Post on 18-Nov-2014
description
transcript
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
JD Sherry– Global Director Public Technology and Solutions
twitter @jdsherry
jd_sherry@trendmicro.com
How to Simplify – Automate and Optimize for a Secure Virtual Environment
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
PhysicalDesktops & Servers
DesktopVirtualization
Server Virtualization
Private Cloud
Hybrid Cloud Public Cloud
Mobile
BYOPC
Your Data’s Journey in the Cloud
Where is Your Data?
Trend Micro Global Protection
Trend Micro protects
100% of the top 10 automotive
companies.
Trend Micro protects
96% of the top 50 global
corporations.
Trend Micro protects
100% of the top 10 telecom companies.
Trend Micro protects
80% of the top10 banks.
Trend Micro protects
90% of the top10 oil companies.
• Smart Protection Network – A Global Sensor-Net that gathers, analyzes threats and dynamically shares results with Trend products around the globe
• Total Number of Queries 2008 – 8bil Today – 3.9tril• Total Number of Blocks 2008 – 800mil Today – 73.6bil• Daily Avg. Sensors 2008 – 5mil Today – 27mil
Trust Trend Micro security solutions*
* In calculating the above data, the percentage use of Trend Micro products include usage by parent companies and/or usage by any of their subsidiaries of any Trend Micro product or service.
Virtual CloudPhysical
Cross-platform Security
One Security Model is Possible across Physical, Virtual, and Cloud Environments
• New platforms don’t change the threat landscape
• Each platform has unique security risks
• Integrated security is needed across all platforms
Platform-specific Security Risks
One Security Model is Possible across Physical, Virtual, and Cloud Environments
Visibility & Threats
• Less visibility
• More external risks
Performance & Threats
• Traditional security degrades performance
• New VM-based threats
Manageability
• Glut of security products
• Less security
• Higher TCO
Virtual CloudPhysical
Increase Efficiency Deliver AgilityReduce Complexity
Integrated SecuritySingle Management Console
Today’s Cloud Includes Integrated Stack Vendors
04/08/2023 Copyright 2012 Trend Micro Inc.
• What are integrated stack vendors?
Solutions comprised of storage, networking and software for next-gen
datacenters and VDI that have done due diligence for VMware and Trend
solutions – examples are Cisco, EMC, NetApp, VCE
• What’s the VMware angle?
All of these solutions either offer VMware as the main virtualization part of the
stack (NetApp, Cisco, EMC), or standardize on VMware (VCE)
• How is this important to a Customer?
Trend is the selected virtualization security partner of choice for the above
vendors via technical validations of Deep Security on VMware-based stacks
All testing has been done on these platforms – so you don’t have to…
• VCE
DS certified for Vblock in April 2012
• Cisco
Validated by Cisco UCS in Aug 2012
Approved for Cisco SIP (when sold with UCS) in Oct 2012
CVD granted on FlexPod architecture in Q4 2011
• EMC
Validation for VSPEX coming in Q1 2013
• NetApp
DS validated for FlexPod via Cisco CVD
(Cisco Validated Design) status
7
Integrated Stack Vendors
Physical
Consolidate Physical Security
Reduce Complexity
Advanced Reporting Module
Single ManagementConsole
Firewall
HIPS / Virtual
Patching
Integrity MonitoringAntivirus
Log Inspection
Web Application Protection
One Server Security Platform
Reduce Complexity
Virtual
Server and Desktop Virtualization Security
Increase Efficiency
Typical AV
Console3:00am Scan
Antivirus Storm
Automatic security scans overburden the system
Virtualization Security
Challenge: Resource Contention
Reactivated and cloned VMs can have out-of-date security
Dormant
Cost Reduction & Consolidation1 Virtualization Security
Challenge: Instant-on Gaps
Active
Reactivated without dated security Cloned
VM sprawl inhibits compliance
Cost Reduction & Consolidation1 Virtualization Security
Challenge: Complexity of Management
Patch agents
Rollout patterns
Provisioning new VMs
Reconfiguring agents
Attacks can spread across VMs
Cost Reduction & Consolidation1 Virtualization Security
Challenge: Inter-VM Attacks / Blind Spots
• Antivirus• Integrity Monitoring
Agentless Security for VMware — Antivirus and more
VM VM VM
The Old Way
Security Virtual
ApplianceVM VM VM
With Agentless Security
VM
• Intrusion Prevention• Virtual Patching
• Firewall• Web Application Protection
Virtualization Security
What is the Solution? Trend Micro Deep Security With a Dedicated Security Virtual Appliance
VM VM VM VMVM VM
Maximizes Performance and ROI
Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations
Traditional AV
Agentless AV
0 10 20 30 40 50 60 70 80
VM servers per host
75
25 3X higher VDI VM consolidation ratios
3-year Savings on 1000 VDI VMs = $539,600
Virtualization Security
Increased ROI with Deep Security
