SlideShare una empresa de Scribd logo

Your data center is changing. Have your security strategies changed accordingly?

Descargar como PPTX, PDF
Trend Micro (EMEA) Limited
Trend Micro (EMEA) Limited

Understand the security issues and risks for your virtualised data centre and find out ways to enhance your server defenses, implement security solutions that are virtualisation aware and leverage Vmsafe-based solutions to ensure stronger security, faster performance and better manageability. A presentation given by Trend Micro at the IDC Summit in London, Feb 2012

TecnologíaEmpresariales
1 de 19
Your data center is changing. Have your security strategies changed accordingly? John Burroughs CISSP Solutions Architect Copyright 2011 Trend Micro Inc. 1
Security Issues and Risks for your Virtualized Data Center What to look for in a Security Solution for your VDI environment Copyright 2011 Trend Micro Inc. 2
Cross-platform Security Physical Virtual Cloud • New platforms don‟t change the threat landscape • Integrated security is needed across all platforms • Each platform has unique security risks Copyright 2011 Trend Micro Inc. 3
Integrated security is needed across all of these platforms Physical Virtual Cloud • New platforms don‟t change the threat landscape • Integrated security is needed across all platforms • Each platform has unique security risks … with a single management console Copyright 2011 Trend Micro Inc. 4
Threat Environment: High Profile Cases June-2011: Citi Account Online Web portal breached, hackers seized 360,000 customer records including their names, email addresses, and account numbers April -2011: PSN hacked and 77 million records accessed June -2011: Sony Online Entertainment hacked and 24.6 million records compromised. April - 2011: an e-mail marketing service provider lost the email address for customers of over 50 companies including Citibank, JP Morgan Chase, Capital One, TD Ameritrade March-2011: Hackers stole sensitive data related to their SecureID technology … Leading to Lockheed Martin and L-3 Communications networks being compromised Feb-2011: Hackers broke into the Web Portal Directors Desk used by 10,000 Executives of Fortune 500 Companies to share confidential information and documents Fed-2011: Canadian Government compromised by foreign hackers obtaining highly classified Federal Information Copyright 2011 Trend Micro Inc. 5
Security firm - RSA attacked using Excel flash http://downloadsquad.switched.com/2011/04/06/security-firm-rsa-attacked-using-excel-flash-one-two-sucker-punc/ Copyright 2011 Trend Micro Inc.
Perimeter Defense Isn‟t Enough… Empowered Employees Advanced Targeted Threats De-Perimeterization Virtualization, Cloud Consumerization & Mobility Copyright 2011 Trend Micro Inc. Source: Forrester
Assessing Risk in the Cloud Journey IT Production Business Production ITaaS Data destruction 12 Multi-tenancy 11 Diminished perimeter 10 Data access & governance 9 Data confidentiality & integrity 8 Compliance / Lack of audit trail 7 Complexity of Management 6 Resource contention 5 Mixed trust level VMs 4 Instant-on gaps 3 Inter-VM attacks 2 Host controls under-deployed 1 Copyright 2011 Trend Micro Inc. 08-31
Virtualization Security Inhibitors Typical AV Console 3:00am Scan 1 Resource Contention Antivirus Storm Automatic antivirus scans overburden the system Copyright 2011 Trend Micro Inc. 9
Virtualization Security Inhibitors Reactivated with 1 Resource Contention Active out-of-date security New VMs Dormant 2 Instant-on Gaps        Cloned VMs must have a configured agent and updated pattern files Copyright 2011 Trend Micro Inc. 10
Virtualization Security Inhibitors 1 Resource Contention 2 Instant-on Gaps 3 Inter-VM Attacks / Blind Spots Attacks can spread across VMs Copyright 2011 Trend Micro Inc. 11
Virtualization Security Inhibitors Provisioning Reconfiguring Rollout Patch new VMs agents patterns agents 1 Resource Contention 2 Instant-on Gaps 3 Inter-VM Attacks / Blind Spots 4 Complexity of Management VM sprawl inhibits compliance Copyright 2011 Trend Micro Inc. 12
Virtualization Addressing Security Inhibitors Solution: Use Security solutions that 1 Resource Contention are „virtualization aware‟ Solution: Discovery and protection 2 Instant-on Gaps of VMs must be automated Inter-VM Attacks / Blind Spots Solution: Use Network Protection 3 (FW&IDS/IPS) to inspect traffic on a per VM basis Solution: Integration with 4 Complexity of Management virtualization management consoles such as VMware vCenter Copyright 2011 Trend Micro Inc. 13
Virtualization Virtual Desktop Security – What to Look for • Integrates tightly with leading VDI vendors infrastructure • Uses hypervisor API integration to off load security from VM • Provides agentless option • Allows host to be self defending • For AV, Optimizes scanning and pattern update operations • Solution architected to prevent resource contention Copyright 2011 Trend Micro Inc. 14
What is required is a virtualisation- aware security solution Deep Packet Inspection Firewall Security Anti Virus VM Log Inspection Hypervisor Integrity Monitoring Copyright 2011 Trend Micro Inc. Copyright 2009 Trend Micro Inc.
Tolly Report “Full Scan Storm” Load Agent Agent Classification 3/1/2012 Copyright 2011 Trend Micro Inc. 16
Tolly Report “Pattern Update Storm” Load Agent Agent Classification 3/1/2012 Copyright 2011 Trend Micro Inc. 17
Virtualization Aware Security Agentless Protection for AV, Network and Integrity Monitoring The Old Way With Agent-less Protection Security VM VM VM Virtual Appliance VM VM VM VM VM Zero Added Faster Better Stronger Footprint Performance Manageability Security • Zero added footprint: AV, Network Protection and Integrity monitoring in the same Security Virtual Appliance • Order of Magnitude savings in manageability • Virtual Appliance avoids performance degradation from FIM storms 18 Copyright 2011 Trend Micro Inc.
For further information on Trend Micro virtualisation and cloud security solutions, including Trend Micro Deep Security www.trendmicro.co.uk/virtualisation Copyright 2011 Trend Micro Inc.

