SlideShare una empresa de Scribd logo

Vmug birmingham mar2013 trendmicro

Descargar como PPTX, PDF
D
dvmug1

The document discusses security challenges posed by virtualization and cloud computing. It outlines three stages in the evolution of data centers from consolidation to private and public clouds. This evolution introduces new security challenges including inter-VM attacks, vulnerabilities in dormant or cloned VMs, and difficulties maintaining compliance across complex cloud environments. The document proposes that security solutions need to improve performance in virtual environments, provide visibility across platforms, and integrate management to address threats consistently across physical, virtual and cloud systems.

EmpresarialesTecnología
1 de 25
Giovanni Alberici • EMEA Product Marketing Addressing the new security challenges posed by virtualisation & cloud computing
Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud 15% 30% 70% 85% Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  Data centres are evolving to drive down costs and increase business flexibility The evolving data centre
Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
Cloned  Challenge: Instant-on Gaps    DormantActive Reactivated with out dated security   New, reactivated and cloned VMs can have out-of-date security
Attacks can spread across VMs Challenge: Inter-VM Attacks / Blind Spots
Not Patched   Patched      Virtualization - patching doesn’t go away 6/18/2013 6 Copyright 2012 Trend Micro Inc. “…virtual machine proliferation could soon make it very difficult to maintain compliant environments.” VMware on Patch Management
Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Service Provider (in)Security Multi-tenancy Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
Data security challenges in the cloud Encryption rarely used: - Who can see your information? Storage volumes and servers are mobile: - Where is your data? Has it moved? Rogue servers might access data: - Who is attaching to your storage? Audit and alerting modules lacking: - What happened when you weren’t looking? Encryption keys tied to vendor: - Are you locked into a single security solution? Who has access to your keys? Storage volumes contain residual data: - Are your storage devices recycled securely? Classification 6/18/2013 9 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732…
Challenges for public cloud Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall – Lowest common denominator – less fine grained control Multiple customers on one physical server – potential for attacks via the hypervisor Shared storage – is customer segmentation secure against attack? Easily copied machine images – who else has your server? Internet
Public Cloud: Private Security Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall – Lowest common denominator – less fine grained control Multiple customers on one physical server – potential for attacks via the hypervisor Shared storage – is customer segmentation secure against attack? Easily copied machine images – who else has your server? Doesn’t matter – the edge of my virtual machine is protected Doesn’t matter – treat the LAN as public Doesn’t matter – treat the LAN as public Doesn’t matter – They can start my server but only I can unlock my data Doesn’t matter – My data is encrypted Internet
Copyright 2013 Trend Micro Inc. Data Center Physical Enabling the Data Center (R)evolution Virtual Private Cloud Public Cloud Deep Security Agent/Agentless Anti-Malware Integrity Monitoring Application Control Log Inspection Firewall Virtual Patching Data Center Ops Security By 2016, 71% of server workloads will be virtualized
Any Hypervisor Virtualization Security - Agent Based VMware Hypervisor Virtualization Security - Agentless
