จ๐ซ๐ฆ ๐‹๐ข๐ค๐ž ๐†๐ฅ๐จ๐ฏ๐จ
byV3CUBE TECHNOLABS
ย 
DOCX
What Are Telegram Accounts and Why Are They Important for Global Communicatio...
byx24gm4qs23vusc8s2b53
ย 
PDF
What Is Setup for Decoration | Machine Reality Explained
byInkdnylon
ย 
๐–๐š๐  ๐‚๐ฅ๐จ๐ง๐ž ๐๐ž๐ญ ๐‚๐š๐ซ๐ž ๐€๐ฉ๐ฉ ๐ƒ๐ž๐ฏ๐ž๐ฅ๐จ๐ฉ๐ฆ๐ž๐ง๐ญ
byV3CUBE TECHNOLABS
ย 
A Brief Introduction About Xin Yi Hoo
byXin Yi Hoo
ย 
8 Best Marketplaces to Buy Facebook Accounts.pdf
bysmmsellerit.com
ย 
Where to Buy Facebook Accounts safely.pdf
bysmmsellerit.com
ย 
Company Valuation webinar - Feb 2026.pdf
byFelixPerez547899
ย 
What Is the Fastest Way to Buy Facebook Accounts.pdf
byFacebook Accounts
ย 
Levels of Management: Top, Middle and Lower Management Explained
bychrispshajugig
ย 
Prasenjit Bhaumik Plano - Proficient In JavaScript, Python, And Database Mana...
byPrasenjit Bhaumik Plano
ย 
5, Money Number Tax and Wages 19072017.pptx
byAdrian Hawkes
ย 
Safe Ways to Purchase Gmail Accounts (PVA & Aged) for Your Team.pdf
bypvaisback
ย 
Comments on Ultra Map Section II Multifaceted Second Edition.pdf
byBrij Consulting, LLC
ย 
How to Buy Verified Bybit Accounts in 2026.pdf
bymarketing
ย 
Important Asset To know About Buying Old or Aged Verified Bybit Accounts.docx
byTopSelleriTDotCom
ย 
8 Best Places to Buy Facebook Accounts at Wholesale Prices.docx
byFacebook Accounts
ย 
Best Place to Learn Old or Aged Verified Paysera Accounts in WWW.pdf
byTopSelleriT
ย 
Top Platform to Buy Facebook Accounts in Bulk Safely.pdf
byBuy Facebook Accounts
ย 
Kirill Klip GEM Royalty TNR Gold Presentation
byKirill Klip
ย 
๐‹๐š๐ฎ๐ง๐œ๐ก ๐˜๐จ๐ฎ๐ซ ๐Ž๐ฐ๐ง ๐€๐ฅ๐ฅ ๐ข๐ง ๐Ž๐ง๐ž ๐ƒ๐ž๐ฅ๐ข๐ฏ๐ž๐ซ๐ฒ ๐€๐ฉ๐ฉ ๐๐ฅ๐š๐ญ๐Ÿ๐จ๐ซ๐ฆ ๐‹๐ข๐ค๐ž ๐†๐ฅ๐จ๐ฏ๐จ
byV3CUBE TECHNOLABS
ย 
What Are Telegram Accounts and Why Are They Important for Global Communicatio...
byx24gm4qs23vusc8s2b53
ย 
What Is Setup for Decoration | Machine Reality Explained
byInkdnylon
ย 

Vmug birmingham mar2013 trendmicro

  • 1.
    Giovanni Alberici โ€ขEMEA Product Marketing Addressing the new security challenges posed by virtualisation & cloud computing
  • 2.
    Stage 1 Consolidation Stage 2 Expansion& Desktop Stage 3 Private > Public Cloud 15% 30% 70% 85% Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ Data centres are evolving to drive down costs and increase business flexibility The evolving data centre
  • 3.
    Security challenges inthe cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ 15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
  • 4.
    Cloned ๏ƒป Challenge: Instant-on Gaps ๏ƒผ๏ƒผ๏ƒผ ๏ƒผ DormantActive Reactivated with out dated security ๏ƒป ๏ƒป New, reactivated and cloned VMs can have out-of-date security
  • 5.
    Attacks can spreadacross VMs Challenge: Inter-VM Attacks / Blind Spots
  • 6.
    Not Patched ๏ƒผ ๏ƒผ Patched ๏ƒผ๏ƒผ ๏ƒป ๏ƒป ๏ƒป Virtualization - patching doesnโ€™t go away 6/18/2013 6 Copyright 2012 Trend Micro Inc. โ€œโ€ฆvirtual machine proliferation could soon make it very difficult to maintain compliant environments.โ€ VMware on Patch Management
  • 7.
