Deployment of security countermeasures and –processes across public-, private- or hybrid cloud IT implementations.
How to deploy and manage security in dynamic environments - even in highly regulated environments.
Lastly, how security can support rather than interfere with IT management processes.
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Datacenter 2014: Trend Micro - Bill MCGee
1. Security Designed for the Software-Defined
Data Center
3/14/2014 Confidential | Copyright 2013 Trend Micro Inc.
Bill McGee
SVP and General Manager, Cloud and Data Center Security
Trend Micro
March 13, 2014
2. Copyright 2014 Trend Micro Inc.
2
Have you simply
“lifted-and- shifted”
your traditional security to
your software-defined
data center?
3. Copyright 2014 Trend Micro Inc.
3
Many organizations are experiencing the following…
• Minutes to deploy a server…weeks to secure it
• Virtually scale beyond physical limits… until you hit
your security limit
• Servers that share resources…security that consumes it
4. Attackers
Potential Risks
• Vulnerability in server exploited
to introduce malicious code
• Company must restrict
access to certain applications
• Admin makes changes to
known good configuration
• Hacker attempts a SQL
injection attack
• Brute force authentication
attack is executed
5. Software-defined data center changes the game
The opportunity:
Automate and
optimize security as
part of your data
center operations
Copyright 2014 Trend Micro Inc. 5
6. Security principles remain the same;
APPROACH to security must change
CONTEXT Workload and application-aware
SOFTWARE Security that evolves with the data center
PLATFORM Single platform for data center and cloudSiloed
Generic
Hardware
ADAPTIVE Intelligent, dynamic policy enforcement
Automated provisioning specific to platform
Static
3/14/2014Copyright 2014 Trend Micro Inc. 6
7. New approach can improve data center operations
Provision security automatically within a data center
Manage security effectively and efficiently as you scale
Optimize data center resources
Copyright 2014 Trend Micro Inc. 7
Extend to cloud with confidence
8. Provisioning securely within a dynamic data center
How do you:
• Secure the VM the moment it is provisioned?
• Apply the right policies to that VM?
• Reduce the time to provision without
compromising on security?
• Securely bring up/down/move your VMs?
Copyright 2014 Trend Micro Inc. 8
10. New approach can improve data center operations
Provision security automatically within a data center
Manage security effectively and efficiently as you scale
Optimize data center resources
Copyright 2014 Trend Micro Inc. 11
Extend to cloud with confidence
11. Management Challenge: Keeping up-to-date
How do you:
• Quickly and easily identify an issue?
• Keep up to date with patches?
• Manage multiple controls as you execute your
strategy for your data center and cloud?
Copyright 2014 Trend Micro Inc. 12
12. Protect even before you patch
• Protect against
vulnerability exploits
before patches available
• Save money avoiding
costly emergency patching
• Patch at your convenience
Vulnerability Disclosed or
Exploit Available
Patch
Available
Complete
Deployment
Test
Soak
Exposure
Begin
Deployment
PatchedTrend Micro Virtual Patching
Copyright 2014 Trend Micro Inc. 14
13. New approach can improve data center operations
Provision security automatically within a data center
Manage security effectively and efficiently as you scale
Optimize data center resources
Copyright 2014 Trend Micro Inc. 15
Extend to cloud with confidence
14. Optimized for your virtual environments
Network Usage
Scan Speed
CPU/Memory Usage
IOPS
Storage
ESXi
SAN
Copyright 2014 Trend Micro Inc. 17
15. Proven impact on data center resources
18
Scan
Cache
*All results based on internal testing using VMware View simulators
Up to 20X Faster*
Full Scans
Up to 5X Faster
Realtime Scans
Up to 2X Faster
VDI Login
Copyright 2014 Trend Micro Inc. 18
16. New approach can improve data center operations
Provision security automatically within a data center
Manage security effectively and efficiently as you scale
Optimize data center resources
Copyright 2014 Trend Micro Inc. 19
Extend to external or public cloud with confidence
17. Public Cloud: Affects every organization
Public cloud extension of Private Cloud by I.T. (Bursting)
Business groups Bypass IT to use Public Cloud
Private Cloud forced to take on attributes of
Public Cloud (ITaaS)
Copyright
2013 Trend20
18. Security in the cloud is a Shared Responsibility
Partner Eco-System
• Operating Systems
• Application
• Security Groups
• OS Firewalls
• Anti-Virus
• Account Management
• Storage Encryption
• Facilities
• Physical Security
• Physical Infrastructure
• Virtualized Infrastructure
Customer
Domain
AWSDomain
Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure
Edge
Locations
Availability Zones
Regions
Enterprise Applications
Enterprise Operation Systems
19. Cloud Deployment Dynamics
Instance Awareness
• Dynamic real-time security
visibility and response
Complexity
• Supporting multi-region
and global deployments
Scale & Automation
• Elastic services and
applications managed with
new tools Data Protection
• Protection of all data across
boot & data volumes
Purchasing
• Ability to purchase
security aligned to cloud
models
20. Common Management & Reporting
Security platform for the modern data center
3/14/2014Copyright 2014 Trend Micro Inc. 25
Data Center
Physical Virtual Private Cloud Public Cloud
• Address security across ALL your environments
• Comprehensive security to address varying risk
Log
Inspection
Anti-
Malware
Intrusion
Prevention
Host
Firewall
Integrity
Monitoring
21. 100% of the
top 10 automotive
companies.
96% of the top
50 global
corporations.
100% of the
top 10 telecom
companies.
80% of the top
10 banks.
90% of the top
10 oil companies.
Global Threat Intelligence
New malware every ½ second
CEO
Founded
Headquarters
Employees
Offices
2012 Sales
Eva Chen
1988, United States
Tokyo, Japan
5,137
36
$1.2B USD
A world safe for exchanging
digital information
Copyright 2014 Trend Micro Inc. 26