Recomendados

Thomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationThomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisation
Trend Micro (EMEA) Limited
 
Real-life patch test - vulnerabilities found in one simple server in 6 months
Real-life patch test - vulnerabilities found in one simple server in 6 monthsReal-life patch test - vulnerabilities found in one simple server in 6 months
Real-life patch test - vulnerabilities found in one simple server in 6 months
Trend Micro (EMEA) Limited
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the world
Trend Micro (EMEA) Limited
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
Trend Micro (EMEA) Limited
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
Trend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
Trend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
Trend Micro (EMEA) Limited
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
Barry Feldman
 

Recomendados

Thomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationThomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisation
Trend Micro (EMEA) Limited
 
Real-life patch test - vulnerabilities found in one simple server in 6 months
Real-life patch test - vulnerabilities found in one simple server in 6 monthsReal-life patch test - vulnerabilities found in one simple server in 6 months
Real-life patch test - vulnerabilities found in one simple server in 6 months
Trend Micro (EMEA) Limited
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the world
Trend Micro (EMEA) Limited
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
Trend Micro (EMEA) Limited
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
Trend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
Trend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
Trend Micro (EMEA) Limited
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
Barry Feldman
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
ChristopherTHyatt
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 

Más contenido relacionado

Último

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Último (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Destacado

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 

Destacado (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Your data center is changing. Have your security strategies changed accordingly?

