SecurityPast, Present and Future -Securing Your Evolving ......SecurityPast, Present and Future...

17
Security Past, Present and Future - Securing Your Evolving Infrastructure Tarun Gupta- Regional Solutions Architect

Transcript of SecurityPast, Present and Future -Securing Your Evolving ......SecurityPast, Present and Future...

Security Past, Present and Future - Securing Your Evolving Infrastructure

Tarun Gupta- Regional Solutions Architect

© 2019 Trend Micro Inc.2

Enhances security by providing the most secure virtualization infrastructure, with APIs & certification programs

Enhances virtualization by providing security solutions architected to fully leverage VMware virtualization offerings

Trend Micro Deep Security & VMware

Support for introspection and network

traffic via hypervisor

FIRST to support

VMware vShield

Deep Security the ONLY fully

agentless security platform

2011 2012 2013 2014 2015 2016

Deep Security support for

vSphere 5.1, Horizon VDI

Deep Security 9 adds UNIQUE

security recommendation scan for securing vSphere, vCloud,

Horizon VDI

Deep Security 9.5 FIRST to

support file & network security for NSX, vCloudAir and vCenterOps integration

Support for Horizon DaaS

Deep Security 9.6 support for

vSphere 6 & NSX

FIRST/ONLYintegration with

vROPS 6.0

Support for Log Insight

Deep Security 9.6 support for

NSX 6.2.4 (expanded licensing)

2009-10

Deep Security 10 simplifies the

process of securing

workloads across the SDDC and

the cloud, delivering a

single security tool optimized

for VMware Cloud™

on AWS

2017

Years of joint innovation…

© 2019 Trend Micro Inc.4

First and only agentless security suite for the VMware hypervisor

Year 2009 - 2011

OSKernel

BIOS

ESX 4.1

vSphere Platform

Guest VM

OS

Trend MicroDeep Security

Manager

vShield Endpoint ESX Module

vCenter

Thin Driver

vShield Manager 4.1

Trend Microproduct

components

vShield Endpoint

Components

VMware Platform

APPsAPPsAPPs

Deep Security Virtual Appliance

Anti-Malware

- Real-time Scan- Scheduled & Manual Scan

Network Security

- IDS/IPS- Web App Protection- Application Control- Firewall

Trend Microfilter driver

VMsafe-net API

vShield Endpoint API

Legend à

© 2019 Trend Micro Inc.5

© 2019 Trend Micro Inc.6

ESX5.0

Filter Driver

Agent

(User Mode)

dom(s)

Protected VMs

(with VMware Tools

+ EPSEC)

VM Network

DVS/vSwitch

Mgmt

vSwitch

EPSec Mux

Service

VMW Tools

Thin Agent

Control/

File

Service

vNIC

AU

Mgmt

vNIC

Ds_filterDs_am

VSAPI iCRC

EPSec

Network Engine

(Kernel Mode)

DPI

dvfilterFW

DPI Network

Data

vNIC

FW

VMSafe-Net LKM

Protected

vNIC

LinuxCentos6.4/64 bit

iAU

VMCI Driver

IM WRS

Notifier

VMCI

dom(s)

dvfilter-nx

Data

vmci

Vmware

Filter Driver

EPSec

TrendMicro Deep Security 9 with VMware NSX Architecture

Year 2013 - 2014

© 2019 Trend Micro Inc.7

TrendMicro Deep Security extends support with VMware vCloud

Deep Security

Software-DefinedData Center

(Private Cloud)vSphere, vCloud NSX

End User Computing

Horizon Virtual Desktop

Infrastructure (VDI)

vRealizeOperations

Management

OperationsVMware, AWS, Azure

Public Cloud (Multi-cloud) Year 2013- 2015

© 2019 Trend Micro Inc.8

Introduced VMware Cloud on Amazon Web Serviceswith Trend Micro protection for workloads across the data center AND the cloud

Service and support by VMware• Retain existing architecture and investments• Scale workloads instantly• Utilize consistent deployment modelsSecurity and protection by Trend Micro• Visibility of all workloads from one console• Prevent known and unknown threats• Automate deployments, policies, and controls • Minimize point solution security tools• Lower operational costs and maintenance

