Securing Your Virtual World Harri Kaikkonen Channel Manager

Similar documents
CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Why the cloud matters?

Dynamic Datacenter Security Solidex, November 2009

Mitigating Risks with Cloud Computing Dan Reis

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Copyright 2011 Trend Micro Inc.

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

Securing the Data Center against

AS Stallion. Security for Virtual Server Environments. Urmas Püss

Deep Security 9.6 SP1. Supported Features by Platform

VMware Hybrid Cloud Solution

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

Trend Micro deep security 9.6

Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008

Ensure Virtualization Security and Improve Business Productivity with Kaspersky

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Stop Cyber Threats With Adaptive Micro-Segmentation. Jeff Francis Regional Systems Engineer

CSP 2017 Network Virtualisation and Security Scott McKinnon

Deep Security 9.6 Supported Features by Platform

Security in a Virtualized Environment with TrendMicro

Trend Micro Deep Security

Network Virtualization Business Case

SYMANTEC DATA CENTER SECURITY

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

Deep Security 9.6 SP1 Supported Features by Platform

Datacenter Security: Protection Beyond OS LifeCycle

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Better Security with Virtual Machines

Stopping Advanced Persistent Threats In Cloud and DataCenters

Deep Security 9.5 SP1 Supported Features by Platform

Enterprise & Cloud Security

Kaspersky Security for Virtualization Frequently Asked Questions

Secure & Unified Identity

Deep Security 9.5 Supported Features by Platform

Ret h i n k i n g Security f o r V i r t u a l Envi r o n m e n t s

The Software Defined Data Centre & vsphere 6.5 The foundation of the hybrid cloud Barry Coombs

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

Cloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing

IS B10 - Securing Your Virtual Data Centers: The Future of Endpoint and Server Security

Juniper Sky Advanced Threat Prevention

Securing Your Cloud Introduction Presentation

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Network Security Protection Alternatives for the Cloud

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Security Readiness Assessment

AppDefense Cb Defense Configuration Guide. AppDefense Appendix Cb Defense Integration Configuration Guide

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Deep Security 9.5 Supported Features by Platform

Building a Smart Segmentation Strategy

Build your own Cloud on Christof Westhues

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

VMware ESX Server 3i. December 2007

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Integrating NComputing Virtual Desktops with Citrix and VMware. April 21, 2010

Changing The Conversation: Infrastructure as a Service

Open Hybrid Cloud & Red Hat Products Announcements

CLOUD COMPUTING. The Old Ways Are New Again. Jeff Rowland, Vice President, USAA IT/Security Audit Services. Public Information

Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend

Cisco Expo 2009 Bratislava. Chief Technology Officer VMware, Inc.

Potpuna virtualizacija od servera do desktopa. Saša Hederić Senior Systems Engineer VMware Inc.

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Transforming the Network for the Digital Business

Multi Packed Security Addressing Challenges in Cloud Computing

White Paper FUJITSU Storage ETERNUS DX S4/S3 series 512e HDDs: Technology, Performance and Configurations

Transform Your Business To An Open Hybrid Cloud Architecture. Presenter Name Title Date

Stop Cyber Threats With Adaptive Micro-Segmentation. Chris Westphal Head Of Product Marketing

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

On Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor

Symantec Reference Architecture for Business Critical Virtualization

The Three Data Challenges

The Evolution of Data Center Security, Risk and Compliance

Securing the Modern Data Center with Trend Micro Deep Security

VMware vsphere 4.0 The best platform for building cloud infrastructures

IM B36 Why You Should be Using NetBackup Bare Metal Restore (BMR) in Your DR Solution

Google on BeyondCorp: Empowering employees with security for the cloud era

HP Data Protector 7.0 Virtualization Support Matrix

Sichere Applikations- dienste

THREAT PROTECTION FOR VIRTUAL SYSTEMS #ILTACON #ILTA156

Dell EMC Forum. Martin Niemer 5.October VMware Inc. All rights reserved.

Citrix XenDesktop 2.0. Michael Schmidt Country Manager Switzerland Citrix Systems International GmbH

PCI DSS Compliance. White Paper Parallels Remote Application Server

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Manual Ftp Windows Server 2008 R2 Enterprise Virtual Edition

InstallAnywhere: Requirements

Lecture 09: VMs and VCS head in the clouds

Enterprise Cloud Computing. Eddie Toh Platform Marketing Manager, APAC Data Centre Group Cisco Summit 2010, Kuala Lumpur

12/5/2013. work-life blur. more mobile. digital generation. multiple devices. tech. fast savvy

Security in Cloud Environments

FAIM 14. Cloud Computing. Paul Rad Rackspace, Inc. VP Technology

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

7 Things ISVs Must Know About Virtualization

1 Quantum Corporation 1

ADC im Cloud - Zeitalter

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Virtualization Overview

Transcription:

Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc.

Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000 Physical Logical 4,000,000 2,000,000 0 2005 2006 2007 2008 2009 2010 2011 2012 3/16/2010 Copyright 2009 Trend Micro Inc. 2 Source: IDC 2009

Agenda The Challenge of Virtual Security The Host Defends Itself Data is Secure and Controlled in the Public Cloud Securing the Computing Chain 3/16/2010 Copyright 2009 Trend Micro Inc. 3

The Benefits of Virtualisation Reduce IT Capital Expense by 50% Reduce Administration overhead Reduce IT operational expense And more Reduce Carbon Footprint Increase Flexibility Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 4

Virtualisation Creates Security Challenges Old Model Infrastructure security protects applications & servers New Model Virtual servers and apps move, change IPS needs reconfiguration so does firewall where is file OS?!!!!!!!!! VM1 VM2 VM3 App1 OS App2 OS App3 OS App4 OS App1 OS1 App2 OS2! App3 OS3 HW HW HW HW Hypervisor VM4 App4 OS4! Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 5

Problem 1 Outside-in or perimeter-only approach and rapid virtualisation have created less secure application environments Copyright 2009 Trend Micro Inc.