Improves system performance1 Eases security administration2 Improves security & compliance3 Advantages of Deep Security for Virtualization Enables workload flexibility4
15 Deep Security Virtual Appliance Improves system performance1 50% more VDIs 20 – 30% more virtual servers
Deep Security 9 Scan Cache • Separate cache for Anti-malware scheduled/on-demand and Integrity Monitoring • Up to 20x improvement for Anti-malware scans between VMs • Reduce resources and overall on-demand scan time for Anti-malware • Reduce overall baseline time for Integrity Monitoring • Great benefits for VDI (VMs are linked clones) 6/18/2013 16Confidential | Copyright 2012 Trend Micro Inc.
Anti-malware Scan Performance 6/18/2013 17Confidential | Copyright 2012 Trend Micro Inc. 1st AM scan 2nd AM scan (cached) Scan time ~ 20x faster Significant DSVA CPU Reduction Huge IO Volume Reduction
18 • Visibility into virtual and cloud environments – vCenter, Active Directory, vCloud, Amazon (AWS) • Automation & Recommendation – Identify unique security controls required – OS, applications, patch-levels, vulnerabilities – Automatically deploy and activate security policies – Example: SAP server requires 28 controls Provisioning Infrastructure vCenter, AD, vCloud and AWS Virtual Appliance Public Cloud Deep Security • Scalable • Redundant SAP Exchange Servers Oracle Web Server Web Server 73 controls 8 controls 28 controls 19 controls 15 controls Linux Server Eases security administration2
6/18/2013 19Confidential | Copyright 2012 Trend Micro Inc.
Global threat intelligence from the cloud … collects 6TB worth of data for analysis … analyses 1.15B new threat samples … identifies 90,000 new threats … blocks 200M threats EVERY 24 HOURS 20 Improves security & compliance3
Patch Management is a Growing Challenge Critical “Software Flaw” Vulnerabilities in 2012 Common Vulnerabilities & Exposures (“CVE”): Score 7-101,764 Almost 7 critical vulnerabilities everyday! 6/18/2013 21Confidential | Copyright 2013 Trend Micro Inc. “Due to the increasing volume of public vulnerability reports, the Common Vulnerabilities and Exposures (CVE) project will change the syntax of its standard vulnerability identifiers so that CVE can track more than 10,000 vulnerabilities in a single year.” http://cve.mitre.org/news/index.html 2012 saw 26% increase in # of vulnerabilities disclosed NSS Labs
22 Virtual Patching with Deep Security Time Vulnerability discovered Over 100 applications shielded including: Operating Systems Database servers Web app servers Mail servers FTP servers Backup servers Storage mgt servers DHCP servers Desktop applications Mail clients Web browsers Anti-virus Other applications  Patch available  Patch tested  Patch deployed Systems at risk! Reduced risk! Virtual patch 
Compliance with Deep Security 23 IDS / IPS Web Application Protection Application Control Firewall Deep Packet Inspection Integrity Monitoring Log Inspection Anti-Malware 5 Protection Modules Defence In Depth Addressing 7 PCI requirements and 20+ sub-controls including:  (1.) Network Segmentation  (1.x) Firewall  (5.x) Anti-Malware  (6.1) Virtual Patching  (6.6) Web App. Protection  (10.6) Daily Log Review  (11.4) IDS / IPS  (11.5) Integrity Monitoring PCI-DSS Compliance
Physical Database Storage Virtual Web Server Mail Server Web Server Enterprise Providers Deep Security Web Access Enables workload flexibility4
Physical Virtual Cloud Manageability Glut of security products Less security Higher TCO Reduce Complexity One Security Model is Possible across Physical, Virtual, and Cloud Environments Integrated Security: Single Management Console Performance & Threats Traditional security degrades performance New VM-based threats Increase Efficiency Visibility & Threats Less visibility More external risks Deliver Agility
Thank You! 6/18/2013 26Confidential | Copyright 2012 Trend Micro Inc.

