SecurityPast, Present and Future -Securing Your Evolving ......SecurityPast, Present and Future...

of 17/17
Security Past, Present and Future - Securing Your Evolving Infrastructure Tarun Gupta- Regional Solutions Architect
  • date post

    19-Mar-2020
  • Category

    Documents

  • view

    4
  • download

    0

Embed Size (px)

Transcript of SecurityPast, Present and Future -Securing Your Evolving ......SecurityPast, Present and Future...

  • Security Past, Present and Future - Securing Your Evolving Infrastructure

    Tarun Gupta- Regional Solutions Architect

  • © 2019 Trend Micro Inc.2

    Enhances security by providing the most secure virtualization infrastructure, with APIs & certification programs

    Enhances virtualization by providing security solutions architected to fully leverage VMware virtualization offerings

    Trend Micro Deep Security & VMware

    Support for introspection and network

    traffic via hypervisor

    FIRST to support

    VMware vShield

    Deep Security the ONLY fully

    agentless security platform

    2011 2012 2013 2014 2015 2016

    Deep Security support for

    vSphere 5.1, Horizon VDI

    Deep Security 9 adds UNIQUE

    security recommendation scan for securing vSphere, vCloud,

    Horizon VDI

    Deep Security 9.5 FIRST to

    support file & network security for NSX, vCloudAir and vCenterOps integration

    Support for Horizon DaaS

    Deep Security 9.6 support for

    vSphere 6 & NSX

    FIRST/ONLYintegration with

    vROPS 6.0

    Support for Log Insight

    Deep Security 9.6 support for

    NSX 6.2.4 (expanded licensing)

    2009-10

    Deep Security 10 simplifies the

    process of securing

    workloads across the SDDC and

    the cloud, delivering a

    single security tool optimized

    for VMware Cloud™

    on AWS

    2017

    Years of joint innovation…

  • © 2019 Trend Micro Inc.4

    First and only agentless security suite for the VMware hypervisor

    Year 2009 - 2011

    OSKernel

    BIOS

    ESX 4.1

    vSphere Platform

    Guest VM

    OS

    Trend MicroDeep Security

    Manager

    vShield Endpoint ESX Module

    vCenter

    Thin Driver

    vShield Manager 4.1

    Trend Microproduct

    components

    vShield Endpoint

    Components

    VMware Platform

    APPsAPPsAPPs

    Deep Security Virtual Appliance

    Anti-Malware

    - Real-time Scan- Scheduled & Manual Scan

    Network Security

    - IDS/IPS- Web App Protection- Application Control- Firewall

    Trend Microfilter driver

    VMsafe-net API

    vShield Endpoint API

    Legend à

  • © 2019 Trend Micro Inc.5

  • © 2019 Trend Micro Inc.6

    ESX5.0

    Filter Driver

    Agent

    (User Mode)

    dom(s)

    Protected VMs

    (with VMware Tools

    + EPSEC)

    VM Network

    DVS/vSwitch

    Mgmt

    vSwitch

    EPSec Mux

    Service

    VMW Tools

    Thin Agent

    Control/

    File

    Service

    vNIC

    AU

    Mgmt

    vNIC

    Ds_filterDs_am

    VSAPI iCRC

    EPSec

    Network Engine

    (Kernel Mode)

    DPI

    dvfilterFW

    DPI Network

    Data

    vNIC

    FW

    VMSafe-Net LKM

    Protected

    vNIC

    LinuxCentos6.4/64 bit

    iAU

    VMCI Driver

    IM WRS

    Notifier

    VMCI

    dom(s)

    dvfilter-nx

    Data

    vmci

    Vmware

    Filter Driver

    EPSec

    TrendMicro Deep Security 9 with VMware NSX Architecture

    Year 2013 - 2014

  • © 2019 Trend Micro Inc.7

    TrendMicro Deep Security extends support with VMware vCloud

    Deep Security

    Software-DefinedData Center

    (Private Cloud)vSphere, vCloud NSX

    End User Computing

    Horizon Virtual Desktop

    Infrastructure (VDI)

    vRealizeOperations

    Management

    OperationsVMware, AWS, Azure

    Public Cloud (Multi-cloud) Year 2013- 2015

  • © 2019 Trend Micro Inc.8

    Introduced VMware Cloud on Amazon Web Serviceswith Trend Micro protection for workloads across the data center AND the cloud

    Service and support by VMware• Retain existing architecture and investments• Scale workloads instantly• Utilize consistent deployment modelsSecurity and protection by Trend Micro• Visibility of all workloads from one console• Prevent known and unknown threats• Automate deployments, policies, and controls • Minimize point solution security tools• Lower operational costs and maintenance

