Presentation on theme: "Matt Hubbard Regional Product Marketing Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud With a Smart Protection."— Presentation transcript:
Matt Hubbard Regional Product Marketing firstname.lastname@example.org Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud With a Smart Protection Strategy Confidential | Copyright 2012 Trend Micro Inc.
Amount of data needing protection will grow by a factor of 90 by 2020 -IDC Data Everywhere – Is It Protected? Only 20% of Virtual systems use Virtualization specific security tools. Computer Security Institute 2010/2011 Computer Crime and Security Survey 72% of server workloads will be virtualized By 2014
Worm Outbreaks Vulnerabilities 2001 The Changing Threat Landscape Copyright 2013 Trend Micro Inc. Worm Outbreaks Vulnerabilities DAMAGE CAUSED 20012004200520072003 Spyware Intelligen t Botnets Web Threats Spam Mass Mailers Worm Outbreaks Vulnerabilities Now Targeted Attacks Now it’s personal! Financially motivated Targeting valuable information Now it’s personal! Financially motivated Targeting valuable information
Copyright 2013 Trend Micro Inc. Source: Trend Micro, tested on 6 th October, 2011, and 8 th June 2012 using the latest endpoint products with the latest pattern at the time of testing 200 MB June 2012 Oct 2011 289 MB Competitor A 34MB Trend Micro June 2012 Oct 2011 33 MB 34 MB 100 -- 200 -- 300 -- Endpoint Malware Definition Size (MB) Competitor B June 2012 Oct 2011 122 MB 156 MB IT Admin Security
Copyright 2013 Trend Micro Inc. Collects Protects Identifies GLOBAL THREAT INTELLIGENCE DAILY STATS: 200M threats blocked 50M malicious URL’s 700K cloud email entries 1.4B whitelist queries 80M malicious files Email Reputation Web Reputation File Reputation Whitelisting Vulnerabilities & Exploits Mobile App Reputation Network Traffic Rules Threat Actor Research
Copyright 2013 Trend Micro Inc. 2.4B Internet Users 1 1 Trillion+ URLs indexed by Google 2 665M Web Sites 3 1B Facebook Users 4 427M Smart Phones Sold Last Year 5 54% of Facebook Access is via Mobile 6 Sources – 1: Internet World Stats, Dec 2012; 2: Google, 2008; 3: NetCraft Site Data, July 2012; 4: Facebook, Oct 2012; 5: Gartner 2012; 6: SocialBakers, May 2012;
Stretching Networks Perimeters So Network Security Must Be Elastic to Stretch with the Network Mobile User Remote Office Internet New Perimeter IaaSSaaS Main Campus Old Perimeter Security Scanning Cloud Central Security Policy VPN
My Campus Network My Cloud Network My Branch Network My Mobile Network V V V V V V 100 Employees 6 Months Onsite Services Christmas Season Ad Campaigns The Elastic Network
Data System Data System My Campus Network Data System My Branch Network My Mobile Network Data System Data System Data System Data System Data System Data System My Cloud Network Data System Data System My Campus Network Data System My Branch Network My Mobile Network Data System Data System Data System Data System Data System Data System My Cloud Network Because the perimeter is elastic, systems and data are more vulnerable to attack. Protecting this “Spectrum of Computing” means Securing the Elastic Network and data in motion and at rest.
The “Spectrum of Computing ” Security for Elastic Networks & User Environments Laptops, Dtops Smart Phones Handhelds Tablets, Social Media… Laptops, Dtops Smart Phones Handhelds Tablets, Social Media… Physical & Virtual Servers & Desktops…. Physical & Virtual Servers & Desktops…. Private & Public Cloud SaaS, PaaS, ITaaS... Private & Public Cloud SaaS, PaaS, ITaaS... Cloud Endpoints Endpoint Oriented Products Server/Gateway Oriented Products Cloud & Virtual Oriented Products Deep Security Secure Cloud… Deep Security Secure Cloud… Deep Security Server Protect Portal Protect IMS/IWS…. Deep Security Server Protect Portal Protect IMS/IWS…. OfficeScan, DLP Encryption WorryFree... OfficeScan, DLP Encryption WorryFree... Effective Security Must Span From “Endpoint-to-Cloud” Devices, Systems, Data, Applications
Integrated Security Across Platforms Traditional Outside-in Model of Perimeter Defense Layer protection from outside in keeps threats as far away as possible! Outside-InSecurity
Data Protection Data Self-Secured Workload Local Threat Intelligence When-Timeline Aware Who-Identity Aware Where-Location Aware What-Content Aware User-defined Access Policies Encryption All network-connected data must be able to defend itself from attacks Integrated Security Across Platforms Virtual and Cloud Oriented Inside-out Security Inside-OutSecurity EndpointsDatacenters
Typical AV Console 3:00am Scan Antivirus Storm Automatic security scans overburden an entire system whether multi-tenant server or VDI host system Virtualization Security Challenge: Resource Contention – Desktop or Server
Reactivated and cloned VMs can have out-of-date security Dormant Virtualization Security Challenge: Instant-on Gaps Active Reactivated with out dated security Cloned
VM sprawl inhibits compliance Virtualization Security Challenge: Complexity of Management Patch agents Rollout patterns Provisioning new VMs Reconfiguring agents
Attacks can spread across VMs Virtualization Security Challenge: Inter-VM Attacks / Blind Spots
Antivirus Integrity Monitoring AgentlessSecurityforVMware—Beyond Antivirus Agentless Security for VMware—Beyond Antivirus VM The Old Way Security Virtual Appliance VM With Agentless Security VM Intrusion Prevention Virtual Patching Firewall Web Application Protection Virtualization Security What is the Solution? A Dedicated Security Virtual Appliance VM Maximizes Performance and ROI
vShield Endpoint Security Virtual Machine Other VMware APIs Security agent on individual VMs Integrates with vCenter Antivirus Agentless IDS / IPS Web Application Protection Application Control Firewall Log Inspection Agent-based Trend Micro Deep Security Integrity Monitoring vSphere Virtual Environment 1 Virtualization Security Fit for the VMware Ecosystem
Cost Reduction & Consolidation In the Cloud: Who Has Control? Who is responsible for security ? With IaaS the customer is responsible for VM-level security With SaaS or PaaS the service provider is responsible for security Public Cloud PaaS Public Cloud IaaS ServersVirtualization & Private Cloud End-User (Enterprise) Service Provider Public Cloud SaaS
Amazon Web Services™ Customer Agreement 4.2 Other Security and Backup. You are responsible for properly configuring and using the Service Offerings and taking your own steps to maintain appropriate security, protection and backup of Your Content, which may include the use of encryption technology to protect Your Content from unauthorized access and routine archiving Your Content. http://aws.amazon.com/agreement/#4 (30 March 2011) The cloud customer has responsibility for their data security and needs to plan for this.
What is there to worry about? Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Use of encryption is rare: Who can see your information? Virtual volumes and servers are mobile: Your data is mobile — has it moved? Rogue servers might access data: Who is attaching to your volumes? Rich audit and alerting modules lacking: What happened when you weren’t looking? Encryption keys remain with vendor: Are you locked into a single security solution? Who has access to your keys? Virtual volumes contain residual data: Are your storage devices recycled securely?
Compliance 23 Template Integrity VM Isolation Real-time Protection Data Protection What is the Solution? Security that Travels with the VM Self-Defending VM Security in the Cloud Agent on VM - can travel between cloud solutions One management portal for all modules SaaS security deployment option
SecureCloud – Securing Data in the Cloud Encrypts data in public or private cloud environments –Military grade, FIPS 140-2 compliant encryption to 256-bits Manages encryption keys –Typically a very tedious, detailed and expensive process –Application upkeep offloaded to trusted partner Authenticates servers requesting access to data –Policy-based system gives wide range of factors on which key deployment decisions are made –Delivers keys securely over encrypted SSL channels Audits, alerts, and reports on key delivery activities –Multiple reports and alerting mechanisms available
VM Data Center Private Cloud Public Cloud VMware vCloud VMware vSphere Encryption throughout your cloud journey— data protection for virtual & cloud environments Cost Reduction & Consolidation 1 Cloud Security Fitting Encryption into a VMware Ecosystem Enterprise Key Key Service Console Encryption Solution
VM VMware Virtualization Security Virtual Appliance VM Agentless security Layered server security Encryption for vSphere Private Cloud Agentless security Layered server security Security Virtual Appliance VM Public Cloud Server security console Shared policy profile Vulnerability shielding VM Encryption for vCloud Compliance support (FIM, Encryption, etc.) Encryption console Shared policy profile Key ownership Encryption for leading cloud providers Compliance support (FIM, Encryption, etc.) Agent-based security Layered server security VM Virtualization and Cloud Security One Security Model
Copyright 2013 Trend Micro Inc. Data Center Physical Virtual Private CloudPublic Cloud Cloud and Data Center Security Anti-Malware Integrity Monitoring Encryption Log Inspection Firewall Intrusion Prevention Data Center Ops Security
Copyright 2013 Trend Micro Inc. Source: IDC, 2012 Worldwide Corporate Endpoint Server Security Revenue Share by Vendor, 2011 Trend Micro 27% VMware Technology Alliance ‘Partner of the Year’