Recomendados

Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Virtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyVirtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyDeep Ranjan Deb
 
Virtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationVirtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationSeccuris Inc.
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendArrow ECS UK
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureQualys
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 

Recomendados

Cloud Security
Cloud SecurityCloud Security
Cloud SecurityRashmi Agale
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik FergusonCloudExpoEurope
 
Virtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyVirtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyDeep Ranjan Deb
 
Virtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationVirtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationSeccuris Inc.
 
New Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendNew Horizons for End-User Computing Event - Trend
New Horizons for End-User Computing Event - TrendArrow ECS UK
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureQualys
 
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld
 
Cloud security risks
Cloud security risksCloud security risks
Cloud security risksRevital Lapidot
 
Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesVMware
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudRochester Security Summit
 
IANS information security forum 2019 summary
IANS information security forum 2019 summaryIANS information security forum 2019 summary
IANS information security forum 2019 summaryKarun Chennuri
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCarlos Andrés García
 
Mohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environmentsMohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environmentsnooralmousa
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26TT L
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0vivek_kale27
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
Cloud security introduction
Cloud security introductionCloud security introduction
Cloud security introductionCalvin Lee
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
VMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQVMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQRichard Common
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingClinton DSouza
 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunalKashyap Kunal
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
What’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer PresentationWhat’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer PresentationSuministros Obras y Sistemas
 

Más contenido relacionado

La actualidad más candente

Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationQualys
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesVMware
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudRochester Security Summit
 
IANS information security forum 2019 summary
IANS information security forum 2019 summaryIANS information security forum 2019 summary
IANS information security forum 2019 summaryKarun Chennuri
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCarlos Andrés García
 
Mohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environmentsMohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environmentsnooralmousa
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responsesshafzonly
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesJason Chan
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26TT L
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
Cloud security introduction
Cloud security introductionCloud security introduction
Cloud security introductionCalvin Lee
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
VMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQVMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQRichard Common
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingClinton DSouza
 

La actualidad más candente (18)

Avoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediationAvoid Meltdown from the Spectre - How to measure impact and track remediation
Avoid Meltdown from the Spectre - How to measure impact and track remediation
 
Migrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal AgenciesMigrating to the Cloud: Lessons Learned from Federal Agencies
Migrating to the Cloud: Lessons Learned from Federal Agencies
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public Cloud
 
IANS information security forum 2019 summary
IANS information security forum 2019 summaryIANS information security forum 2019 summary
IANS information security forum 2019 summary
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New Reality
 
Mohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environmentsMohammed Al Mulla - Best practices to secure working environments
Mohammed Al Mulla - Best practices to secure working environments
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
Cloud Computing Security Threats and Responses
Cloud Computing Security Threats and ResponsesCloud Computing Security Threats and Responses
Cloud Computing Security Threats and Responses
 
Virtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit PerspectivesVirtualization: Security and IT Audit Perspectives
Virtualization: Security and IT Audit Perspectives
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
 
Csathreats.v1.0
Csathreats.v1.0Csathreats.v1.0
Csathreats.v1.0
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility Strategy
 
Cloud security introduction
Cloud security introductionCloud security introduction
Cloud security introduction
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012
 
VMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQVMware vRealize Network Insight Frequently Asked Questions FAQ
VMware vRealize Network Insight Frequently Asked Questions FAQ
 
Vulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computingVulnerabilities in SaaS layer of cloud computing
Vulnerabilities in SaaS layer of cloud computing
 

Similar a Vmug birmingham mar2013 trendmicro

Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunalKashyap Kunal
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
What’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer PresentationWhat’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer PresentationSuministros Obras y Sistemas
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Presentation copy
Presentation copyPresentation copy
Presentation copyAdel Zalok
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised ComputingIOSR Journals
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudAlert Logic
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudAlert Logic
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing CeleraNetworks
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudAlert Logic
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterVMUG IT
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2rpark31
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Qualys
 

Similar a Vmug birmingham mar2013 trendmicro (20)

Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunal
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
 
What’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer PresentationWhat’s new in VMware vShield 5 - Customer Presentation
What’s new in VMware vShield 5 - Customer Presentation
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computing
 
Presentation copy
Presentation copyPresentation copy
Presentation copy
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus Cloud
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised Computing
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
 
Celera Networks on Cloud Computing
Celera Networks on Cloud Computing Celera Networks on Cloud Computing
Celera Networks on Cloud Computing
 
VAS - VMware CMP
VAS - VMware CMPVAS - VMware CMP
VAS - VMware CMP
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
 
Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2Security automation in virtual and cloud environments v2
Security automation in virtual and cloud environments v2
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
 

Más de dvmug1

V mware
V mwareV mware
V mwaredvmug1
 
E g innovations
E g innovationsE g innovations
E g innovationsdvmug1
 
Nimble storage
Nimble storageNimble storage
Nimble storagedvmug1
 
Andrew bettany slides
Andrew bettany slidesAndrew bettany slides
Andrew bettany slidesdvmug1
 
