Scribd
Upload
65 views20 pages

Virtualization and Cloud Computing: How To Manage The Risk?

The document discusses virtualization, cloud computing, and security challenges. It describes Trend Micro's Deep Security product which provides security modules like firewall, antivirus, and integrity monitoring across physical, virtual, and cloud servers from a single console. Deep Security aims to reduce complexity, increase efficiency, and deliver agility for physical, virtual, and cloud environments.

Uploaded by

Zza ZH
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
65 views20 pages

Virtualization and Cloud Computing: How To Manage The Risk?

The document discusses virtualization, cloud computing, and security challenges. It describes Trend Micro's Deep Security product which provides security modules like firewall, antivirus, and integrity monitoring across physical, virtual, and cloud servers from a single console. Deep Security aims to reduce complexity, increase efficiency, and deliver agility for physical, virtual, and cloud environments.

Uploaded by

Zza ZH
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

Virtualization and Cloud Computing

How to manage the risk?


Raimund Available AugGenes 30, 2011 CTO Trend Micro
Copyright 2011 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

Infection

Exfiltration (Sendspace)

Information to C&C

http://blog.trendmicro.com/trojan-abuses-sendspace-a-closer-look/
Copyright 2012 Trend Micro Inc.

Outside-in Model of Perimeter Defense


Layer protection from outside in Keeps threats as far away as possible!

Outside-In

Security

Copyright 2012 Trend Micro Inc.

Inside-out Security
Endpoints Datacenters

Self-Secured Workload
Local Threat Intelligence When-Timeline Aware

Who-Identity Aware
Where-Location Aware InsideOut Data
Data Protection

Security

What-Content Aware
User-defined Access Policies Encryption

Copyright 2012 Trend Micro Inc.

Security Challenges Across the Dynamic Datacenter

Physical
Manageability

Virtual
Performance & Threats

Cloud
Visibility and Threats

Glut of security products Less security Higher TCO

Security reduces performance Mixed workloads

Less visibility

More external risks

Copyright 2012 Trend Micro Inc.

Trend Micro Deep Security


System, application and data security across:
5 protection modules
Deep Packet Inspection
IDS / IPS

Shields web application vulnerabilities

Detects and blocks known and zero-day attacks that target vulnerabilities Provides increased visibility into, or control over, applications accessing the network Detects and blocks malware (web threats, viruses & worms, Trojans) Detects malicious and unauthorized changes to directories, files, registry keys

Web Application Protection


Application Control

Reduces attack surface. Prevents DoS & detects reconnaissance scans Optimizes the identification of important security events buried in log entries

Firewall

Anti-Virus

Log Inspection

Integrity Monitoring

Protection is delivered via Agent and/or Virtual Appliance


Copyright 2012 Trend Micro Inc.

Security for Physical Servers


Reduce Complexity Physical

Key Challenge: Too many consoles, isolated policies Need: Consolidate disparate security products in 1 integrated agent & console
Deep Security 7.5 Firewall, IDS/IPS, File integrity monitoring and log inspection agent

Windows, Linux, AIX, UNIX, Solaris

Deep Security 8 is the server security platform that protects servers with ONE integrated agent & console

Deep Security 8 Added antivirus agent supporting both Windows and Linux environments Easy to use FIM with golden hosts & cloud-based event whitelisting
Copyright 2012 Trend Micro Inc.

Security for Virtual Servers


Increase Efficiency Virtual

Key Challenge: Consolidation limits due to performance & resource inefficiency Need: Integrate security at the hypervisor level via a virtual appliance Deep Security 7.5

VMware vSphere vCenter, vDirector

Agentless firewall, IDS/IPS

Agentless antivirus Deep Security 8 Agentless file integrity monitoring Hypervisor integrity via Intel TPM/TXT Web reputation services integration for improved VDI protection
Copyright 2012 Trend Micro Inc.

Deep Security 8 will lower barriers to adoption for FIM and enable greater security with zero added footprint

Security for Cloud Servers


Deliver Agility Cloud

Key Challenge: Data security in the cloud Need: Enable path to private, public or hybrid cloud with added data security, management APIs and multi-tenancy support Deep Security 8 with SecureCloud 1.2 Support for bare metal and virtual infrastructure without cloud API

Amazon, vCloud

Deep Security 8 with SecureCloud 2 will provide contextaware data security necessary for ALL cloud environments

Deep Security 8.0 with SecureCloud 2 Deep Security Manager integration FIPS 140-2 certification Key revocation, rotation & lifecycle mgmt
Copyright 2012 Trend Micro Inc.

Total Cloud Protection with Deep Security 8 and SecureCloud 2


System, application and data security in the cloud

Deep Security 8

Context Aware

Credit Card Payment SecureCloud 2 Patient Medical Records Sensitive Social Security Research Numbers Results Information

Modular protection for servers and applications


Self-Defending VM Security in the Cloud Agent on VM allows travel between cloud solutions One management portal for all modules

Encryption with Policy-based Key Management Data is unreadable to unauthorized users

Policy-based key management controls and automates key delivery


Server validation authenticates servers requesting keys
Copyright 2012 Trend Micro Inc.

Copyright 2012 Trend Micro Inc.

[email protected]

Copyright 2012 Trend Micro Inc.

You might also like