Security Past, Present and Future - Securing Your Evolving Infrastructure
Tarun Gupta- Regional Solutions Architect
© 2019 Trend Micro Inc.2
Enhances security by providing the most secure virtualization infrastructure, with APIs & certification programs
Enhances virtualization by providing security solutions architected to fully leverage VMware virtualization offerings
Trend Micro Deep Security & VMware
Support for introspection and network
traffic via hypervisor
FIRST to support
VMware vShield
Deep Security the ONLY fully
agentless security platform
2011 2012 2013 2014 2015 2016
Deep Security support for
vSphere 5.1, Horizon VDI
Deep Security 9 adds UNIQUE
security recommendation scan for securing vSphere, vCloud,
Horizon VDI
Deep Security 9.5 FIRST to
support file & network security for NSX, vCloudAir and vCenterOps integration
Support for Horizon DaaS
Deep Security 9.6 support for
vSphere 6 & NSX
FIRST/ONLYintegration with
vROPS 6.0
Support for Log Insight
Deep Security 9.6 support for
NSX 6.2.4 (expanded licensing)
2009-10
Deep Security 10 simplifies the
process of securing
workloads across the SDDC and
the cloud, delivering a
single security tool optimized
for VMware Cloud™
on AWS
2017
Years of joint innovation…
© 2019 Trend Micro Inc.4
First and only agentless security suite for the VMware hypervisor
Year 2009 - 2011
OSKernel
BIOS
ESX 4.1
vSphere Platform
Guest VM
OS
Trend MicroDeep Security
Manager
vShield Endpoint ESX Module
vCenter
Thin Driver
vShield Manager 4.1
Trend Microproduct
components
vShield Endpoint
Components
VMware Platform
APPsAPPsAPPs
Deep Security Virtual Appliance
Anti-Malware
- Real-time Scan- Scheduled & Manual Scan
Network Security
- IDS/IPS- Web App Protection- Application Control- Firewall
Trend Microfilter driver
VMsafe-net API
vShield Endpoint API
Legend à
© 2019 Trend Micro Inc.6
ESX5.0
Filter Driver
Agent
(User Mode)
dom(s)
Protected VMs
(with VMware Tools
+ EPSEC)
VM Network
DVS/vSwitch
Mgmt
vSwitch
EPSec Mux
Service
VMW Tools
Thin Agent
Control/
File
Service
vNIC
AU
Mgmt
vNIC
Ds_filterDs_am
VSAPI iCRC
EPSec
Network Engine
(Kernel Mode)
DPI
dvfilterFW
DPI Network
Data
vNIC
FW
VMSafe-Net LKM
Protected
vNIC
LinuxCentos6.4/64 bit
iAU
VMCI Driver
IM WRS
Notifier
VMCI
dom(s)
dvfilter-nx
Data
vmci
Vmware
Filter Driver
EPSec
TrendMicro Deep Security 9 with VMware NSX Architecture
Year 2013 - 2014
© 2019 Trend Micro Inc.7
TrendMicro Deep Security extends support with VMware vCloud
Deep Security
Software-DefinedData Center
(Private Cloud)vSphere, vCloud NSX
End User Computing
Horizon Virtual Desktop
Infrastructure (VDI)
vRealizeOperations
Management
OperationsVMware, AWS, Azure
Public Cloud (Multi-cloud) Year 2013- 2015
© 2019 Trend Micro Inc.8
Introduced VMware Cloud on Amazon Web Serviceswith Trend Micro protection for workloads across the data center AND the cloud
Service and support by VMware• Retain existing architecture and investments• Scale workloads instantly• Utilize consistent deployment modelsSecurity and protection by Trend Micro• Visibility of all workloads from one console• Prevent known and unknown threats• Automate deployments, policies, and controls • Minimize point solution security tools• Lower operational costs and maintenance
+
Year 2015-2018
Copyright 2017 Trend Micro Inc.9
Extending TippingPoint to the VMware VMC
Consistent Network Security
Quickly extend TippingPoint security
profiles to your cloud network
Central SMS ManagementComplete visibility and