10 zig
10 zig10 zig
10 zigdvmug1
 
Vmug azure vm_chris guestslides
Vmug azure vm_chris guestslidesVmug azure vm_chris guestslides
Vmug azure vm_chris guestslidesdvmug1
 
Veeam presentation
Veeam presentationVeeam presentation
Veeam presentationdvmug1
 
Freeform dynamics
Freeform dynamicsFreeform dynamics
Freeform dynamicsdvmug1
 
10 zig presentation
10 zig presentation10 zig presentation
10 zig presentationdvmug1
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicrodvmug1
 

Más de dvmug1 (12)

V mware
V mwareV mware
V mware
 
S3
S3S3
S3
 
Hp
HpHp
Hp
 
E g innovations
E g innovationsE g innovations
E g innovations
 
Nimble storage
Nimble storageNimble storage
Nimble storage
 
Andrew bettany slides
Andrew bettany slidesAndrew bettany slides
Andrew bettany slides
 
10 zig
10 zig10 zig
10 zig
 
Vmug azure vm_chris guestslides
Vmug azure vm_chris guestslidesVmug azure vm_chris guestslides
Vmug azure vm_chris guestslides
 
Veeam presentation
Veeam presentationVeeam presentation
Veeam presentation
 
Freeform dynamics
Freeform dynamicsFreeform dynamics
Freeform dynamics
 
10 zig presentation
10 zig presentation10 zig presentation
10 zig presentation
 
Vmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicroVmug birmingham mar2013 trendmicro
Vmug birmingham mar2013 trendmicro
 

Último

Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
DEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxDEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxRodelinaLaud
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechNewman George Leech
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 

Último (20)

Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
DEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docxDEPED Work From Home WORKWEEK-PLAN.docx
DEPED Work From Home WORKWEEK-PLAN.docx
 
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
Nepali Escort Girl Kakori \ 9548273370 Indian Call Girls Service Lucknow ₹,9517
 
Best Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting PartnershipBest Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting Partnership
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman Leech
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 