Example: Agentless Antivirus
Trend Micro
Confidential-NDA
Required
• AWS and vCloud API integration– Single management pane-of-glass between VM’s in internal VMware
datacenters, VPC’s, and public clouds
• Hierarchical policy management– Inheritance enables customized policies for different VM’s or
datacenters, while central IT can mandate compliant baseline settings
Extending Datacenter Security to Hybrid Cloud
Trend Micro
Confidential-NDA
Required
Multi-tenant Deep Security Manager architected for key attributes of cloud computing*:
• Resource-pooling – independent tenant policies/data for shared, multi-tenant clouds
• Elasticity - Automated deployment of components to cloud scale
• Self-service – Policies can be delegated by cloud admin to tenants through self-service GUI
• Broad network access – Web-based console built on RESTful APIs for extensibility and integration with broader cloud management frameworks
Address the Software Designed Datacenter (SDDC) with easy replication of security policies, a single pane of glass for management and automation of policy deployment throughout your cloud environment
*e.g. NIST definition of Cloud Computing
Extending to cloud scale
Agile Security Management for the Cloud
Trend Micro
Confidential-NDA
Required
• Support for latest vSphere and vShield platform capabilities– 4th-generation enhancements across broad agentless security suite
• Improved performance– Antivirus and integrity scan caching/de-dupe across VMs
• Significant storage I/O benefits for further VDI consolidation– Tuning of IPS policies to guest applications(s)
• Stronger protection– Hypervisor boot integrity – chain of
trust from VM file integrity to H/W– Application-aware targeting of IPS
policies (agentless recommendation)
Deeper Integration with VMware
vShieldEndpoint
APIs
AntivirusWeb reputation
Agentless2
Security Virtual
Machine
vSphere
Agentless
VMsafeAPIs
1
Security agent on individual VMs
Log inspection4
Agent-based
Integrates with
vCenter
Trend Micro Deep Security
Integrity monitoringvShield
Endpoint APIs
3Agentless
Integrates with Intel TPM/TXT
vCloud
Integrates with
vCloud
Intrusion preventionFirewall
• 5 years of collaboration and joint product innovation• First agent-less security platform• First security that extends from datacenter to cloud• Hypervisor Integrity Monitoring
Integration with Vmware API’s
Patient Medical RecordsCredit Card Payment
InformationSensitive Research ResultsSocial Security Numbers
Encryption with Policy-based Key Management
• Data is unreadable to unauthorized users
• Policy-based key management controls and automates key delivery
• Server validation authenticates servers requesting keys
SecureCloudDeep Security 9
Modular protection for servers and applications
• Self-Defending VM Security in the Cloud
• Agent on VM allows travel between cloud solutions
• One management portal for all modules
Context Aware
Data Protection in the Cloud – Systems, Apps, Data
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
Agentless Anti-virus Case Study:The Medical Center of Central Georgia
Business Results:
• Improved consolidation ratios—13/1 for servers
• Reduced provisioning time for servers from average of 2.5 hours to 20 minutes, desktops 1.5 hours to 20 minutes
• More reliable and automated security to meet compliance with savings of over $2,000,000 in OPEX
Solution:• Deep Security VDI & Server
Agentless Antivirus• DLP
431 VMs on 32 Host Machines 4000 PCs
80 VDI Desktops
The Medical Center of Central Georgia
World Class Care – right where you need
it.
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
Agentless Anti-virus Case Study:The Medical Center of Central Georgia
“VMware and Trend Micro are moving in the right direction, by partnering on compatible products and suites. With the new platforms and security, thebig picture is coming together.”
Ty SmallwoodInformation Services Security OfficerMedical Center of Central Georgia
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
Agentless Anti-virus Case Study:ACXIOM – A Marketing Services Firm
Business Results:
• Needed to improve the speed and simplify a complex security-audit process
• Requirement to reduce expenditures, saved approximately $200,000 annually (software contracts and staff salary)
• Provide an environment that support business growth, revenue generation
Solution:• Deep Security
Agentless Antivirus $1.16bil MarketingServices Firm
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
Agentless Anti-virus Case Study:ACXIOM – A Marketing Services Firm
“Using vShield vApp, we built flows and firewall-type rules to control low-level traffic,” Nelson says. “vShield Endpoint, integrated with VMware partner Trend Micro’s Deep Security 8 solution, allowed us to protect our machines from malware at a much lower level than before.”
