Matt Hubbard Regional Product Marketing Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud Confidential | Copyright 2012 Trend Micro Inc.
Amount of data needing protection will grow by a factor of 90 by IDC Data Everywhere – Is It Protected? Only 20% of Virtual systems use Virtualization specific security tools. Computer Security Institute 2010/2011 Computer Crime and Security Survey 72% of server workloads will be virtualized By 2014
Worm Outbreaks Vulnerabilities 2001 The Changing Threat Landscape Copyright 2013 Trend Micro Inc. Worm Outbreaks Vulnerabilities DAMAGE CAUSED Spyware Intelligent Botnets Web Threats Spam Mass Mailers Worm Outbreaks Vulnerabilities Now Targeted Attacks Now it’s personal! Financially motivated Targeting valuable information Now it’s personal! Financially motivated Targeting valuable information
Stretching Networks Perimeters So Network Security Must Be Elastic to Stretch with the Network Mobile User Remote Office Internet New Perimeter IaaSSaaS Main Campus Old Perimeter Security Scanning Cloud Central Security Policy VPN
The “Spectrum of Computing ” Security for Elastic Networks & User Environments Laptops, Dtops Smart Phones Handhelds Tablets, Social Media… Laptops, Dtops Smart Phones Handhelds Tablets, Social Media… Physical & Virtual Servers & Desktops…. Physical & Virtual Servers & Desktops…. Private & Public Cloud SaaS, PaaS, ITaaS... Private & Public Cloud SaaS, PaaS, ITaaS... Cloud Endpoints Endpoint Oriented Products Server/Gateway Oriented Products Cloud & Virtual Oriented Products Deep Security Secure Cloud… Deep Security Secure Cloud… Deep Security Server Protect Portal Protect IMS/IWS…. Deep Security Server Protect Portal Protect IMS/IWS…. OfficeScan, DLP Encryption WorryFree... OfficeScan, DLP Encryption WorryFree... Effective Security Must Span From “Endpoint-to-Cloud” Devices, Systems, Data, Applications
Integrated Security Across Platforms Traditional Outside-in Model of Perimeter Defense Layer protection from outside in keeps threats as far away as possible! Outside-InSecurity
Typical AV Console 3:00am Scan Antivirus Storm Automatic security scans overburden an entire system whether multi-tenant server or VDI host system Virtualization Security Challenge: Resource Contention – Desktop or Server
Reactivated and cloned VMs can have out-of-date security Dormant Virtualization Security Challenge: Instant-on Gaps Active Reactivated with out dated security Cloned
VM sprawl inhibits compliance Virtualization Security Challenge: Complexity of Management Patch agents Rollout patterns Provisioning new VMs Reconfiguring agents
Attacks can spread across VMs Virtualization Security Challenge: Inter-VM Attacks / Blind Spots
Antivirus Integrity Monitoring AgentlessSecurityforVMware—Beyond Antivirus Agentless Security for VMware—Beyond Antivirus VM The Old Way Security Virtual Appliance VM With Agentless Security VM Intrusion Prevention Virtual Patching Firewall Web Application Protection Virtualization Security What is the Solution? A Dedicated Security Virtual Appliance VM Maximizes Performance and ROI
vShield Endpoint Security Virtual Machine Other VMware APIs Security agent on individual VMs Integrates with vCenter Antivirus Agentless IDS / IPS Web Application Protection Application Control Firewall Log Inspection Agent-based Trend Micro Deep Security Integrity Monitoring vSphere Virtual Environment 1 Virtualization Security Fit for the VMware Ecosystem
Cost Reduction & Consolidation In the Cloud: Who Has Control? Who is responsible for security ? With IaaS the customer is responsible for VM-level security With SaaS or PaaS the service provider is responsible for security Public Cloud PaaS Public Cloud IaaS ServersVirtualization & Private Cloud End-User (Enterprise) Service Provider Public Cloud SaaS
Amazon Web Services™ Customer Agreement 4.2 Other Security and Backup. You are responsible for properly configuring and using the Service Offerings and taking your own steps to maintain appropriate security, protection and backup of Your Content, which may include the use of encryption technology to protect Your Content from unauthorized access and routine archiving Your Content. (30 March 2011) The cloud customer has responsibility for their data security and needs to plan for this.
What is there to worry about? Name: John Doe SSN: Visa #: … Name: John Doe SSN: Visa #: … Use of encryption is rare: Who can see your information? Virtual volumes and servers are mobile: Your data is mobile — has it moved? Rogue servers might access data: Who is attaching to your volumes? Rich audit and alerting modules lacking: What happened when you weren’t looking? Encryption keys remain with vendor: Are you locked into a single security solution? Who has access to your keys? Virtual volumes contain residual data: Are your storage devices recycled securely?
Compliance 16 Template Integrity VM Isolation Real-time Protection Data Protection What is the Solution? Security that Travels with the VM Self-Defending VM Security in the Cloud Agent on VM - can travel between cloud solutions One management portal for all modules SaaS security deployment option
SecureCloud – Securing Data in the Cloud Encrypts data in public or private cloud environments –Military grade, FIPS compliant encryption to 256-bits Manages encryption keys –Typically a very tedious, detailed and expensive process –Application upkeep offloaded to trusted partner Authenticates servers requesting access to data –Policy-based system gives wide range of factors on which key deployment decisions are made –Delivers keys securely over encrypted SSL channels Audits, alerts, and reports on key delivery activities –Multiple reports and alerting mechanisms available
Data Protection Data Self-Secured Workload Local Threat Intelligence When-Timeline Aware Who-Identity Aware Where-Location Aware What-Content Aware User-defined Access Policies Encryption All network-connected data must be able to defend itself from attacks Integrated Security Across Platforms Virtual and Cloud Oriented Inside-out Security Inside-OutSecurity EndpointsDatacenters
VM VMware Virtualization Security Virtual Appliance VM Agentless security Layered server security Encryption for vSphere Private Cloud Agentless security Layered server security Security Virtual Appliance VM Public Cloud Server security console Shared policy profile Vulnerability shielding VM Encryption for vCloud Compliance support (FIM, Encryption, etc.) Encryption console Shared policy profile Key ownership Encryption for leading cloud providers Compliance support (FIM, Encryption, etc.) Agent-based security Layered server security VM Virtualization and Cloud Security One Security Model
Copyright 2013 Trend Micro Inc. Source: IDC, 2012 Worldwide Corporate Endpoint Server Security Revenue Share by Vendor, 2011 Trend Micro 27% VMware Technology Alliance ‘Partner of the Year’