Date post: | 02-Nov-2014 |
Category: |
Technology |
Upload: | trend-micro-emea-limited |
View: | 587 times |
Download: | 0 times |
Copyright 2011 Trend Micro Inc. 1
John Burroughs CISSP
Solutions Architect
Your data center is changing.Have your security strategies changed accordingly?
Copyright 2011 Trend Micro Inc. 2
Security Issues and Risks for your Virtualized Data Center
What to look for in a Security Solution for your VDI environment
Copyright 2011 Trend Micro Inc.
Cross-platform Security
• New platforms don’t change the threat landscape
• Integrated security is needed across all platforms
• Each platform has unique security risks
Virtual CloudPhysical
3
Copyright 2011 Trend Micro Inc.
Integrated security is needed across all of these platforms
• New platforms don’t change the threat landscape
• Integrated security is needed across all platforms
• Each platform has unique security risks
Virtual CloudPhysical
… with a single management console
4
Copyright 2011 Trend Micro Inc.
Threat Environment: High Profile Cases
Fed-2011: Canadian Government compromised by foreign hackers obtaining highly classified Federal Information
Feb-2011: Hackers broke into the Web Portal Directors Desk used by 10,000 Executives of Fortune 500 Companies to share confidential information and documents
5
March-2011: Hackers stole sensitive data related to their SecureID technology … Leading to Lockheed Martin and L-3 Communications networks being compromised
April -2011: PSN hacked and 77 million records accessedJune -2011: Sony Online Entertainment hacked and 24.6 million records compromised.
April - 2011: an e-mail marketing service provider lost the email address for customers of over 50 companies including Citibank, JP Morgan Chase, Capital One, TD Ameritrade
June-2011: Citi Account Online Web portal breached, hackers seized 360,000 customer records including their names, email addresses, and account numbers
Copyright 2011 Trend Micro Inc.
Security firm - RSA attacked using Excel flash
http://downloadsquad.switched.com/2011/04/06/security-firm-rsa-attacked-using-excel-flash-one-two-sucker-punc/
Copyright 2011 Trend Micro Inc.
AdvancedTargetedThreats
EmpoweredEmployees
De-PerimeterizationVirtualization, Cloud Consumerization & Mobility
Perimeter Defense Isn’t Enough…
Source: Forrester
Copyright 2011 Trend Micro Inc.
IT Production Business Production ITaaS
Data destruction
Diminished perimeter
Compliance / Lack of audit trail
Multi-tenancy
Data access & governance
Resource contention
Mixed trust level VMs
Data confidentiality & integrity
1
2
3
4
5
6
7
8
9
10
11
12
Virtualiz
ation
Adoption R
ate
Assessing Risk in the Cloud Journey
Inter-VM attacks
Instant-on gaps
Host controls under-deployed
Complexity of Management
08-31
Copyright 2011 Trend Micro Inc.
Resource Contention1
Typical AV Console
3:00am Scan
Automatic antivirus scans overburden the system
VirtualizationSecurity Inhibitors
Antivirus Storm
9
Copyright 2011 Trend Micro Inc.
Resource Contention1
Instant-on Gaps2
Active
Dormant Reactivated without-of-date security
New VMs
Cloned VMs must have a configured agent and updated pattern files
VirtualizationSecurity Inhibitors
10
Copyright 2011 Trend Micro Inc.
Resource Contention1
Attacks can spread across VMs
VirtualizationSecurity Inhibitors
Inter-VM Attacks / Blind Spots3
Instant-on Gaps2
11
Copyright 2011 Trend Micro Inc.
Inter-VM Attacks / Blind Spots3
Complexity of Management4
Resource Contention1
Instant-on Gaps2
Patch agents
Rollout patterns
Provisioning new VMs
Reconfiguring agents
VM sprawl inhibits compliance
VirtualizationSecurity Inhibitors
12
Copyright 2011 Trend Micro Inc.
Inter-VM Attacks / Blind Spots3
Complexity of Management4
Resource Contention1
Instant-on Gaps2
VirtualizationAddressing Security Inhibitors
Solution: Use Security solutions that are ‘virtualization aware’
Solution: Discovery and protection of VMs must be automated
Solution: Use Network Protection (FW&IDS/IPS) to inspect traffic on a per VM basis
Solution: Integration with virtualization management consoles such as VMware vCenter
13
Copyright 2011 Trend Micro Inc.
• Integrates tightly with leading VDI vendors infrastructure
• Uses hypervisor API integration to off load security from VM
• Provides agentless option
• Allows host to be self defending
• For AV, Optimizes scanning and pattern update operations
• Solution architected to prevent resource contention
VirtualizationVirtual Desktop Security – What to Look for
14
Copyright 2011 Trend Micro Inc.Copyright 2009 Trend Micro Inc.
What is required is a virtualisation-aware security solution
Hypervisor
Security VM
Deep Packet Inspection
Firewall
Anti Virus
Log Inspection
Integrity Monitoring
Copyright 2011 Trend Micro Inc.Classification 04/08/2023 16
Tolly Report“Full Scan Storm” Load
Agent Agent
Copyright 2011 Trend Micro Inc.
Tolly Report“Pattern Update Storm” Load
Classification 04/08/2023 17
Agent Agent
Copyright 2011 Trend Micro Inc.18
VM VM VM
The Old Way
Security Virtual Appliance
VM
With Agent-less Protection
BetterManageability
Zero AddedFootprint
FasterPerformance
StrongerSecurity
• Zero added footprint: AV, Network Protection and Integrity monitoring in the same Security Virtual Appliance
• Order of Magnitude savings in manageability• Virtual Appliance avoids performance degradation from FIM storms
Virtualization Aware SecurityAgentless Protection for AV, Network and Integrity Monitoring
VM VM VMVM
Copyright 2011 Trend Micro Inc.
For further information on Trend Micro virtualisation and cloud security solutions, including Trend Micro Deep Securitywww.trendmicro.co.uk/virtualisation