    +

    Year 2015-2018

  • Copyright 2017 Trend Micro Inc.9

    Extending TippingPoint to the VMware VMC

    Consistent Network Security

    Quickly extend TippingPoint security

    profiles to your cloud network

    Central SMS ManagementComplete visibility and

    management of on-premise and cloud security with SMS

    Simplified Cloud Deployment

    Minimize friction with security that fits

    seamlessly into your cloud network fabric

    Year 2019

  • Copyright 2019 Trend Micro Inc.10

    Easy to deploy – less operational friction

    Transparent Fewer moving pieces Flexible

    • Flow-based engine• Stateless deep packet

    inspection• Insert and remove

    inline without disruption

    • Inspect ingress andegress traffic with network efficiency

    • Just one pair of EC2 instances-no additional load balancers

    • Deploy in line Initial deployment with AWS Transit-Gateway

    • Leverage portable licensing

  • Copyright 2019 Trend Micro Inc.11

    Delivering industry leading security

    ü Network based virtual patching

    ü Trend Micro Research backed protection

    ü Integration with Trend Micro solutions

    Threats Vulnerabilities & Exploits

    Cybercriminal Undergrounds

    IoT OT / IIoTAI &Machine Learning

    Future Threat Landscape

    Targeted Attacks

  • © 2019 Trend Micro Inc.12

    The Undisclosed: Zero Day InitiativePreemptive Protection for “Undisclosed” Vulnerabilities

    Public DisclosureVulnerability is submitted to

    ZDI

    Vulnerability is Patched or

    Remains Unfixed

    Vendor Response

    TREND MICRO TIPPINGPOINT CUSTOMERS PROTECTED AHEAD OF PATCH

    OTHER NETWORK SECURITY VENDORS CUSTOMERS AT RISK

    Digital Vaccine®Filter Created

    Vendor Notified72 DAYS

    Average days of zero-day filter coverage from date of

    DV filter shipped to ZDI public disclosure in 2017.

  • © 2019 Trend Micro Inc.13

    Vulnerability Research Market 2017 & 2018

    * Frost & Sullivan 2017 Report

    42% YoY: busiest year ever!

    Over 1400 advisories in 2018

  • Copyright 2019 Trend Micro Inc.14

    DEMO

  • VPC

    10.201.6.177 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC1VPC

    10.202.1.210 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC2VPC

    Subnet 1 Subnet 2

    Subnet 3 Subnet 4, etc

    Future VPC’s

    VMC

    10.100.0.0/16

    10.101.1.0/24 –10.101.5.0/24

    10.101.4.10

    VPC

    IDS / IPS

    Firewall / NGFW

    Inline services

    VPN

    AWS Direct Connect *

    Account Account Account

    Administrative accounts (logging, AWS Organizations, billing, landing zone)

    Route tables

    Route tables

    Transit Gateway East-West + North-South

    Available Q1 2019

    VMC Integrated Transit Gateway Demo Environment

    Back to Slide

    Mgmt

    Compute

    Test VM

    US-EAST-1 – Virginia Region

    Test Instance10.201.0.0/16 10.202.0.0/16

    Test Instance

  • Trend Micro Deep Security & Cloud Network Protection

    Back to Slide

    VPC

    10.201.6.177 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC1VPC

    10.202.1.210 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC2VPC

    Subnet 1 Subnet 2

    Subnet 3 Subnet 4, etc

    Future VPC’sVMC

    10.100.0.0/16

    10.101.1.0/24 –10.101.5.0/24

    10.101.4.10

    VPC

    TM Cloud Network Security

    Inspection VPC

    VPN

    AWS Direct Connect *

    Account Account Account

    Route tables

    Route tables

    Transit Gateway East-West

    Available Q1 2019

    Mgmt

    Compute

    Test VM

    Test Instance10.201.0.0/16 10.202.0.0/16

    Test InstanceVPC

    Management VPC

    On Prem

    On-Premise Network

    DSM

    DSM

  • VPC

    TM Cloud Network Security

    Inspection VPC

    East-West

    VPCTM Management VPC

    DSM

    VPC

    10.201.6.177 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC1VPC

    10.202.1.210 Subnet 2

    Subnet 3 Subnet 4, etc

    TGW-VPC2VPC

    Subnet 1 Subnet 2

    Subnet 3 Subnet 4, etc

    Future VPC’sVMC

    10.100.0.0/16

    10.101.1.0/24 –10.101.5.0/24

    10.101.4.10

    VPN

    AWS Direct Connect *

    Account Account Account

    Route tables

    Route tables

    Transit Gateway

    Available Q1 2019

    Mgmt

    Compute

    Test VM

    Test Instance10.201.0.0/16 10.202.0.0/16

    Test Instance

    On Prem

    DSM

    On-Premise Network

    Trend Micro Deep Security & Cloud Network Protection

  • Thank you!

    [email protected]

    http://trendmicro.com