Dynamic Datacenter Security Solidex, November 2009
|
|
- Antony Jones
- 5 years ago
- Views:
Transcription
1 Dynamic Datacenter Security Solidex, November 2009
2 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2
3 Dynamic virtual machines Dynamic: Reverted Paused Restarted Cloned Moved Security challenges Achieve and maintain consistent security Propagation of vulnerabilities and configuration errors Maintaining an auditable record of the security state 3 Third Briga
4 Virtual Machines Need Specialized Protection 1. Same threats in virtualized servers as physical: OS & Application vulnerabilities and Configuration errors allow Malware to attack & infect 2. Plus Dynamics of virtualization causes some new challenges: Dormant VMs Resource contention VM Sprawl Inter-VM traffic vmotion 4
5 Virtualization Challenge: Securing dormant VMs Dormant VM Dormant VM Active VM Active VM Active VM AV App AV App AV App AV App AV App ESX Server Dormant VMs are unprotected These include VM templates and VM backups Dormant VMs cannot run scan agents yet still can get infected Dormant VMs have problem of stale AV signatures 7/7/2009 5
6 Virtualization Challenge: Full System Scans Scan 3:00AM Scan 3:00AM Scan 3:00AM Scan 3:00AM Scan 3:00AM Scan 3:00AM AV App AV App AV App AV App AV App AV App Typical AV Console ESX Server Resource Contention with Full System Scans Existing AV solutions are not VM aware Simultaneous full AV scans on same host causes severe performance degradation No isolation between malware and anti-malware 7/7/2009 6
7 Virtualization Challenge: VM sprawl Dormant VM Dormant VM Active VM Active VM Active VM Newly deployed VMs Sec App Sec App Sec App Sec App Sec App Sec App AV App AV App Sec App ESX Server Infrastructure Managing VM Sprawl New VMs are just a click away, security weaknesses replicate quickly Security provisioning creates bottlenecks in VM deployment or VMs emerge without adequate security Lack of visibility into or integration with virtualization console increases management complexity 7/7/2009 7
8 Virtualization Challenge: Inter-VM traffic AV App AV App AV App AV App Inter-VM traffic Network IDS/IPS vswitch ESX Server vswitch ESX Server Inter-VM traffic Network IDS/IPS solutions cannot see VM to VM traffic within an ESX server First-generation security VMs require intrusive vswitch changes 7/7/2009 8
9 Virtualization Challenge: VM Mobility AV App AV App vmotion AV App AV App Network IDS/IPS vswitch ESX Server vswitch ESX Server Mobility of VMs (vmotion & vcloud) Existing solutions need reconfiguration and are cumbersome to manage Can result in VMs of different sensitivities landing on same server Deployment of VMs in cloud (IaaS) environments are unprotected 7/7/2009 9
10 Perimeter is cracking De-Militarized Zone (DMZ) Encrypted attacks NIPS Firewall NIPS Cloud computing Mission Critical Servers Business Servers / Endpoints Insiders Virtualization WLAN Third Brigade, Inc. 10
11 Deep Security Server & Application Protection for the Dynamic Data Center
12 What is Deep Security? Server & application protection for: PHYSICAL VIRTUAL CLOUD IDS / IPS Deep Packet Inspection Web App. Protection Application Control Firewall Integrity Monitoring Log Inspection 12
13 Retreat To The Server (VM)! De-Militarized Zone (DMZ) IDS/IPS Firewall IDS/IPS Gateway (Malware) Firewall & IDS/IPS File Integrity Monitoring & Log Inspection Anti-Malware Mission Critical Servers Business Servers / Endpoints 5/28/
14 Deep Security Modules Firewall Centralized management of server firewall policy Pre-defined templates for common enterprise server types Fine-grained filtering: IP & MAC addresses, Ports Coverage of all IP-based protocols: TCP, UDP, ICMP, IGMP Deep Packet Inspection Enables IDS / IPS, Web App Protection, Application Control Examines incoming & outgoing traffic for: Protocol deviations Content that signals an attack Policy violations. Integrity Monitoring Monitors critical files, systems and registry for changes Critical OS and application files (files, directories, registry keys and values) Flexible, practical monitoring through includes/excludes Auditable reports Log Inspection Collects & analyzes operating system and application logs for security events. Rules optimize the identification of important security events buried in multiple log entries. 11/9/09 14
15 Now, Practically Speaking Firewall Enables: Comprehensive control over inbound and outbound traffic Incident containment Location awareness of resources in virtualized environments Deep Packet Inspection Enables: Vulnerability specific protection (i.e. Microsoft Tuesday) Application-layer control Prevents: Zero-day attacks on known and unknown vulnerability Web application attacks including SQL Injection and Cross Site Scripting (XSS) Attacks hidden in encrypted data Integrity Monitoring Enables: Near real-time detection* of potentially malicious changes Extensive file property checking, including attributes (PCI ) Alerting on errors signaling attack Golden host to compare changes against a predefined baseline and manage acceptable change * Log Inspection Enables: Optimized collection of security events across the datacenter, multiple server types Based on the OSSEC rule syntax, widely deployed HIDS Saves bandwidth in log collection from servers 11/9/09 15
16 Architecture PHYSICAL VIRTUAL CLOUD Deep Security Agent Security Profiles Deep Security Manager Alerts IT Infrastructure Integration vcenter SIEM Active Directory Log correlation Web services Security Center Reports Security Updates 16