Where is Our Company Data? I can replace my device, but not my data I have data in multiple places I use company applications, but I put my data anywhere Information store 1 Laptop! INFECTED Company Data Information store 2: Mobile phone/pda! STOLEN Information store 3: Internet-based app Gmail, Peoplesoft! DOWN, HACKED Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 7

Problem 2 Data protection is the most strategic concern but data is mobile, distributed, and unprotected Copyright 2009 Trend Micro Inc.

Solution: The Host Defends Itself Copyright 2009 Trend Micro Inc.

Private Virtualized Datacenter Internet Firewall, IPS & Perimeter Security Shared Storage Virtual Servers Copyright 2009 Trend Micro Inc. Classification 3/16/2010 10

VMs Need Specialized Protection Same threats in virtualized servers as physical. 1 New Challenges Dormant VMs 2 Resource contention 3 VM Sprawl 4 Inter-VM traffic 5 vmotion Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 11

Vision for the New Datacenter Security Model The virtual host must protect itself Self-secured Application App FW, IPS, AV! VM & Network Security Integration!! VM1 VM3! App1 App3!! OS1 OS3 Hypervisor Copyright 2009 Trend Micro Inc.

Virtualisation Security Advances Protect the VM by inspection of virtual components Virtual Appliance Unprecedented security for the app & data inside the VM Complete integration with, and awareness of, vmotion,storage VMotion, HA, etc Copyright 2009 Trend Micro Inc. 13

Solution: Data is Secure and Controlled in the Public Cloud Copyright 2009 Trend Micro Inc.

Who Has Control? Servers Private Cloud (Virtualization) Public Cloud IaaS Public Cloud PaaS Public Cloud SaaS End-User (Enterprise) Service Provider Copyright 2009 Trend Micro Inc. 15

Copyright 2009 Trend Micro Inc. 16 The cloud user has accountability for security and needs to plan for security.

Public Cloud Multiple customers on one physical server potential for attacks via the hypervisor Shared network inside the firewall Internet Firewall, IPS & Perimeter Security Shared Storage Shared firewall Lowest common denominator less fine grained control Easily copied machine images who else has your server? Virtual Servers Shared storage is customer segmentation secure against attack? Copyright 2009 Trend Micro Inc. Classification 3/16/2010 17

Breadcrumbs Leaving a trail behind Your data left on cloud storage devices after you leave Is it really deleted or just the link to you cut Can you ever be really sure? How do you erase the cloud? Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 18

Enterprise Solution Public Cloud Data Protection Enterprise Manages Directly Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 19

So what does this mean? Public Cloud offers key benefits! But also high risk To benefit fully from this new opportunity we need a new generation of security products designed for the cloud Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 20

Public Cloud Private Security Shared network inside the firewall Doesn t matter treat the LAN as public Multiple customers on one physical server potential for attacks via the hypervisor Doesn t matter the edge of my virtual is firewalled Internet Firewall, IPS & Perimeter Security Shared Storage Shared firewall Lowest common denominator less fine grained control Doesn t matter treat the LAN as public Easily copied machine images who else has your server? Doesn t matter They can start my server but only I can unlock my data Virtual Servers Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 21 Shared storage is customer segmentation secure against attack? Doesn t matter My data is encrypted (no breadcrumbs)

A New Approach Copyright 2009 Trend Micro Inc.

A New Model for Security Securing the Computing Chain All environments should be considered un-trusted Users access app Host defends itself from attack Image ensures data is always encrypted and managed Encryption keys only controlled by you Encrypted Data Data Data DC1, LAN 1 Cloud 1, LAN 2 When this whole chain is secure Cloud, LAN 1 DC2, LAN 2 Components can move Service provider lock goes away Shared storage ROI goes up Location doesn t matter Virtual neighbours don t matter Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 24

Recommendations 1 Reconsider your Security Architecture Consider your existing investments and re-align 2 Enforce Policies on VM Provisioning Prevent VM sprawl 3 Make Security a Virtualisation Enabler Classification 3/16/2010 Copyright 2009 Trend Micro Inc. 25

Available from Trend TODAY Trend Micro Core Protection for VMs Anti-malware protection for VMware virtual environments OCT 2009 Trend Micro Deep Security 6 Trend Micro Deep Security 7 26 Firewall, IDS/IPS, Integrity Monitoring & Log Inspection Runs in VMs with vcenter integration Virtual Appliance complements agent-based protection Copyright 2009 Trend Micro Inc.

Deep Security: Platforms protected Windows 2000 Windows XP, 2003 (32 & 64 bit) Vista (32 & 64 bit) Windows Server 2008 (32 & 64 bit) HyperV (Guest VM) 8, 9, 10 on SPARC 10 on x86 (64 bit) Solaris 10 partitions Red Hat 3 Red Hat 4, 5 (32 & 64 bit) SuSE 9, 10 VMware ESX Server (Guest VM) Virtual Center integration XenServer Guest VM Integrity Monitoring & Log Inspection modules HP-UX 11i v2 AIX 5.3 3/16/2010 Copyright 2009 Trend Micro Inc. 27 27

Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback