Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/2015 1.

Published byAlan Anthony Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/2015 1."— Presentation transcript:

1 Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant kamal_s@trendmicro.com Classification 8/27/2015 1

2 Copyright 2011 Trend Micro Inc. Classification 8/27/2015 2 Agenda The Cloud Landscape Security Challenges Journey to the Cloud Next Generation Security Infrastructure How it Works ? Summary

3 Copyright 2011 Trend Micro Inc. The Benefits of Virtualization & Cloud Computing Classification 8/27/2015 3 Reduce IT Capital Expense by 50% Reduce Administration overhead Reduce IT operational expense Increase Flexibility Reduce Carbon Footprint And more…

4 Copyright 2011 Trend Micro Inc. Stage 1 - Private Cloud Stage 1 - Private Cloud Stage 2 - 2011 Hybrid Cloud Stage 2 - 2011 Hybrid Cloud Stage 3 - 2012 Public Cloud Stage 3 - 2012 Public Cloud 15%30% 70% 85% Servers Desktops Customer Cloud Journey Secure The Cloud Workload Secure The Cloud Workload Protect The Workload Data Protect The Workload Data Consolidate Security Across DC & Cloud Consolidate Security Across DC & Cloud

5 Copyright 2011 Trend Micro Inc. Cloud Layers Three basic cloud layers: IaaS, PaaS, SaaS –IaaS: is the cloud layer in which cloud consumers have the ability to provision virtual servers, storage, networks, and other fundamental computing resources –PaaS: provides a development platform, sandbox and management system to develop, and in some cases, sell the applications that will be operated in the cloud. –SaaS: capability for a consumer to use the provider’s applications running on a cloud infrastructure. Trend Micro Confidential8/27/2015 5

6 Copyright 2011 Trend Micro Inc. Types of cloud computing & examples Classification 8/27/2015 6 Cloud Applications Software-as-a-Service Cloud Software Development Platform-as-a-Service Cloud-based Infrastructure Infrastructure-as-a-Service

7 Copyright 2011 Trend Micro Inc. Who Has Control? ServersVirtualization & Private Cloud Public Cloud PaaS Public Cloud IaaS End-User (Enterprise) Service Provider Public Cloud SaaS 7 Trend Micro Confidential 8/27/2015

8 Copyright 2011 Trend Micro Inc. Source: Source: IDC eXchange, "New IDC IT Cloud Services Survey: Top Benefits and Challenges," (http://blogs.idc.com/ie/?p=730) December 2009 “The number one concern about cloud services is security.” Frank Gens, IDC, Senior VP & Chief Analyst Key Challenges/Issues to the Cloud/On-demand Model

9 Copyright 2011 Trend Micro Inc. Stage 1 - Private Cloud Stage 1 - Private Cloud Stage 2 - 2011 Hybrid Cloud Stage 2 - 2011 Hybrid Cloud Stage 3 - 2012 Public Cloud Stage 3 - 2012 Public Cloud 15%30% 70% 85% Servers Desktops What is there to Worry ? -Traditional Security Approach -VM Sprawl / Cloning, V-Motion -Inter VM Communication -Resource Contention - Use of Encryption is rare - Virtual volumes and servers are mobile - Virtual volumes contain residual data -Compliance Concern -Rogue servers might access data

10 Copyright 2011 Trend Micro Inc. PrivatePublicCloud Data destruction Diminished perimeter Resource Contention Multi-tenancy Data access & governance Complexity of Management Mixed trust level VMs Compliance/ Lack of audit trail 1 2 3 4 5 6 7 8 9 10 11 Virtualization Adoption Rate Security Challenges Along the Virtualization Journey Inter-VM attacks Instant-on gaps Host controls under-deployed

11 Copyright 2011 Trend Micro Inc. How do we get there – a journey to the cloud Virtualization Dynamic Data Center with Shared System, Share Storage Cloud Application New Platform for New Apps. Example, Web Defacing, SQL Injection 3G Network Net Devices Ubiquitous, Borderless Data Access, Data Everywhere Data Centric Protection Ownership of Data vs. Computing Confidentiality & Access Control Hybrid Cloud Management Security That Fits Cloud Infrastructure Cloud Data Cloud Application Cloud End Devices Deep Security Office Scan, Titanium, Safe Sync Secure Cloud Deep Security

12 Copyright 2011 Trend Micro Inc. Next Generation Security Infrastructure Classification 8/27/2015 12

13 Copyright 2011 Trend Micro Inc. Virtualization DMZ Mission Critical Servers Internet Firewall Web / Email IDS / IPS Firewall IDS / IPS Anti-malware Firewall IDS/IPS Endpoints Virtualization Virtual Appliance

14 Copyright 2011 Trend Micro Inc. Cloud Computing DMZ Mission Critical Servers Internet Firewall IDS / IPS Anti-malware Firewall IDS/IPS Endpoints Virtual Appliance Public Cloud Computing Agent-based protection Anti-malware Firewall IDS/IPS Integrity Monitoring Encryption Firewall Web / Email IDS / IPS

15 Copyright 2011 Trend Micro Inc. Next Generation Security DMZ Mission Critical Servers Internet Firewall Web / Email IDS / IPS Firewall IDS / IPS Endpoints Cloud Computing

16 Copyright 2011 Trend Micro Inc. How it Works ? Classification 8/27/2015 16

17 Copyright 2011 Trend Micro Inc. What is Deep Security? Server & application protection for: 17 PHYSICALVIRTUAL & PRIVATE CLOUD PUBLIC CLOUD Deep Packet Inspection IDS / IPS Web App. Protection Application Control Firewall Integrity Monitoring Integrity Monitoring Log Inspection Log Inspection Malware Protection 8/27/2015

18 Copyright 2011 Trend Micro Inc. 18 Trend Micro Deep Security Server & application protection Latest anti-malware module adds to existing set of advanced protection modules Firewall Web app protection Log Inspection Integrity Monitoring Anti- Malware Intrusion Detection Prevention

19 Copyright 2011 Trend Micro Inc. 19 IDS / IPS Web Application Protection Application Control Firewall Deep Packet Inspection Log Inspection Anti-Virus Detects and blocks known and zero-day attacks that target vulnerabilities Shields web application vulnerabilities Provides increased visibility into, or control over, applications accessing the network Reduces attack surface. Prevents DoS & detects reconnaissance scans Detects malicious and unauthorized changes to directories, files, registry keys… Optimizes the identification of important security events buried in log entries Detects and blocks malware (web threats, viruses & worms, Trojans) Trend Micro Deep Security Server & application protection Protection is delivered via Agent and/or Virtual Appliance 5 protection modules Integrity Monitoring

20 Copyright 2011 Trend Micro Inc. Secure Cloud 20

21 Copyright 2011 Trend Micro Inc. 21 Trend Micro: Server Security Leadership IDC Market Analysis: Worldwide Corporate Server Security Market Share All Others 77.1% Trend Micro 22.9% Source: Worldwide Endpoint Security 2010-2014 Forecast and 2009 Vendor Shares, IDC These products are generally more robust than desktop endpoint security and are available for a much wider set of operating systems (Windows, Unix, and Linux). This category also includes products that are designed to protect hypervisors and virtual servers.”

22 Copyright 2011 Trend Micro Inc. Classification 8/27/2015 22 Securing Your Journey to the Cloud THANK YOU!

23 Copyright 2011 Trend Micro Inc. What’s the Solution? SecureCloud makes it possible for businesses to encrypt and control data in public and private cloud environments via simple policy- based key management. It gives businesses power over how and where data is accessed and greatly reduces the complexity of inherent in traditional key management solutions. For the Public Cloud: (Amazon.com or Terremark) –Safely leverage operational and cost efficiencies of cloud computing –Control access to data in shared public cloud environments –Additional safety by authenticating virtual servers For the Private Cloud: (vCloud in customer’s data center) Segregation of sensitive data stored in internal shared storage Greater ability to achieve compliance with regulations and best practices