17 Deep Security Manager Centralized, web-based management system Manage security profiles Multiple & delegated admin Detailed reporting Recommendation scan Customizable dashboard Automation through scheduled tasks Web services API Software and security updates Integration (VMware vcenter, SIEM, Active Directory) Scalable infrastructure (multiple nodes) 11/9/09 17
18 Firewall Decreases the attack surface of physical and virtual servers Centralized management of server firewall policy Pre-defined templates for common enterprise server types Virtual machine isolation Fine-grained filtering IP & MAC addresses, Ports Coverage of all IP-based protocols TCP, UDP, ICMP, Coverage of all frame types (IP, ARP, ) Prevents Denial of Service (DoS) attacks Design policies per network interface Detection of reconnaissance scans 11/9/09 18
19 Deep Packet Inspection IDS/IPS Vulnerability rules: shield known vulnerabilities from unknown attacks Exploit rules: stop known attacks Smart rules: Zero-day protection from unknown exploits against an unknown vulnerability Microsoft Tuesday protection is delivered in synch with public vulnerability announcements. On the host/server (HIPS) Web Application Protection Enables compliance with PCI DSS 6.6 Shield vulnerabilities in custom web applications, until code fixes can be completed Shield legacy applications that cannot be fixed Prevent SQL injection, cross-site scripting (XSS) Application Control Detect suspicious inbound/outbound traffic such as allowed protocols over non-standard ports Restrict which applications are allowed network access Detect and block malicious software from network access 11/9/ 09 19
20 Integrity Monitoring Monitors files, systems and registry for changes Critical OS and application files (files, directories, registry keys and values, etc.) On-demand or scheduled detection Extensive file property checking, including attributes (PCI ) Monitor specific directories Flexible, practical monitoring through includes/excludes Auditable reports Useful for: Meeting PCI compliance Alerting on errors that could signal an attack Alerting on critical system changes 11/9/09 20
21 Log Inspection Getting visibility into important security events buried in log files Collects & analyzes operating system and application logs for security events. Rules optimize the identification of important security events buried in multiple log entries. Events are forwarded to a SIEM or centralized logging server for correlation, reporting and archiving. Useful for: Suspicious behavior detection Collection of security-related administrative actions Optimized collection of security events across your datacenter Advanced rule creation using OSSEC rule syntax 11/9/09 21
22 Security Center: Dedicated Team of Security Experts Track global vulnerabilities 100+ sources of information (public, private, govt): SANS, CERT, Bugtraq, VulnWatch, PacketStorm, and Securiteam Member of Microsoft Active Protections Program Respond to new vulnerabilities and threats Advisories & Security updates Six-step, rapid response process supported by automated tools On-going research to improve overall protection mechanisms 11/9/09 22
23 Virtualization & cloud computing create new security challenges Inter-VM attacks PCI Mobility Cloud Computing Hypervisor 11/9/09 23
24 Coordinated approach Virtual Appliance Firewall IDS/IPS/AV PCI 11/9/09 24
25 Deep Security Virtual Appliance Coordinated Security Approach Agent Agent Disappears (removed / reverted / to previous to snapshot) Virtual Appliance auto-protects VM Deep Security Virtual Appliance VMware vcenter VMware vsphere 4 25
26 Deep Security: Platforms protected Windows 2000 Windows XP, 2003 (32 & 64 bit) Vista (32 & 64 bit) Windows Server 2008 (32 & 64 bit) 8, 9, 10 on SPARC 10 on x86 (64 bit) Red Hat 3 Red Hat 4, 5 (32 & 64 bit) SuSE 9, 10 VMware ESX/ESXi Server (guest OS) VMware Server (host & guest OS) Integrity Monitoring & Log Inspection modules 11/9/09 HP-UX 11i v2 AIX
27 Certifications Common Criteria Evaluation Assurance Level 3 Augmented (EAL 3+) Achieved certification across more platforms (Windows, Solaris, Linux) than any other host-based intrusion prevention product. Higher certification than any other HIPS vendor Validated against US National Security Agency defined profile for IDS NSS Labs Third Brigade Deep Security is the first product to pass NSS Labs PCI Suitability testing for Host Intrusion Prevention Systems (HIPS). Across Windows, Solaris and Linux 27
28 Addresses PCI Requirements Key Deep Security features & capabilities Network segmentation Firewall Virtual patching Web application firewall File integrity monitoring IDS / IPS 28
29 Deep Security: Key benefits Shield vulnerabilities in web apps, enterprise apps OSs Detect & block suspicious activity Internal policies PCI & other requirements Detailed reports document prevented attacks & compliance status Prioritize secure coding efforts Manage unscheduled patching 29 Provides security necessary to realize virtualization savings Increased value from SIEM investments
30 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req. 1.0 Req Reduce audit scope with network segmentation - Install & Maintain a firewall configuration Req Install personal firewall software on any mobile and employee owned computers w/ direct connectivity to the Internet Req Develop configuration standards for addressing known security vulnerabilities
31 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req Ensure that all system components and software have the latest vendor supplied security patches installed. Install relevant security patches within one month of release.