management of on-premise and cloud security with SMS
Simplified Cloud Deployment
Minimize friction with security that fits
seamlessly into your cloud network fabric
Year 2019
Copyright 2019 Trend Micro Inc.10
Easy to deploy – less operational friction
Transparent Fewer moving pieces Flexible
• Flow-based engine• Stateless deep packet
inspection• Insert and remove
inline without disruption
• Inspect ingress andegress traffic with network efficiency
• Just one pair of EC2 instances-no additional load balancers
• Deploy in line Initial deployment with AWS Transit-Gateway
• Leverage portable licensing
Copyright 2019 Trend Micro Inc.11
Delivering industry leading security
ü Network based virtual patching
ü Trend Micro Research backed protection
ü Integration with Trend Micro solutions
Threats Vulnerabilities & Exploits
Cybercriminal Undergrounds
IoT OT / IIoTAI &Machine Learning
Future Threat Landscape
Targeted Attacks
© 2019 Trend Micro Inc.12
The Undisclosed: Zero Day InitiativePreemptive Protection for “Undisclosed” Vulnerabilities
Public DisclosureVulnerability is submitted to
ZDI
Vulnerability is Patched or
Remains Unfixed
Vendor Response
TREND MICRO TIPPINGPOINT CUSTOMERS PROTECTED AHEAD OF PATCH
OTHER NETWORK SECURITY VENDORS CUSTOMERS AT RISK
Digital Vaccine®Filter Created
Vendor Notified72 DAYS
Average days of zero-day filter coverage from date of
DV filter shipped to ZDI public disclosure in 2017.
© 2019 Trend Micro Inc.13
Vulnerability Research Market 2017 & 2018
* Frost & Sullivan 2017 Report
42% YoY: busiest year ever!
Over 1400 advisories in 2018
VPC
10.201.6.177 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC1VPC
10.202.1.210 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC2VPC
Subnet 1 Subnet 2
Subnet 3 Subnet 4, etc
Future VPC’s
VMC
10.100.0.0/16
10.101.1.0/24 –10.101.5.0/24
10.101.4.10
VPC
IDS / IPS
Firewall / NGFW
Inline services
VPN
AWS Direct Connect *
Account Account Account
Administrative accounts (logging, AWS Organizations, billing, landing zone)
Route tables
Route tables
Transit Gateway East-West + North-South
Available Q1 2019
VMC Integrated Transit Gateway Demo Environment
Back to Slide
Mgmt
Compute
Test VM
US-EAST-1 – Virginia Region
Test Instance10.201.0.0/16 10.202.0.0/16
Test Instance
Trend Micro Deep Security & Cloud Network Protection
Back to Slide
VPC
10.201.6.177 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC1VPC
10.202.1.210 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC2VPC
Subnet 1 Subnet 2
Subnet 3 Subnet 4, etc
Future VPC’sVMC
10.100.0.0/16
10.101.1.0/24 –10.101.5.0/24
10.101.4.10
VPC
TM Cloud Network Security
Inspection VPC
VPN
AWS Direct Connect *
Account Account Account
Route tables
Route tables
Transit Gateway East-West
Available Q1 2019
Mgmt
Compute
Test VM
Test Instance10.201.0.0/16 10.202.0.0/16
Test InstanceVPC
Management VPC
On Prem
On-Premise Network
DSM
DSM
VPC
TM Cloud Network Security
Inspection VPC
East-West
VPCTM Management VPC
DSM
VPC
10.201.6.177 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC1VPC
10.202.1.210 Subnet 2
Subnet 3 Subnet 4, etc
TGW-VPC2VPC
Subnet 1 Subnet 2
Subnet 3 Subnet 4, etc
Future VPC’sVMC
10.100.0.0/16
10.101.1.0/24 –10.101.5.0/24
10.101.4.10
VPN
AWS Direct Connect *
Account Account Account
Route tables
Route tables
Transit Gateway
Available Q1 2019
Mgmt
Compute
Test VM
Test Instance10.201.0.0/16 10.202.0.0/16
Test Instance
On Prem
DSM
On-Premise Network
Trend Micro Deep Security & Cloud Network Protection