Introduction - Trend Micro Deep Security

Deep Security 8

A Server Security Platform for Physical Virtual Cloud

Copyright 2009 Trend Micro Inc.

Siupan Chan – Principal Consultant, Trend Micro Hong Kong

Key Trends: Datacenter Consolidation

• Traditional security adds operational challenges and security risks • Increases Security TCO and limits virtualization/cloud adoption

Virtual CloudPhysical

• Less visibility• Security reduces• Glut of security

servers serversy

serversLess visibility

• More external risksSecurity reduces performance

• Mixed workloads

Glut of security products

• Higher TCO


2009: A Historic Year for Servers

16Virtual machine shipments surpassed physical server shipped

10

12

14

萬

Virtual machine shipments surpassed physical server shipped

4

6

8

百萬

0

2

2005 2006 2007 2008 2009 2010 2011 2012 2013

Virtualization changed and simplified how IT

Physical Hosts Virtual Machines

Virtualization changed and simplified how IT manages servers and datacenters


Key Trends: Sophisticated data-stealing threats Data security is more challenging than ever before

• More Profitable

• More SophisticatedMore Sophisticated

• More Frequent AdvancedPersistent

De-Perimeterization

PersistentThreats

• More Targeted

Perimeter defenses are not adequate anymoreCopyright 2009 Trend Micro Inc.

4

Perimeter defenses are not adequate anymore

Key Trends: Regulatory Compliance Solutions Need to Achieve Broader Coverage with Lower TCO

More standards: • PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS…, , , , ,

More specific security requirementsVi t li ti W b li ti EHR PII• Virtualization, Web applications, EHR, PII…

More penalties & fines• HITECH, Breach notifications, civil litigation

“DMZ consolidation using virtualization will be a "hot spot” for auditors, given the greater risk of mis-configuration and lower visibility of DMZ policy violation Through year-end

“lower visibility of DMZ policy violation. Through year end 2011, auditors will challenge virtualized deployments in the DMZ more than non-virtualized DMZ solutions. ”

Copyright 2009 Trend Micro Inc. 5

-- Neil MacDonald, Gartner

Recap: Security Inhibitors to Virtualization

Resource Contention1 3:00am Scan

Instant-on Gaps2

Inter-VM Attacks / Blind Spots3

Management Complexity44


Deep Security 8Agentless Security for VMware

Agentless

VM fIDS / IPS1

Integrates with

Trend Micro Deep Security

Security

VMsafeAPIs

IDS / IPS

Web Application Protection

Application Control

vCenter

Agentless2

Security Virtual

Machinev

pp

Firewall

vShieldEndpointAntivirus

g2 S

phAgentlessere

Integrity Monitoring vShieldEndpoint

3Agentless

Integrity Monitoring3

e

Security agentLog Inspection

4Agent-based


Security agent on individual VMs

Deep Security 8 Integrity MonitoringAgentless Integrity Monitoring

The Old Way With Agent-less Integrity Monitoring

VM VM VMSecurity Virtual

ApplianceVM VM VM VM

BetterM bilit

Zero AddedF t i t

FasterP f

StrongerS itManageabilityFootprint Performance Security

• Zero added footprint: Integrity monitoring in the same virtual appliance that also provides agentless AV and Deep Packet Inspectionprovides agentless AV and Deep Packet Inspection

• Stronger Security: Expands security footprint on VMs, built in tamperproofing

• Order of Magnitude savings in manageability

Copyright 2009 Trend Micro Inc.8

• Order of Magnitude savings in manageability

• Virtual Appliance avoids performance degradation from FIM storms8

Deep Security 8 Agent-based Anti-malware

Deep PacketFirewall

A ti l

Inspection

WEB REPUTATION

SERVICES

Anti-malware

Integrity LogHyper-V & Xen-based

Virtual Servers

VDI Local Mode

IntegrityMonitoring

LogInspection

Virtual Servers

• New Agent-based AV for physical Windows and Linux* systems, Hyper-V & Xen-based virtual servers, and virtual desktops in local mode& Xen based virtual servers, and virtual desktops in local mode

• Web reputation services through integration with Smart Protection

*Linux AV = scheduled scan, agent only, coming Q1 2012


• Web reputation services through integration with Smart Protection Network protects systems/users from access to malicious websites

Deep Security 8 Integrity Monitoring Ease of Use Enhancements (Agent + Agentless)Integrity Monitoring Ease of Use Enhancements (Agent Agentless)

DestinationCertified Safe

SoftwareSoftware Service

• Good Events (eg. Windows SP Roll out) typically add operational complexity

Source DestinationDestination

operational complexity

• Nominating system as Golden Host createsGolden Host creates template for good events for remaining systems

Destination• Cloud-based event

whitelisting further reduces IT burden

Destination

Copyright 2009 Trend Micro Inc.10

Summary / Key Messages

Deep Security 8 extends its leadership in server and virtualization security • A fully integrated server security platform built for physical virtual and

cloudcloud• Agentless integrity monitoring adds to other agentless modules, enables

better security and compliance without added cost or complexity• Agent-based AV extends common protection across all aspects of PVC• Integration with SecureCloud 2 adds context-aware data protection in

cloud environmentscloud environments

Trend Micro

22.9%

Trend Micro

13%

Top ratings for Virtualization

Security

All Others

77.1%

All Others

Combined

87%


Source: Worldwide Endpoint Security 2010-2014 Forecast and 2009 Vendor Shares, IDC

Source: 2011 Technavio –Global Virtualization Security

Management Solutions

11

Trend Micro: VMware #1 Security Partner and 2011 Technology Alliance Partner of the Year

Improves Securityb idi th t

Improves Virtualizationb idi it l tiby providing the most

secure virtualization infrastructure, with APIs, and certification programs

by providing security solutions architected to fully exploit

the VMware platform

VMworld: Trend Micro virtsec customer

May: Trend i

Nov: Deep Security 7with virtual appliance

Dec: Deep Security 7.5w/ Agentless AntiVirus

RSA T d MiVmworld: Announce

Deep Security 8Feb: Join VMsafe program

acquires Third Brigade

RSA: Other vendors “announce” Agentless

RSA: Trend Micro Demos Agentless

Sale of DS 7.5 Before GA

Deep Security 8& vShield OEM

2011201020092008

RSA: Trend Micro announces Coordinated

July:CPVM

GA

Q1: VMware buys Deep Security for Internal VDI Use

VMworld: AnnounceDeep Security 7.5


approach & Virtual pricingAnd shows Vmsafe demo RSA: Trend Micro

announces virtual appliance

GAQ4: Joined EPSEC vShield Program

2010:>100 customers >$1M revenue

Internal VDI Use

Introduction - Trend Micro Deep Security

Technology

Transcript of Introduction - Trend Micro Deep Security