32 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req Ensure that all web-facing applications are protected against known attacks by applying either of the following methods: a) Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security b) Installing an application layer firewall in front of web-facing applications
33 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req Limit access to computing resources and cardholder information only to those individuals whose job requires such access.
34 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req Secure audit trails so they cannot be altered Req Use File Integrity Monitoring and change detection software on logs to ensure existing log data cannot be changed without generating alerts Req Review logs for all system components at least daily Req Retain audit trail history for at least one year, w/ a minimum of three months online availability
35 Addressing PCI DSS Req 1-2 Req 3-4 Req 5-6 Req 7-9 Req Req 12 Build & maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Mgmt Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Req Use network intrusion detection systems, HIPS to monitor all network traffic and alert personnel to suspected compromises. Req Deploy file integrity monitoring software to alert personnel to unauthorized modifications of critical system or content files
36 Endpoints Datacenters Every network-connected host must be able to defend itself from attacks. Data Enterprise Protection To be the primary security agent on servers. 11/9/09 36
37 Questions? Thank you
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter
More informationSecuring Your Virtual World Harri Kaikkonen Channel Manager
Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc. Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000
More informationTrend Micro Deep Security
Trend Micro Deep Security Endpoint Security Similarities and Differences with Cisco CSA A Trend Micro White Paper May 2010 I. INTRODUCTION Your enterprise invested in Cisco Security Agent (CSA) because
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationAS Stallion. Security for Virtual Server Environments. Urmas Püss
AS Stallion 110311 Security for Virtual Server Environments Urmas Püss 1 Trend 1: Threat Evolution & Perimeter Porosity Trend 2: Challenges of Dynamic Datacenter Deep Security: Make Servers Self-Defending
More informationTrend Micro deep security 9.6
datasheet Trend Micro deep security 9.6 Comprehensive security platform for physical, virtual, and cloud servers Virtualization has already transformed the data center and now, organizations are moving
More informationWhy the cloud matters?
Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationSecuring the Modern Data Center with Trend Micro Deep Security
Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public
More informationCimTrak Product Brief. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred
DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationSecuring the Data Center against
Securing the Data Center against vulnerabilities & Data Protection Agenda Virtual Virtualization Technology How Virtualization affects the Datacenter Security Keys to a Secure Virtualized Deployment and
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More informationWHITE PAPER. PCI and PA DSS Compliance with LogRhythm
PCI and PA DSS Compliance with LogRhythm April 2011 PCI and PA DSS Compliance Assurance with LogRhythm The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationISO27001 Preparing your business with Snare
WHITEPAPER Complying with ISO27001 Preparing your business with Snare T he technical controls imposed by ISO (International Organisation for Standardization) Standard 27001 cover a wide range of security
More informationSecuring your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationSeqrite Endpoint Security
Enterprise Security Solutions by Quick Heal Integrated enterprise security and unified endpoint management console Enterprise Suite Edition Product Highlights Innovative endpoint security that prevents
More informationSymantec and VMWare why 1+1 makes 3
Symantec and VMWare why 1+1 makes 3 Finn Henningsen Principal Systems Engineer Peter Schjøtt Principal Systems Engineer Rasmus Rask Eilersen Principal Systems Engineer Symantec and VMWare 1 Tak til vores
More informationvshield Administration Guide
vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationPCI DSS v3.2 Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD PCI DSS
v3.2 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationSimple and Powerful Security for PCI DSS
Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them
More informationSecurity and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /
Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:
More informationPCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity
Kaspersky Enterprise Cybersecurity Kaspersky Endpoint Security v3.2 Mapping 3.2 regulates many technical security requirements and settings for systems operating with credit card data. Sub-points 1.4,
More informationKaspersky Security for Virtualization Frequently Asked Questions
Kaspersky Security for Virtualization Frequently Asked Questions 1. What is Kaspersky Security for Virtualization, and how does it work with vshield technology? Kaspersky Security for Virtualization for
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationNetwork Security Protection Alternatives for the Cloud
A Trend Micro White Paper May 2016 Network Security Protection Alternatives for the Cloud» A technical brief summarizing the deployment options that can be used to deploy IDS/IPS protection for cloud instances
More informationLOGmanager and PCI Data Security Standard v3.2 compliance
LOGmanager and PCI Data Security Standard v3.2 compliance Whitepaper how deploying LOGmanager helps to maintain PCI DSS regulation requirements Many organizations struggle to understand what and where
More informationHALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.
HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD Automated PCI compliance anytime, anywhere. THE PROBLEM Online commercial transactions will hit an estimated
More informationDatacenter Security: Protection Beyond OS LifeCycle
Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000
More informationSymantec Reference Architecture for Business Critical Virtualization
Symantec Reference Architecture for Business Critical Virtualization David Troutt Senior Principal Program Manager 11/6/2012 Symantec Reference Architecture 1 Mission Critical Applications Virtualization
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationSECURITY PRACTICES OVERVIEW
SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationAutomated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend
SAI3314BES Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend Micro #VMworld #SAI3314BES Automated Security
More informationCatbird V-Security : You Can t Protect What You Can t Detect
Catbird V-Security : You Can t Protect What You Can t Detect Tamar Newberger What is a Catbird? Sitting high in the forest canopy, the catbird views all its surroundings from an unequalled vantage point,
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationSecurity in a Virtualized Environment with TrendMicro
Security in a Virtualized Environment with TrendMicro Bob van der Werf Partner Systems Engineer Andre Noordam Trend Micro Agenda VMware vshield VMware VMSafe API TrendMicro solutions integration Smart
More informationAnnexure E Technical Bid Format
Annexure E Technical Bid Format ANTIVIRUS SOLUTION FOR MAIL SERVER SECURITY AND SERVER SECURITY FOR DESKTOP,LAPTOP Sr. No Description Compliance (Y/N) Remark 01 Must offer comprehensive client/server security
More informationCheck Point DDoS Protector Introduction
Check Point DDoS Protector Introduction Petr Kadrmas SE Eastern Europe pkadrmas@checkpoint.com Agenda 1 (D)DoS Trends 2 3 4 DDoS Protector Overview Protections in Details Summary 2 (D)DoS Attack Methods
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationEnsure Virtualization Security and Improve Business Productivity with Kaspersky
Ensure Virtualization Security and Improve Business Productivity with Kaspersky Kaspersky Security for Virtualization Agenda Virtualization Overview Kaspersky Virtualization Review New Virtualization Product
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationSymantec Endpoint Protection Family Feature Comparison
Symantec Endpoint Protection Family Feature Comparison SEP SBE SEP Cloud SEP Cloud SEP 14.2 Device Protection Laptop, Laptop Laptop, Tablet Laptop Tablet & & Smartphone Smartphone Meter Per Device Per
More informationDeep Security 9. A Server Security Platform for Physical, Virtual, Cloud. Territory Sales Manager SEE, Trend Micro. Copyright 2011 Trend Micro Inc.
Deep Security 9 A Server Security Platform for Physical, Virtual, Cloud Marko Djordjevic, Available Aug 30, 2011 Territory Sales Manager SEE, Trend Micro Deep Security 9 Exec Summary Market Trends Deep
More informationSAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012
SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating
More informationGoogle Cloud Platform: Customer Responsibility Matrix. December 2018
Google Cloud Platform: Customer Responsibility Matrix December 2018 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect
More informationQualys Cloud Platform
Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new
More information5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS
5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS INTRODUCTION The modern data center is rapidly evolving. Virtualization is paving the way to the private cloud, enabling applications
More informationFairWarning Mapping to PCI DSS 3.0, Requirement 10
FairWarning Mapping to PCI DSS 3.0, Requirement 10 Requirement 10: Track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities are
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationGoogle Cloud Platform: Customer Responsibility Matrix. April 2017
Google Cloud Platform: Customer Responsibility Matrix April 2017 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect Cardholder
More informationThe vsphere 6.0 Advantages Over Hyper- V
The Advantages Over Hyper- V The most trusted and complete virtualization platform SDDC Competitive Marketing 2015 Q2 VMware.com/go/PartnerCompete 2015 VMware Inc. All rights reserved. v3b The Most Trusted
More informationThe Evolution of Data Center Security, Risk and Compliance
#SymVisionEmea #SymVisionEmea The Evolution of Data Center Security, Risk and Compliance Taha Karim / Patrice Payen The Adoption Curve Virtualization is being stalled due to concerns around Security and
More informationIJSER. Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology
ISSN 2229-5518 321 Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology Abstract - Nowadays all are working with cloud Environment(cloud
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationThe Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec
The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product
More informationFuture-ready security for small and mid-size enterprises
First line of defense for your network Quick Heal Terminator (UTM) (Unified Threat Management Solution) Data Sheet Future-ready security for small and mid-size enterprises Quick Heal Terminator is a high-performance,
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationDaxko s PCI DSS Responsibilities
! Daxko s PCI DSS Responsibilities According to PCI DSS requirement 12.9, Daxko will maintain all applicable PCI DSS requirements to the extent the service prov ider handles, has access to, or otherwise
More informationTrend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationCloud Services. Introduction
Introduction adi Digital have developed a resilient, secure, flexible, high availability Software as a Service (SaaS) cloud platform. This Platform provides a simple to use, cost effective and convenient
More informationBest practices with Snare Enterprise Agents
Best practices with Snare Enterprise Agents Snare Solutions About this document The Payment Card Industry Data Security Standard (PCI/DSS) documentation provides guidance on a set of baseline security
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More informationForeScout Extended Module for Carbon Black
ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationMcAfee Network Security Platform 8.3
8.3.7.44-8.3.7.14 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known
More informationSecuring VMware NSX MAY 2014
Securing VMware NSX MAY 2014 Securing VMware NSX Table of Contents Executive Summary... 2 NSX Traffic [Control, Management, and Data]... 3 NSX Manager:... 5 NSX Controllers:... 8 NSX Edge Gateway:... 9
More informationIDS: Signature Detection
IDS: Signature Detection Idea: What is bad, is known What is not bad, is good Determines whether a sequence of instructions being executed is known to violate the site security policy Signatures: Descriptions
More informationPotpuna virtualizacija od servera do desktopa. Saša Hederić Senior Systems Engineer VMware Inc.
Potpuna virtualizacija od servera do desktopa Saša Hederić Senior Systems Engineer VMware Inc. VMware ESX: Even More Reliable than a Mainframe! 2 The Problem Where the IT Budget Goes 5% Infrastructure
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationNetwork Security: Firewall, VPN, IDS/IPS, SIEM
Security: Firewall, VPN, IDS/IPS, SIEM Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr What is a Firewall? A firewall is hardware, software, or a combination of both that is used to prevent unauthorized
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security
EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET3420BU Introducing VMware s Transformative Data Center Endpoint Security Solution Vijay Ganti Director, Product Management VMware Christopher Frenz Director of Infrastructure Interfaith Medical Center
More informationGLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications
GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationPCI DSS Requirements. and Netwrix Auditor Mapping. Toll-free:
PCI DSS Requirements and Netwrix Auditor Mapping www.netwrix.com Toll-free: 888-638-9749 About PCI DSS The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance
More informationSymantec Network Security 7100 Series
Symantec Network Security 7100 Series Proactive intrusion prevention device protects against known and unknown attacks to secure critical networks transition can be accomplished transparent to any network
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationMcAfee Cloud Workload Security Product Guide
Revision B McAfee Cloud Workload Security 5.1.0 Product Guide (McAfee epolicy Orchestrator) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection,
More informationMcAfee Public Cloud Server Security Suite
McAfee Public Cloud Server Security Suite Comprehensive security for AWS and Azure cloud workloads As enterprises shift their data center strategy to include and often lead with public cloud server instances,
More informationCoreMax Consulting s Cyber Security Roadmap
CoreMax Consulting s Cyber Security Roadmap What is a Cyber Security Roadmap? The CoreMax consulting cyber security unit has created a simple process to access the unique needs of each client and allows
More informationVMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Efficient, Agile and Extensible Software-Defined Networks and Security WHITE PAPER Overview Organizations worldwide have gained significant efficiency and
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Datasheet SIEM in a nutshell The variety of cyber-attacks is extraordinarily large. Phishing, DDoS attacks in combination with ransomware demanding bitcoins
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More information