Introduction - Trend Micro Deep Security
-
Upload
andrew-wong -
Category
Technology
-
view
2.238 -
download
2
description
Transcript of Introduction - Trend Micro Deep Security
Deep Security 8
A Server Security Platform for Physical Virtual Cloud
Copyright 2009 Trend Micro Inc.
Siupan Chan – Principal Consultant, Trend Micro Hong Kong
Key Trends: Datacenter Consolidation
• Traditional security adds operational challenges and security risks • Increases Security TCO and limits virtualization/cloud adoption
Virtual CloudPhysical
• Less visibility• Security reduces• Glut of security
servers serversy
serversLess visibility
• More external risksSecurity reduces performance
• Mixed workloads
Glut of security products
• Higher TCO
Copyright 2009 Trend Micro Inc.
2009: A Historic Year for Servers
16Virtual machine shipments surpassed physical server shipped
10
12
14
萬
Virtual machine shipments surpassed physical server shipped
4
6
8
百萬
0
2
2005 2006 2007 2008 2009 2010 2011 2012 2013
Virtualization changed and simplified how IT
Physical Hosts Virtual Machines
Virtualization changed and simplified how IT manages servers and datacenters
Copyright 2009 Trend Micro Inc.
Key Trends: Sophisticated data-stealing threats Data security is more challenging than ever before
• More Profitable
• More SophisticatedMore Sophisticated
• More Frequent AdvancedPersistent
De-Perimeterization
PersistentThreats
• More Targeted
Perimeter defenses are not adequate anymoreCopyright 2009 Trend Micro Inc.
4
Perimeter defenses are not adequate anymore
Key Trends: Regulatory Compliance Solutions Need to Achieve Broader Coverage with Lower TCO
More standards: • PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS…, , , , ,
More specific security requirementsVi t li ti W b li ti EHR PII• Virtualization, Web applications, EHR, PII…
More penalties & fines• HITECH, Breach notifications, civil litigation
“DMZ consolidation using virtualization will be a "hot spot” for auditors, given the greater risk of mis-configuration and lower visibility of DMZ policy violation Through year-end
“lower visibility of DMZ policy violation. Through year end 2011, auditors will challenge virtualized deployments in the DMZ more than non-virtualized DMZ solutions. ”
Copyright 2009 Trend Micro Inc. 5
-- Neil MacDonald, Gartner
Recap: Security Inhibitors to Virtualization
Resource Contention1 3:00am Scan
Instant-on Gaps2
Inter-VM Attacks / Blind Spots3
Management Complexity44
Copyright 2009 Trend Micro Inc. 6
Deep Security 8Agentless Security for VMware
Agentless
VM fIDS / IPS1
Integrates with
Trend Micro Deep Security
Security
VMsafeAPIs
IDS / IPS
Web Application Protection
Application Control
vCenter
Agentless2
Security Virtual
Machinev
pp
Firewall
vShieldEndpointAntivirus
g2 S
phAgentlessere
Integrity Monitoring vShieldEndpoint
3Agentless
Integrity Monitoring3
e
Security agentLog Inspection
4Agent-based
Copyright 2009 Trend Micro Inc.
Security agent on individual VMs
Deep Security 8 Integrity MonitoringAgentless Integrity Monitoring
The Old Way With Agent-less Integrity Monitoring
VM VM VMSecurity Virtual
ApplianceVM VM VM VM
BetterM bilit
Zero AddedF t i t
FasterP f
StrongerS itManageabilityFootprint Performance Security
• Zero added footprint: Integrity monitoring in the same virtual appliance that also provides agentless AV and Deep Packet Inspectionprovides agentless AV and Deep Packet Inspection
• Stronger Security: Expands security footprint on VMs, built in tamperproofing
• Order of Magnitude savings in manageability
Copyright 2009 Trend Micro Inc.8
• Order of Magnitude savings in manageability
• Virtual Appliance avoids performance degradation from FIM storms8
Deep Security 8 Agent-based Anti-malware
Deep PacketFirewall
A ti l
Inspection
WEB REPUTATION
SERVICES
Anti-malware
Integrity LogHyper-V & Xen-based
Virtual Servers
VDI Local Mode
IntegrityMonitoring
LogInspection
Virtual Servers
• New Agent-based AV for physical Windows and Linux* systems, Hyper-V & Xen-based virtual servers, and virtual desktops in local mode& Xen based virtual servers, and virtual desktops in local mode
• Web reputation services through integration with Smart Protection
*Linux AV = scheduled scan, agent only, coming Q1 2012
Copyright 2009 Trend Micro Inc. 9
• Web reputation services through integration with Smart Protection Network protects systems/users from access to malicious websites
Deep Security 8 Integrity Monitoring Ease of Use Enhancements (Agent + Agentless)Integrity Monitoring Ease of Use Enhancements (Agent Agentless)
DestinationCertified Safe
SoftwareSoftware Service
• Good Events (eg. Windows SP Roll out) typically add operational complexity
Source DestinationDestination
operational complexity
• Nominating system as Golden Host createsGolden Host creates template for good events for remaining systems
Destination• Cloud-based event
whitelisting further reduces IT burden
Destination
Copyright 2009 Trend Micro Inc.10
Summary / Key Messages
Deep Security 8 extends its leadership in server and virtualization security • A fully integrated server security platform built for physical virtual and
cloudcloud• Agentless integrity monitoring adds to other agentless modules, enables
better security and compliance without added cost or complexity• Agent-based AV extends common protection across all aspects of PVC• Integration with SecureCloud 2 adds context-aware data protection in
cloud environmentscloud environments
Trend Micro
22.9%
Trend Micro
13%
Top ratings for Virtualization
Security
All Others
77.1%
All Others
Combined
87%
Copyright 2009 Trend Micro Inc.
Source: Worldwide Endpoint Security 2010-2014 Forecast and 2009 Vendor Shares, IDC
Source: 2011 Technavio –Global Virtualization Security
Management Solutions
11
Trend Micro: VMware #1 Security Partner and 2011 Technology Alliance Partner of the Year
Improves Securityb idi th t
Improves Virtualizationb idi it l tiby providing the most
secure virtualization infrastructure, with APIs, and certification programs
by providing security solutions architected to fully exploit
the VMware platform
VMworld: Trend Micro virtsec customer
May: Trend i
Nov: Deep Security 7with virtual appliance
Dec: Deep Security 7.5w/ Agentless AntiVirus
RSA T d MiVmworld: Announce
Deep Security 8Feb: Join VMsafe program
acquires Third Brigade
RSA: Other vendors “announce” Agentless
RSA: Trend Micro Demos Agentless
Sale of DS 7.5 Before GA
Deep Security 8& vShield OEM
2011201020092008
RSA: Trend Micro announces Coordinated
July:CPVM
GA
Q1: VMware buys Deep Security for Internal VDI Use
VMworld: AnnounceDeep Security 7.5
Copyright 2009 Trend Micro Inc.
approach & Virtual pricingAnd shows Vmsafe demo RSA: Trend Micro
announces virtual appliance
GAQ4: Joined EPSEC vShield Program
2010:>100 customers >$1M revenue
Internal VDI Use
Questions & Answers
Copyright 2009 Trend Micro Inc.Classification 1/18/2012 13