  • 1. Your data center is changing. Have your security strategies changed accordingly? John Burroughs CISSP Solutions Architect Copyright 2011 Trend Micro Inc. 1
  • 2. Security Issues and Risks for your Virtualized Data Center What to look for in a Security Solution for your VDI environment Copyright 2011 Trend Micro Inc. 2
  • 3. Cross-platform Security Physical Virtual Cloud • New platforms don‟t change the threat landscape • Integrated security is needed across all platforms • Each platform has unique security risks Copyright 2011 Trend Micro Inc. 3
  • 4. Integrated security is needed across all of these platforms Physical Virtual Cloud • New platforms don‟t change the threat landscape • Integrated security is needed across all platforms • Each platform has unique security risks … with a single management console Copyright 2011 Trend Micro Inc. 4
  • 5. Threat Environment: High Profile Cases June-2011: Citi Account Online Web portal breached, hackers seized 360,000 customer records including their names, email addresses, and account numbers April -2011: PSN hacked and 77 million records accessed June -2011: Sony Online Entertainment hacked and 24.6 million records compromised. April - 2011: an e-mail marketing service provider lost the email address for customers of over 50 companies including Citibank, JP Morgan Chase, Capital One, TD Ameritrade March-2011: Hackers stole sensitive data related to their SecureID technology … Leading to Lockheed Martin and L-3 Communications networks being compromised Feb-2011: Hackers broke into the Web Portal Directors Desk used by 10,000 Executives of Fortune 500 Companies to share confidential information and documents Fed-2011: Canadian Government compromised by foreign hackers obtaining highly classified Federal Information Copyright 2011 Trend Micro Inc. 5
  • 6. Security firm - RSA attacked using Excel flash http://downloadsquad.switched.com/2011/04/06/security-firm-rsa-attacked-using-excel-flash-one-two-sucker-punc/ Copyright 2011 Trend Micro Inc.
  • 7. Perimeter Defense Isn‟t Enough… Empowered Employees Advanced Targeted Threats De-Perimeterization Virtualization, Cloud Consumerization & Mobility Copyright 2011 Trend Micro Inc. Source: Forrester
  • 8. Assessing Risk in the Cloud Journey IT Production Business Production ITaaS Data destruction 12 Multi-tenancy 11 Diminished perimeter 10 Data access & governance 9 Data confidentiality & integrity 8 Compliance / Lack of audit trail 7 Complexity of Management 6 Resource contention 5 Mixed trust level VMs 4 Instant-on gaps 3 Inter-VM attacks 2 Host controls under-deployed 1 Copyright 2011 Trend Micro Inc. 08-31
  • 9. Virtualization Security Inhibitors Typical AV Console 3:00am Scan 1 Resource Contention Antivirus Storm Automatic antivirus scans overburden the system Copyright 2011 Trend Micro Inc. 9
  • 10. Virtualization Security Inhibitors Reactivated with 1 Resource Contention Active out-of-date security New VMs Dormant 2 Instant-on Gaps        Cloned VMs must have a configured agent and updated pattern files Copyright 2011 Trend Micro Inc. 10
  • 11. Virtualization Security Inhibitors 1 Resource Contention 2 Instant-on Gaps 3 Inter-VM Attacks / Blind Spots Attacks can spread across VMs Copyright 2011 Trend Micro Inc. 11
  • 12. Virtualization Security Inhibitors Provisioning Reconfiguring Rollout Patch new VMs agents patterns agents 1 Resource Contention 2 Instant-on Gaps 3 Inter-VM Attacks / Blind Spots 4 Complexity of Management VM sprawl inhibits compliance Copyright 2011 Trend Micro Inc. 12
  • 13. Virtualization Addressing Security Inhibitors Solution: Use Security solutions that 1 Resource Contention are „virtualization aware‟ Solution: Discovery and protection 2 Instant-on Gaps of VMs must be automated Inter-VM Attacks / Blind Spots Solution: Use Network Protection 3 (FW&IDS/IPS) to inspect traffic on a per VM basis Solution: Integration with 4 Complexity of Management virtualization management consoles such as VMware vCenter Copyright 2011 Trend Micro Inc. 13
  • 14. Virtualization Virtual Desktop Security – What to Look for • Integrates tightly with leading VDI vendors infrastructure • Uses hypervisor API integration to off load security from VM • Provides agentless option • Allows host to be self defending • For AV, Optimizes scanning and pattern update operations • Solution architected to prevent resource contention Copyright 2011 Trend Micro Inc. 14
  • 15. What is required is a virtualisation- aware security solution Deep Packet Inspection Firewall Security Anti Virus VM Log Inspection Hypervisor Integrity Monitoring Copyright 2011 Trend Micro Inc. Copyright 2009 Trend Micro Inc.
  • 16. Tolly Report “Full Scan Storm” Load Agent Agent Classification 3/1/2012 Copyright 2011 Trend Micro Inc. 16
  • 17. Tolly Report “Pattern Update Storm” Load Agent Agent Classification 3/1/2012 Copyright 2011 Trend Micro Inc. 17
  • 18. Virtualization Aware Security Agentless Protection for AV, Network and Integrity Monitoring The Old Way With Agent-less Protection Security VM VM VM Virtual Appliance VM VM VM VM VM Zero Added Faster Better Stronger Footprint Performance Manageability Security • Zero added footprint: AV, Network Protection and Integrity monitoring in the same Security Virtual Appliance • Order of Magnitude savings in manageability • Virtual Appliance avoids performance degradation from FIM storms 18 Copyright 2011 Trend Micro Inc.
  • 19. For further information on Trend Micro virtualisation and cloud security solutions, including Trend Micro Deep Security www.trendmicro.co.uk/virtualisation Copyright 2011 Trend Micro Inc.

Notas del editor

  1. The outside-in approach is still important, but, alone, is not sufficient in today’s evolving data center. Disgruntled employees are already within the perimeter. Advanced Persistent Threats are unique attacks that will not be stopped by many traditional perimeter defenses. And the changing nature of IT is causing deperimeterization with new technologies like virtualization, cloud computing, and consumerization. New security approaches must be added to the traditional outside-in protection.
  2. As you can see as you progress further along you journey the security risks become more. Even in stage 2 where you are deploying Business critical apps in VMs or rolling out VDI security and compliance are key factors.
  3. Next we’ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected.
  4. Now let’s summarize the solutions to the virtualization security inhibitors we just discussed.First, resource contention can be avoided with agent-less AV scans. The dedicated scanning virtual machines can coordinate staggered scans across VMs to preserve host resources. We’ll talk about agent-less AV in more detail a bit later. [click]Second, dedicated scanning virtual machines coordinated with real-time agents within each virtual machine can prevent instant-on gaps. This ensures that virtual machines are secure when dormant and ready to go with the latest pattern updates whenever activated. [click]Third, inter-VM attacks and blind spots can be prevented with VM-aware security that is provided on the virtual machine level, independent of the host machine. [click]Fourth, management complexity can be reduced when VM security is tightly integrated with virtualization management consoles such as VMware vCenter.With integrated, comprehensive, virtualization-aware security, virtualization environments can be as secure as dedicated physical servers. And virtual servers and desktops can be secure without sacrificing performance.