    Security challenges inthe cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency ๏ƒผ + Quality of Service ๏ƒผ + Business Agility ๏ƒผ 15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Service Provider (in)Security Multi-tenancy Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
  • 8.
    Data security challengesin the cloud Encryption rarely used: - Who can see your information? Storage volumes and servers are mobile: - Where is your data? Has it moved? Rogue servers might access data: - Who is attaching to your storage? Audit and alerting modules lacking: - What happened when you werenโ€™t looking? Encryption keys tied to vendor: - Are you locked into a single security solution? Who has access to your keys? Storage volumes contain residual data: - Are your storage devices recycled securely? Classification 6/18/2013 9 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732โ€ฆ Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732โ€ฆ
  • 9.
    Challenges for publiccloud Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall โ€“ Lowest common denominator โ€“ less fine grained control Multiple customers on one physical server โ€“ potential for attacks via the hypervisor Shared storage โ€“ is customer segmentation secure against attack? Easily copied machine images โ€“ who else has your server? Internet
  • 10.
    Public Cloud: PrivateSecurity Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall โ€“ Lowest common denominator โ€“ less fine grained control Multiple customers on one physical server โ€“ potential for attacks via the hypervisor Shared storage โ€“ is customer segmentation secure against attack? Easily copied machine images โ€“ who else has your server? Doesnโ€™t matter โ€“ the edge of my virtual machine is protected Doesnโ€™t matter โ€“ treat the LAN as public Doesnโ€™t matter โ€“ treat the LAN as public Doesnโ€™t matter โ€“ They can start my server but only I can unlock my data Doesnโ€™t matter โ€“ My data is encrypted Internet
  • 11.
    Copyright 2013 TrendMicro Inc. Data Center Physical Enabling the Data Center (R)evolution Virtual Private Cloud Public Cloud Deep Security Agent/Agentless Anti-Malware Integrity Monitoring Application Control Log Inspection Firewall Virtual Patching Data Center Ops Security By 2016, 71% of server workloads will be virtualized
  • 12.
    Any Hypervisor Virtualization Security- Agent Based VMware Hypervisor Virtualization Security - Agentless
  • 13.
    Improves system performance1 Easessecurity administration2 Improves security & compliance3 Advantages of Deep Security for Virtualization Enables workload flexibility4
  • 14.
    15 Deep Security VirtualAppliance Improves system performance1 50% more VDIs 20 โ€“ 30% more virtual servers
  • 15.
    Deep Security 9Scan Cache โ€ข Separate cache for Anti-malware scheduled/on-demand and Integrity Monitoring โ€ข Up to 20x improvement for Anti-malware scans between VMs โ€ข Reduce resources and overall on-demand scan time for Anti-malware โ€ข Reduce overall baseline time for Integrity Monitoring โ€ข Great benefits for VDI (VMs are linked clones) 6/18/2013 16Confidential | Copyright 2012 Trend Micro Inc.
  • 16.
    Anti-malware Scan Performance 6/18/201317Confidential | Copyright 2012 Trend Micro Inc. 1st AM scan 2nd AM scan (cached) Scan time ~ 20x faster Significant DSVA CPU Reduction Huge IO Volume Reduction
  • 17.
    18 โ€ข Visibility intovirtual and cloud environments โ€“ vCenter, Active Directory, vCloud, Amazon (AWS) โ€ข Automation & Recommendation โ€“ Identify unique security controls required โ€“ OS, applications, patch-levels, vulnerabilities โ€“ Automatically deploy and activate security policies โ€“ Example: SAP server requires 28 controls Provisioning Infrastructure vCenter, AD, vCloud and AWS Virtual Appliance Public Cloud Deep Security โ€ข Scalable โ€ข Redundant SAP Exchange Servers Oracle Web Server Web Server 73 controls 8 controls 28 controls 19 controls 15 controls Linux Server Eases security administration2
  • 18.
    6/18/2013 19Confidential |Copyright 2012 Trend Micro Inc.
  • 19.
    Global threat intelligencefrom the cloud โ€ฆ collects 6TB worth of data for analysis โ€ฆ analyses 1.15B new threat samples โ€ฆ identifies 90,000 new threats โ€ฆ blocks 200M threats EVERY 24 HOURS 20 Improves security & compliance3
  • 20.