Brandon Nelson
Team Leader and Systems Engineer
Acxiom
$1.16bil MarketingServices Firm
Hypervisor-integrated agentless antivirus released 11/2010
1000 agentless security customers in the first year
Over 250,000 VMs are licensed for agentless antivirus
Agentless FIM released in 2012
Multiple agentless security modules available
Most dense deployment is 300 VMs/host by VMware in 2011
“Deep Security provides a robust set of tools to add to your toolbox. The perceived performance improvement is visible to the naked eye.” - Ed Haletky, Virtualization Practice (www.virtualizationpractice.com)
Cost Reduction & Consolidation1 Deep Security Agentless Security
Trend Micro Market Momentum
Security Virtual
ApplianceVM VM VM
With Agentless Security
VM
Virtualization Security
What is the Solution? Layered, Virtualization-Aware Security in One Platform
VM VM VM VMVM VM
Maximizes Performance and ROI
Deep Security Integrated Modules:
• Antivirus
• Integrity Monitoring
• Intrusion Prevention
• Web Application Protection
• Application Control
• Firewall
• Log Inspection
SimplifiedManagement
HigherDensity
OptimizedResources
StrongerSecurity
vShieldEndpointSecurity
Virtual Machine
Other VMware
APIs
Security agent on individual VMs
Integrates with
vCenter
Antivirus
Agentless
Agentless
IDS / IPS
Web Application Protection
Application Control
Firewall
Log Inspection
Agent-based
Trend Micro Deep Security
Integrity Monitoring
vSphere Virtual Environment
Cost Reduction & Consolidation1 Virtualization Security
Fitting into the VMware Ecosystem
Cloud Deployments and Security
Deliver Agility
Cloud Computing
Who is responsible for security?• With IaaS the customer is responsible for VM-level security
• With SaaS or PaaS the service provider is responsible for security
Public CloudPaaS
Public CloudIaaS
Servers Virtualization & Private Cloud
End-User (Enterprise) Service Provider
Public CloudSaaS
Cost Reduction & Consolidation1 Cloud Security
Cloud Models: Who Has Control?
100110111000101
Cost Reduction & Consolidation1 Cloud Security
Challenge: Data Destruction
When data is moved, unsecured data remnants can remain
100110111000101
10011 000101
Patient Medical RecordsCredit Card Payment
InformationSensitive Research ResultsSocial Security Numbers
• Unreadable for unauthorized users
• Control of when and where data is accessed
• Server validation
• Custody of keys
Data SecurityEncryption
with Policy-based Key Management
Server & App Security Modular Protection
• Self-defending VM security
• Agentless and agent-based
• One management portal for all modules, all deployments
vSphere & vCloud
Cost Reduction & Consolidation1 Cloud Security
What is the Solution? Data Protection
Integration ensures servers have up-to-date security before encryption keys are released
VM VM VM VMVM VM VM VMVM VM VM VM
Data Center Private Cloud Public Cloud
VMware vCloud
VMware vSphere
Encryption throughout your cloud journey—data protection for virtual & cloud environments
Cost Reduction & Consolidation1 Cloud Security
Fitting Encryption into a VMware Ecosystem
Enterprise Key
Key Service Console
Trend Micro SecureCloud
Virtual CloudPhysical
Virtualization and Cloud Security
Pulling It All Together
• Do you have one solution for physical, virtual, and cloud servers?
• Does your solution address the risks specific to each platform?
• Are you maximizing your performance for better ROI?
VM
VMware VirtualizationSecurity
Virtual Appliance
VM VM VM VM
• Agentless security
• Layered server security
• Encryption for vSphere
Private Cloud
• Agentless security• Layered server
security
Security Virtual
ApplianceVM VM VM
Public CloudServer security console
• Shared policy profile
• Vulnerability shielding
VM
VM VM VMVM
• Encryption for vCloud• Compliance support
(FIM, Encryption, etc.)
Encryption console
• Shared policy profile
• Key ownership
• Agent-based security
• Layered server security
• Encryption for leading cloud providers
• Compliance (FIM, Encryption, etc.)
VM
Cost Reduction & Consolidation1 Virtualization and Cloud Security
One Security Model
Virtual CloudPhysical
Virtualization and Cloud Security
One Security Model is Possible
• Reduce Your Cost of Operations
• Reduce Your Investment in Management
• Increase Application Stability and Performance
• Achieve Compliance in Virtual and Cloud Environments
• Get Higher Virtualization and Cloud ROI
• Safely Use Private, Public, and Hybrid Clouds
04/08/2023 Confidential | Copyright 2012 Trend Micro Inc.
Thank You!