24 Copyright 2011 Trend Micro Inc. Key Product Benefits (Continued) Secure Storage recycling –Residual data left on storage devices is unreadable after volumes are terminated Auditing and logging functions –Helps ensure compliance with regulations, policies and best practices –Reduces work required for external or internal investigations –Creates accountability and helps manage system resources Automated policy-based key management –Determines which virtual servers access data –Imposes security requirements and location constraints on VMs –Reduces the likelihood of malware infection, system cloning and server modifications 24

25 Copyright 2011 Trend Micro Inc. What is there to worry about? Classification 8/27/2015 25 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Use of encryption is rare: Now only authorized servers can read data! Virtual volumes and servers are mobile: Policies only allow access in authorized areas! Rogue servers might access data: Yes – but the information is unreadable and safe! Rich audit and alerting modules lacking: Now we have reports, alerts and audit trails! Encryption keys remain with vendor: No vendor lock-in since customer owns solution Customer decides where keys are stored! Virtual volumes contain residual data: Doesn’t matter – disks are unreadable!

26 Copyright 2011 Trend Micro Inc. SecureCloud Key Benefits SecureCloud is unique –Not just encryption: unique in the way it manages keys and its environment –Excellent compliment to Deep Security Industry standard encryption –Makes data unreadable without encryption keys –Greatly reduces the risks of data theft, unauthorized data disclosure or data modification Control of encryption keys –Know exactly where your keys are at all times –Vendor administrators with powerful rights unable to see information –Not subjected to lock-in with cloud vendor’s encryption system –Governments can no longer seize data without your knowledge 26

27 Copyright 2011 Trend Micro Inc. What is there to worry about? Classification 8/27/2015 27 Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Name: John Doe SSN: 425-79-0053 Visa #: 4456-8732… Use of encryption is rare: Who can see your information? Virtual volumes and servers are mobile: Your data is mobile — has it moved? Rogue servers might access data: Who is attaching to your volumes? Rich audit and alerting modules lacking: What happened when you weren’t looking? Encryption keys remain with vendor: Are you locked into a single security solution? Who has access to your keys? Virtual volumes contain residual data: Are your storage devices recycled securely?

28 Copyright 2011 Trend Micro Inc. 8/27/2015 Page: 28

29 Copyright 2011 Trend Micro Inc. 8/27/2015 Page: 29

30 Copyright 2011 Trend Micro Inc. 8/27/2015 Page: 30

Download ppt "Copyright 2011 Trend Micro Inc. Securing your Journey to the Cloud Kamal Sharma Technical Consultant Classification 8/27/2015 1."

Similar presentations

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.

1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.
Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.

Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Next Generation Monitoring in Cisco Security Cloud Leon De Jager and Nitin.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Next Generation Monitoring in Cisco Security Cloud Leon De Jager and Nitin.
Matt Hubbard Regional Product Marketing Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud Confidential | Copyright.

Matt Hubbard Regional Product Marketing Securing Today’s Computing Ecosystem: Physical, Virtual and Cloud Confidential | Copyright.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
© 2010 VMware Inc. All rights reserved Confidential VMware Vision Jarod Martin Senior Solutions Engineer.

© 2010 VMware Inc. All rights reserved Confidential VMware Vision Jarod Martin Senior Solutions Engineer.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Copyright 2009 Trend Micro Inc. Paul Burton Pre-Sales Manager -NEUR How Trend Micro address virtualisation challenges Classification 7/13/2015 1.

Copyright 2009 Trend Micro Inc. Paul Burton Pre-Sales Manager -NEUR How Trend Micro address virtualisation challenges Classification 7/13/
Copyright 2009 Trend Micro Inc. Classification 11/3/10 1 Andy Dancer CTO – Trend Micro, EMEA Virtualisation and Cloud: New security for a new era.

Copyright 2009 Trend Micro Inc. Classification 11/3/10 1 Andy Dancer CTO – Trend Micro, EMEA Virtualisation and Cloud: New security for a new era.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

Similar presentations

Ads by Google