    Patch Management isa Growing Challenge Critical โ€œSoftware Flawโ€ Vulnerabilities in 2012 Common Vulnerabilities & Exposures (โ€œCVEโ€): Score 7-101,764 Almost 7 critical vulnerabilities everyday! 6/18/2013 21Confidential | Copyright 2013 Trend Micro Inc. โ€œDue to the increasing volume of public vulnerability reports, the Common Vulnerabilities and Exposures (CVE) project will change the syntax of its standard vulnerability identifiers so that CVE can track more than 10,000 vulnerabilities in a single year.โ€ http://cve.mitre.org/news/index.html 2012 saw 26% increase in # of vulnerabilities disclosed NSS Labs
  • 21.
    22 Virtual Patching withDeep Security Time Vulnerability discovered Over 100 applications shielded including: Operating Systems Database servers Web app servers Mail servers FTP servers Backup servers Storage mgt servers DHCP servers Desktop applications Mail clients Web browsers Anti-virus Other applications ๏ƒผ Patch available ๏ƒผ Patch tested ๏ƒผ Patch deployed Systems at risk! Reduced risk! Virtual patch ๏ƒผ
  • 22.
    Compliance with DeepSecurity 23 IDS / IPS Web Application Protection Application Control Firewall Deep Packet Inspection Integrity Monitoring Log Inspection Anti-Malware 5 Protection Modules Defence In Depth Addressing 7 PCI requirements and 20+ sub-controls including: ๏ƒพ (1.) Network Segmentation ๏ƒพ (1.x) Firewall ๏ƒพ (5.x) Anti-Malware ๏ƒพ (6.1) Virtual Patching ๏ƒพ (6.6) Web App. Protection ๏ƒพ (10.6) Daily Log Review ๏ƒพ (11.4) IDS / IPS ๏ƒพ (11.5) Integrity Monitoring PCI-DSS Compliance
  • 23.
  • 24.
    Physical Virtual Cloud Manageability Glutof security products Less security Higher TCO Reduce Complexity One Security Model is Possible across Physical, Virtual, and Cloud Environments Integrated Security: Single Management Console Performance & Threats Traditional security degrades performance New VM-based threats Increase Efficiency Visibility & Threats Less visibility More external risks Deliver Agility
  • 25.
    Thank You! 6/18/2013 26Confidential| Copyright 2012 Trend Micro Inc.

Editor's Notes

  • #3ย The data centre is evolving. This is a depiction of a customerโ€™s typical virtualization journey from physical to cloud via virtualization.In stage 1, orgs have begun virtualization all of their low hanging fruit โ€“ web servers, file and print servers, some app servers, and begun to realize the hardware consolidation and operational management benefits that result in lower CAPX and OPEX costs.In stage 2, they have begun virtualizing more of their tier 1 apps and mission critical servers now. They are also leveraging some of the more advanced capabilities of virtualization such as automatic live migration, disaster recovery and software fault tolerance. Many stage 2 orgs have also started deploying virtual desktops as well.Benefits in stage 2 are even more cost efficiencies plus also higher QoS from the higher level virtualization capabilities.
  • #5ย Next weโ€™ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected. [click]Again the solution is a dedicated security virtual appliance that can ensure that guest VMs on the same host have up-to-date security if accessed or reactivated, and can make sure that newly provisioned VMs also have current security. This security virtual appliance should include layered protection that integrates multiple technologies such as antivirus, integrity monitoring, intrusion detection and prevention, virtual patching, and more. .
  • #6ย Iโ€™d now like to highlight a couple of additional virtualization challenges. The next one weโ€™ll discuss today is inter-VM attacks and blind spots. [click]When a threat penetrates a virtual machine, the threat can then spread to other virtual machines on the same host. Traditional security such as hardware-based firewalls might protect the host, but not the guest virtual machines. And cross-VM communication might not leave the host to be routed through other forms of security, creating a blind spot. [click]For the solution, protection must be applied on an individual virtual machine level, not host level, to ensure security. And integration with the virtualization platform, such as VMware, provide the ability to communicate with the guest virtual machines. Also, virtual patching ensures that VMs stay secure until patches can be deployed.
  • #7ย Patching is one of the most significant pain points for every IT department, and it also needs to be addressed in virtual datacenters. Patch cycles, virtual machine proliferation could soon make it very difficult to maintain compliant environments. http://www.vmware.com/virtualization/advantages/virtualization-management/patching.html VMware vCenter Update Manager lets you:Reduce the risks associated with patching hosts by allowing fast rollbacks to a pre-patch stage Eliminate application downtime related to VMware ESX host patching Increase IT administrator productivity with unique automation capabilities Increase flexibility by allowing delayed reboot of virtual machines VMware vCenter Update Manager is a fully integrated module of VMware vCenter Server. It does not require a complex installation or additional infrastructure.