Vmug birmingham mar2013 trendmicro

  • 1. Giovanni Alberici • EMEA Product Marketing Addressing the new security challenges posed by virtualisation & cloud computing
  • 2. Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud 15% 30% 70% 85% Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  Data centres are evolving to drive down costs and increase business flexibility The evolving data centre
  • 3. Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
  • 4. Cloned  Challenge: Instant-on Gaps    DormantActive Reactivated with out dated security   New, reactivated and cloned VMs can have out-of-date security
  • 5. Attacks can spread across VMs Challenge: Inter-VM Attacks / Blind Spots
  • 6. Not Patched   Patched      Virtualization - patching doesn’t go away 6/18/2013 6 Copyright 2012 Trend Micro Inc. “…virtual machine proliferation could soon make it very difficult to maintain compliant environments.” VMware on Patch Management
  • 7. Security challenges in the cloud Inter-VM attacks Instant-ON gaps Stage 1 Consolidation Stage 2 Expansion & Desktop Stage 3 Private > Public Cloud Servers Desktops Cost-efficiency  + Quality of Service  + Business Agility  15% 30% 70% 85% Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance Service Provider (in)Security Multi-tenancy Inter-VM attacks Instant-ON gaps Mixed Trust Level VMs Resource Contention Maintaining Compliance
  • 8. Data security challenges in the cloud Encryption rarely used: - Who can see your information? Storage volumes and servers are mobile: - Where is your data? Has it moved? Rogue servers might access data: - Who is attaching to your storage? Audit and alerting modules lacking: - What happened when you weren’t looking? Encryption keys tied to vendor: - Are you locked into a single security solution? Who has access to your keys? Storage volumes contain residual data: - Are your storage devices recycled securely? Classification 6/18/2013 9 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732…
  • 9. Challenges for public cloud Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall – Lowest common denominator – less fine grained control Multiple customers on one physical server – potential for attacks via the hypervisor Shared storage – is customer segmentation secure against attack? Easily copied machine images – who else has your server? Internet
  • 10. Public Cloud: Private Security Shared StorageShared Firewall Virtual Servers Shared network inside the firewall Shared firewall – Lowest common denominator – less fine grained control Multiple customers on one physical server – potential for attacks via the hypervisor Shared storage – is customer segmentation secure against attack? Easily copied machine images – who else has your server? Doesn’t matter – the edge of my virtual machine is protected Doesn’t matter – treat the LAN as public Doesn’t matter – treat the LAN as public Doesn’t matter – They can start my server but only I can unlock my data Doesn’t matter – My data is encrypted Internet
  • 11. Copyright 2013 Trend Micro Inc. Data Center Physical Enabling the Data Center (R)evolution Virtual Private Cloud Public Cloud Deep Security Agent/Agentless Anti-Malware Integrity Monitoring Application Control Log Inspection Firewall Virtual Patching Data Center Ops Security By 2016, 71% of server workloads will be virtualized
  • 12. Any Hypervisor Virtualization Security - Agent Based VMware Hypervisor Virtualization Security - Agentless
  • 13. Improves system performance1 Eases security administration2 Improves security & compliance3 Advantages of Deep Security for Virtualization Enables workload flexibility4