+

Year 2015-2018

Copyright 2017 Trend Micro Inc.9

Extending TippingPoint to the VMware VMC

Consistent Network Security

Quickly extend TippingPoint security

profiles to your cloud network

Central SMS ManagementComplete visibility and

management of on-premise and cloud security with SMS

Simplified Cloud Deployment

Minimize friction with security that fits

seamlessly into your cloud network fabric

Year 2019

Copyright 2019 Trend Micro Inc.10

Easy to deploy – less operational friction

Transparent Fewer moving pieces Flexible

• Flow-based engine• Stateless deep packet

inspection• Insert and remove

inline without disruption

• Inspect ingress andegress traffic with network efficiency

• Just one pair of EC2 instances-no additional load balancers

• Deploy in line Initial deployment with AWS Transit-Gateway

• Leverage portable licensing

Copyright 2019 Trend Micro Inc.11

Delivering industry leading security

ü Network based virtual patching

ü Trend Micro Research backed protection

ü Integration with Trend Micro solutions

Threats Vulnerabilities & Exploits

Cybercriminal Undergrounds

IoT OT / IIoTAI &Machine Learning

Future Threat Landscape

Targeted Attacks

© 2019 Trend Micro Inc.12

The Undisclosed: Zero Day InitiativePreemptive Protection for “Undisclosed” Vulnerabilities

Public DisclosureVulnerability is submitted to

ZDI

Vulnerability is Patched or

Remains Unfixed

Vendor Response

TREND MICRO TIPPINGPOINT CUSTOMERS PROTECTED AHEAD OF PATCH

OTHER NETWORK SECURITY VENDORS CUSTOMERS AT RISK

Digital Vaccine®Filter Created

Vendor Notified72 DAYS

Average days of zero-day filter coverage from date of

DV filter shipped to ZDI public disclosure in 2017.

© 2019 Trend Micro Inc.13

Vulnerability Research Market 2017 & 2018

* Frost & Sullivan 2017 Report

42% YoY: busiest year ever!

Over 1400 advisories in 2018

Copyright 2019 Trend Micro Inc.14

DEMO

VPC

10.201.6.177 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC1VPC

10.202.1.210 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC2VPC

Subnet 1 Subnet 2

Subnet 3 Subnet 4, etc

Future VPC’s

VMC

10.100.0.0/16

10.101.1.0/24 –10.101.5.0/24

10.101.4.10

VPC

IDS / IPS

Firewall / NGFW

Inline services

VPN

AWS Direct Connect *

Account Account Account

Administrative accounts (logging, AWS Organizations, billing, landing zone)

Route tables

Route tables

Transit Gateway East-West + North-South

Available Q1 2019

VMC Integrated Transit Gateway Demo Environment

Back to Slide

Mgmt

Compute

Test VM

US-EAST-1 – Virginia Region

Test Instance10.201.0.0/16 10.202.0.0/16

Test Instance

Trend Micro Deep Security & Cloud Network Protection

Back to Slide

VPC

10.201.6.177 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC1VPC

10.202.1.210 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC2VPC

Subnet 1 Subnet 2

Subnet 3 Subnet 4, etc

Future VPC’sVMC

10.100.0.0/16

10.101.1.0/24 –10.101.5.0/24

10.101.4.10

VPC

TM Cloud Network Security

Inspection VPC

VPN

AWS Direct Connect *

Account Account Account

Route tables

Route tables

Transit Gateway East-West

Available Q1 2019

Mgmt

Compute

Test VM

Test Instance10.201.0.0/16 10.202.0.0/16

Test InstanceVPC

Management VPC

On Prem

On-Premise Network

DSM

DSM

VPC

TM Cloud Network Security

Inspection VPC

East-West

VPCTM Management VPC

DSM

VPC

10.201.6.177 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC1VPC

10.202.1.210 Subnet 2

Subnet 3 Subnet 4, etc

TGW-VPC2VPC

Subnet 1 Subnet 2

Subnet 3 Subnet 4, etc

Future VPC’sVMC

10.100.0.0/16

10.101.1.0/24 –10.101.5.0/24

10.101.4.10

VPN

AWS Direct Connect *

Account Account Account

Route tables

Route tables

Transit Gateway

Available Q1 2019

Mgmt

Compute

Test VM

Test Instance10.201.0.0/16 10.202.0.0/16

Test Instance

On Prem

DSM

On-Premise Network

Trend Micro Deep Security & Cloud Network Protection