  • #8ย In stage 3, organizations have started leveraging private and public clouds. The IT dept has transformed itself into acting as a service provider with charge-back type processes where consumers of IT are in effect renting computing space and time from IT. Benefits are further cost efficiencies, QoS and faster business agility.As orgs considered their move to stage 3, security was top of mind โ€“ IDC survey data shows that it is the #1 issue why orgs will not move to the cloud.
  • #13ย To address the risks of evolving your data center, we have a single platform and administration that secures your physical, virtual and cloud environments.Our solution is open, automated and highly scalable, fitting your existing infrastructure, seamlessly integrating with key applications like VMWare or cloud environments like Amazon Web Services.Like our end user protection solution, this solution is plug-and-play in nature โ€“ allowing you to extend and grow your solution as your business needs change.Block and remove malicious software with Anti-Malware.Protect against known and zero-day vulnerabilities with Intrusion Prevention. This provides you with โ€œvirtual patchingโ€ -- protecting you before you patch.Achieve segmentation of systems and reduce the attack surface with a host-based Firewall.Identify expected and unexpected (malicious) system changes with Integrity Monitoring.Gain additional visibility and correlation of system and application events with Log Inspection. This can be integrated with your existing SIEM for further insight.Protect sensitive data, particularly when using cloud service providers with Encryption.<click>And just like our other solutions, it is powered by our Smart Protection Network, protecting against real-world threats faster.Our Cloud and Data Center Solution protects you on your journey to the cloud โ€“ now and in the future.
  • #16ย Letโ€™s look at the example here:Letโ€™s imagine a VMware ESX host with 15 virtual servers running on it, each of which has a locally installed security agent providing e.g. AM, Web Threat Protection, FW, DPI, IM. So whatโ€™s the problem with this approach? Simultaneous scanning, updates, network traffic analysis and so on lead to increased resource usage on each VM, and a cumulative resource impact on the ESX host which can be disastrous and lead to outages of the host and โ€“ therefore โ€“ all of the VMs running on that host. This is turn can result in a combination of the following:Less VMs per ESX hostReduced security on each VMNo security on each VMSo how does Deep Security solve this problem? Deep Securityโ€™s agentless protection abilities mean you can drastically increase the amount of VMs per ESX host โ€“ all without reducing the security posture of the VM. Which means one thing for VMware customers โ€“ increased ROI (and security!) in their virtual infrastructure.Savings on improved VM density:VDI: 50% more VDIsVirtual servers: 20 โ€“ 30% more virtual serversSavings during initial deployment:Where Deep Security saves significant setup time is when customers need to install multiple separate point security solutions โ€“ for example, for separate solutions such as anti-virus, host firewall, host IPS, and integrity monitoring. By providing these technologies in a single integrated virtual appliance, Deep Security reduces overall setup time relative to other market alternatives that deploy multiple agent-based solutions.Savings in on going management:Faster deployment on new VMsVirtual patching
  • #25ย Datacenter extension into the cloud โ€“ Workloads like Web or mail. Challenges with visibility and policy with the workloads and extension of networkDS โ€“ Allowing visibility into physical, virtual, cloud assetsBeing able to assign and enforce security policies across these workloads.
  • #26ย Each of these platforms has unique security concerns. With physical machines, the manageability of various security solutions can be an issue.There can be a glut of security productsโ€”either through excessive layering or overly specialized products. This increases hardware and software costs. Also, management across the different products can be difficult โ€“ causing security gaps. And collectively these issues create a higher Total Cost of Ownership.The solution is to reduce complexity by consolidating security vendors and correlating protection.[click]With virtualization, the risks pertain to both performance and threats specific to virtual environments. There is a concern that security will reduce performance, which reduces the ROI of a virtual infrastructure. Also there are unique virtual machine attacks, such as inter-VM threats. Here the solution is increased efficiencyโ€”security that optimizes performance while also defending against traditional as well as virtualization-specific threats. [click]With cloud services, the risks pertain to less visibility and cloud-specific threats. Companies are concerned about having less visibility into their applications and data. And they are concerned about increased external threats, especially in multi-tenant environments.For the cloud, businesses need security that allows them to use the cloud to deliver IT agility. Data must be able to safely migrate from on-premise data centers to private clouds to public clouds so organizations can make the best use of resources. [click]As weโ€™ll see later, all of these concerns can be addressed. And through protection that is provided in an integrated security solution all managed through one console. With cross-platform security, youโ€™ll stay protected as your data center and virtual or cloud deployments evolve, allowing you to leverage the benefits of each platform while defending against the threats unique to each environment.