  • 14. 15 Deep Security Virtual Appliance Improves system performance1 50% more VDIs 20 – 30% more virtual servers
  • 15. Deep Security 9 Scan Cache • Separate cache for Anti-malware scheduled/on-demand and Integrity Monitoring • Up to 20x improvement for Anti-malware scans between VMs • Reduce resources and overall on-demand scan time for Anti-malware • Reduce overall baseline time for Integrity Monitoring • Great benefits for VDI (VMs are linked clones) 6/18/2013 16Confidential | Copyright 2012 Trend Micro Inc.
  • 16. Anti-malware Scan Performance 6/18/2013 17Confidential | Copyright 2012 Trend Micro Inc. 1st AM scan 2nd AM scan (cached) Scan time ~ 20x faster Significant DSVA CPU Reduction Huge IO Volume Reduction
  • 17. 18 • Visibility into virtual and cloud environments – vCenter, Active Directory, vCloud, Amazon (AWS) • Automation & Recommendation – Identify unique security controls required – OS, applications, patch-levels, vulnerabilities – Automatically deploy and activate security policies – Example: SAP server requires 28 controls Provisioning Infrastructure vCenter, AD, vCloud and AWS Virtual Appliance Public Cloud Deep Security • Scalable • Redundant SAP Exchange Servers Oracle Web Server Web Server 73 controls 8 controls 28 controls 19 controls 15 controls Linux Server Eases security administration2
  • 18. 6/18/2013 19Confidential | Copyright 2012 Trend Micro Inc.
  • 19. Global threat intelligence from the cloud … collects 6TB worth of data for analysis … analyses 1.15B new threat samples … identifies 90,000 new threats … blocks 200M threats EVERY 24 HOURS 20 Improves security & compliance3
  • 20. Patch Management is a Growing Challenge Critical “Software Flaw” Vulnerabilities in 2012 Common Vulnerabilities & Exposures (“CVE”): Score 7-101,764 Almost 7 critical vulnerabilities everyday! 6/18/2013 21Confidential | Copyright 2013 Trend Micro Inc. “Due to the increasing volume of public vulnerability reports, the Common Vulnerabilities and Exposures (CVE) project will change the syntax of its standard vulnerability identifiers so that CVE can track more than 10,000 vulnerabilities in a single year.” http://cve.mitre.org/news/index.html 2012 saw 26% increase in # of vulnerabilities disclosed NSS Labs
  • 21. 22 Virtual Patching with Deep Security Time Vulnerability discovered Over 100 applications shielded including: Operating Systems Database servers Web app servers Mail servers FTP servers Backup servers Storage mgt servers DHCP servers Desktop applications Mail clients Web browsers Anti-virus Other applications  Patch available  Patch tested  Patch deployed Systems at risk! Reduced risk! Virtual patch 
  • 22. Compliance with Deep Security 23 IDS / IPS Web Application Protection Application Control Firewall Deep Packet Inspection Integrity Monitoring Log Inspection Anti-Malware 5 Protection Modules Defence In Depth Addressing 7 PCI requirements and 20+ sub-controls including:  (1.) Network Segmentation  (1.x) Firewall  (5.x) Anti-Malware  (6.1) Virtual Patching  (6.6) Web App. Protection  (10.6) Daily Log Review  (11.4) IDS / IPS  (11.5) Integrity Monitoring PCI-DSS Compliance
  • 24. Physical Virtual Cloud Manageability Glut of security products Less security Higher TCO Reduce Complexity One Security Model is Possible across Physical, Virtual, and Cloud Environments Integrated Security: Single Management Console Performance & Threats Traditional security degrades performance New VM-based threats Increase Efficiency Visibility & Threats Less visibility More external risks Deliver Agility
  • 25. Thank You! 6/18/2013 26Confidential | Copyright 2012 Trend Micro Inc.

Notas del editor

  1. The data centre is evolving. This is a depiction of a customer’s typical virtualization journey from physical to cloud via virtualization.In stage 1, orgs have begun virtualization all of their low hanging fruit – web servers, file and print servers, some app servers, and begun to realize the hardware consolidation and operational management benefits that result in lower CAPX and OPEX costs.In stage 2, they have begun virtualizing more of their tier 1 apps and mission critical servers now. They are also leveraging some of the more advanced capabilities of virtualization such as automatic live migration, disaster recovery and software fault tolerance. Many stage 2 orgs have also started deploying virtual desktops as well.Benefits in stage 2 are even more cost efficiencies plus also higher QoS from the higher level virtualization capabilities.
  2. Next we’ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected. [click]Again the solution is a dedicated security virtual appliance that can ensure that guest VMs on the same host have up-to-date security if accessed or reactivated, and can make sure that newly provisioned VMs also have current security. This security virtual appliance should include layered protection that integrates multiple technologies such as antivirus, integrity monitoring, intrusion detection and prevention, virtual patching, and more. .
  3. I’d now like to highlight a couple of additional virtualization challenges. The next one we’ll discuss today is inter-VM attacks and blind spots. [click]When a threat penetrates a virtual machine, the threat can then spread to other virtual machines on the same host. Traditional security such as hardware-based firewalls might protect the host, but not the guest virtual machines. And cross-VM communication might not leave the host to be routed through other forms of security, creating a blind spot. [click]For the solution, protection must be applied on an individual virtual machine level, not host level, to ensure security. And integration with the virtualization platform, such as VMware, provide the ability to communicate with the guest virtual machines. Also, virtual patching ensures that VMs stay secure until patches can be deployed.
  4. Patching is one of the most significant pain points for every IT department, and it also needs to be addressed in virtual datacenters. Patch cycles, virtual machine proliferation could soon make it very difficult to maintain compliant environments. http://www.vmware.com/virtualization/advantages/virtualization-management/patching.html VMware vCenter Update Manager lets you:Reduce the risks associated with patching hosts by allowing fast rollbacks to a pre-patch stage Eliminate application downtime related to VMware ESX host patching Increase IT administrator productivity with unique automation capabilities Increase flexibility by allowing delayed reboot of virtual machines VMware vCenter Update Manager is a fully integrated module of VMware vCenter Server. It does not require a complex installation or additional infrastructure.
  5. In stage 3, organizations have started leveraging private and public clouds. The IT dept has transformed itself into acting as a service provider with charge-back type processes where consumers of IT are in effect renting computing space and time from IT. Benefits are further cost efficiencies, QoS and faster business agility.As orgs considered their move to stage 3, security was top of mind – IDC survey data shows that it is the #1 issue why orgs will not move to the cloud.
  6. To address the risks of evolving your data center, we have a single platform and administration that secures your physical, virtual and cloud environments.Our solution is open, automated and highly scalable, fitting your existing infrastructure, seamlessly integrating with key applications like VMWare or cloud environments like Amazon Web Services.Like our end user protection solution, this solution is plug-and-play in nature – allowing you to extend and grow your solution as your business needs change.Block and remove malicious software with Anti-Malware.Protect against known and zero-day vulnerabilities with Intrusion Prevention. This provides you with “virtual patching” -- protecting you before you patch.Achieve segmentation of systems and reduce the attack surface with a host-based Firewall.Identify expected and unexpected (malicious) system changes with Integrity Monitoring.Gain additional visibility and correlation of system and application events with Log Inspection. This can be integrated with your existing SIEM for further insight.Protect sensitive data, particularly when using cloud service providers with Encryption.<click>And just like our other solutions, it is powered by our Smart Protection Network, protecting against real-world threats faster.Our Cloud and Data Center Solution protects you on your journey to the cloud – now and in the future.
  7. Let’s look at the example here:Let’s imagine a VMware ESX host with 15 virtual servers running on it, each of which has a locally installed security agent providing e.g. AM, Web Threat Protection, FW, DPI, IM. So what’s the problem with this approach? Simultaneous scanning, updates, network traffic analysis and so on lead to increased resource usage on each VM, and a cumulative resource impact on the ESX host which can be disastrous and lead to outages of the host and – therefore – all of the VMs running on that host. This is turn can result in a combination of the following:Less VMs per ESX hostReduced security on each VMNo security on each VMSo how does Deep Security solve this problem? Deep Security’s agentless protection abilities mean you can drastically increase the amount of VMs per ESX host – all without reducing the security posture of the VM. Which means one thing for VMware customers – increased ROI (and security!) in their virtual infrastructure.Savings on improved VM density:VDI: 50% more VDIsVirtual servers: 20 – 30% more virtual serversSavings during initial deployment:Where Deep Security saves significant setup time is when customers need to install multiple separate point security solutions – for example, for separate solutions such as anti-virus, host firewall, host IPS, and integrity monitoring. By providing these technologies in a single integrated virtual appliance, Deep Security reduces overall setup time relative to other market alternatives that deploy multiple agent-based solutions.Savings in on going management:Faster deployment on new VMsVirtual patching
  8. Datacenter extension into the cloud – Workloads like Web or mail. Challenges with visibility and policy with the workloads and extension of networkDS – Allowing visibility into physical, virtual, cloud assetsBeing able to assign and enforce security policies across these workloads.
  9. Each of these platforms has unique security concerns. With physical machines, the manageability of various security solutions can be an issue.There can be a glut of security products—either through excessive layering or overly specialized products. This increases hardware and software costs. Also, management across the different products can be difficult – causing security gaps. And collectively these issues create a higher Total Cost of Ownership.The solution is to reduce complexity by consolidating security vendors and correlating protection.[click]With virtualization, the risks pertain to both performance and threats specific to virtual environments. There is a concern that security will reduce performance, which reduces the ROI of a virtual infrastructure. Also there are unique virtual machine attacks, such as inter-VM threats. Here the solution is increased efficiency—security that optimizes performance while also defending against traditional as well as virtualization-specific threats. [click]With cloud services, the risks pertain to less visibility and cloud-specific threats. Companies are concerned about having less visibility into their applications and data. And they are concerned about increased external threats, especially in multi-tenant environments.For the cloud, businesses need security that allows them to use the cloud to deliver IT agility. Data must be able to safely migrate from on-premise data centers to private clouds to public clouds so organizations can make the best use of resources. [click]As we’ll see later, all of these concerns can be addressed. And through protection that is provided in an integrated security solution all managed through one console. With cross-platform security, you’ll stay protected as your data center and virtual or cloud deployments evolve, allowing you to leverage the benefits of each platform while defending against the threats unique to each environment.