Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Similar documents
RSA pro VMware. David Matějů. RSA, The Security Division of EMC

Copyright 2012 EMC Corporation. Todos os direitos reservados.

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Transform to Your Cloud

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

EMC FORUM NEW YORK 2010

Transforming IT: From Silos To Services

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Microsoft Security Management

Enterprise & Cloud Security

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

ForeScout CounterACT. Plugin. Configuration Guide. Version 2.1

Managing the Journey Through the Clouds

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

SYMANTEC DATA CENTER SECURITY

Copyright 2012 EMC Corporation. All rights reserved.

Copyright 2012 EMC Corporation. All rights reserved.

Vblock Architecture Accelerating Deployment of the Private Cloud

The Evolution of Data Center Security, Risk and Compliance

Forescout. Configuration Guide. Version 2.4

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

ACCELERATE THE JOURNEY TO YOUR CLOUD

VMware Hybrid Cloud Solution

ForeScout CounterACT. Configuration Guide. Version 1.1

RSA IT Security Risk Management

RSA Data Loss Prevention (DLP)

CounterACT VMware vsphere Plugin

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

ENTERPRISE-GRADE MANAGEMENT FOR OPENSTACK WITH RED HAT CLOUDFORMS

Virtual Desktop Infrastructure (VDI) Bassam Jbara

EMC FORUM Vic Bhagat. Executive Vice President & Chief Information Officer EMC Corporation

Traditional Security Solutions Have Reached Their Limit

Cisco Tetration Analytics

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Symantec Reference Architecture for Business Critical Virtualization

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

The Latest EMC s announcements

Getting Started with AWS Security

Copyright 2012 EMC Corporation. All rights reserved.

Security. Risk Management. Compliance.

Datacenter Security: Protection Beyond OS LifeCycle

Copyright 2010 EMC Corporation. All rights reserved.

Managing your Cloud with Confidence

Enabling Your Cloud with VMware. Rob Rowe Jason Kuipers

VMware vcenter Configuration Manager Administration Guide vcenter Configuration Manager 5.7

locuz.com SOC Services

Table of Contents HOL SLN

Securing Your Cloud Introduction Presentation

Table of Contents HOL-SDC-1315

Copyright 2011 Trend Micro Inc.

CipherCloud CASB+ Connector for ServiceNow

Changing face of endpoint security

RSA NetWitness Suite Respond in Minutes, Not Months

Proactive Approach to Cyber Security

Infoblox as Part of the Ecosystem

VMware Join the Virtual Revolution! Brian McNeil VMware National Partner Business Manager

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

CounterACT VMware vsphere Plugin

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

CAN MICROSOFT HELP MEET THE GDPR

Total Protection for Compliance: Unified IT Policy Auditing

Reinvent Your 2013 Security Management Strategy

Branch Office Desktop

Qualys Cloud Platform

The Road to a Secure, Compliant Cloud

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Copyright 2012 EMC Corporation. All rights reserved.

Table of Contents HOL-SDC-1415

Transforming Security Part 2: From the Device to the Data Center

Symantec and VMWare why 1+1 makes 3

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Vblock Infrastructure Packages: Accelerating Deployment of the Private Cloud

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Introduction to Virtualization

SIMPLIFY, AUTOMATE & TRANSFORM YOUR BUSINESS

Accenture Intelligent Infrastructure in Action with EMC Pivotal Enabling Access to High Volume Consumer Data

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

INTELLIGENCE DRIVEN GRC FOR SECURITY

VMware Virtualization and Cloud Management Solutions

CloudSOC and Security.cloud for Microsoft Office 365

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

EMC & VMWARE STRATEGIC FORUM NEW YORK MARCH Tom Heiser President, RSA. Tom Corn SVP & Chief Strategy Officer, RSA

Modern Database Architectures Demand Modern Data Security Measures

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

CSP 2017 Network Virtualisation and Security Scott McKinnon

Stopping Advanced Persistent Threats In Cloud and DataCenters

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

Securing the Data Center against

the SWIFT Customer Security

Transcription:

Trust in the Cloud Mike Foley RSA Virtualization Evangelist 2009/2010/2011 1 2010 VMware Inc. All rights reserved

Agenda How do you solve for Trust = Visibility + Control? What s needed to build a Trusted Cloud? RSA Solutions for Visibility and Control Getting started and continuing your journey to the Trusted Cloud 2

3

The New Layering of IT Presents New Challenges New End User Computing End User Access Transformation Application Transformation New Application Platform Infrastructure Transformation Private Hybrid Cloud Infrastructure Public 4

Virtualization Changes Security Dynamics Perimeter Based Information- Centric Bolted on Embedded Static / Reactive Adaptive & Risk-based 5

What s needed to build the Trusted Cloud? 6

How do I get to Cloud? It starts with a secure infrastructure! A secure foundation you can build on Get your Private Cloud in order before pushing out to the public cloud Work out your user experience locally Work out security best practices Only push out those workloads that have been properly vetted To get to a secure infrastructure Put in as much design effort as you put into storage and networks! Involved your security people at the beginning! This will help you understand What and how you can secure What and how you can monitor 7

a Road Block At the beginning of your journey to a Private or as you get closer to Cloud production it could become 8

9 RSA Solutions for Visibility + Control in Virtualized Environments

RSA envision Uncompromised visibility into VMware operations 10

Visibility and Monitoring: RSA envision Optimized for Complex VMware Environments Consolidated Security Event Log Management Collect logs from EVERYTHING Real-time Monitoring Correlated Alerting Incident Management Reporting and History 11

RSA envision: SIEM for VMware Collecting logs from VMware components VMware vshield VMware vcenter VMware ESX / ESXi VMware View Manager VMware vcloud Director VMware Collector for RSA envision leverages VMware API s via a single, secure connection to retrieve vcenter and ESX / ESXi logs Over 380 unique messages 19 normalized event categories RSA envision Can pull logs from multiple vcenter instances 12

Deep Visibility into VMware Infrastructure VMware vcloud Director VMware vshield Manager VMware View Manager Archer egrc RSA envision 13

Deep visibility into Vblock RSA envision monitors the entire Vblock stack from hardware all the way up to application level Verifies best practices Complements the RBAC security model Applications Virtual Machines Networking vsphere Comprehensive visibility into security events RSA envision Security incident management, compliance reporting UCS Storage 14

envision Dashboard - Monitoring Events in the Virtual Datacenter 15

Apply Patch to Production System - Before Production Datacenter HR Application Server VM PATCH Test Environment HR Application Server VM PATCH HR Database Server VM HR Database Server VM HRDB Name, SSN, DoB, etc HRDB Name, SSN, DoB, etc Is this an 1 Clone virtual environment A common way to apply patches is to try them out in a test environment 3 Apply sufficiently Patch protected 2 to Test production & Patch environment In a virtual world you can clone in the test system, environment? data and all authorized procedure? Is the test environment Who accessed the data This is difficult and time-consuming in a production controlled? environment, but very easy in a virtual environment Was the VM destroyed after it was used? 16

Apply Patch to Production System - After Production Datacenter HR Application Server VM PATCH Test Environment HR Application Server VM PATCH HR Database Server VM HR Database Server VM HR Database Name, SSN, DoB, etc HR Database Name, SSN, DoB, etc 3 Apply 1 Patch Clone 2 to Test virtual production Patch environment environment VM Cloned VM Cloned Patch Applied RSA envision logs administrative activity from vcenter. Example: VM being cloned RSA envision Virtual Patch Machine Applied deletion confirmed If this is out of policy Monitoring we of the can test alert environment a security ensures protection analyst of data 17

RSA Archer Governance, Risk and Control Management of your VMware environment 18

Enabling the Cycle of Governance, Control and Visibility RSA Securbook Discover VMware infrastructure Define security policy Over 100 VMware-specific controls added to Archer library, mapped to regulations/standards Manage security incidents that affect compliance Manual and automated configuration assessment RSA envision collects, analyzes and feeds security incidents from RSA, VMware and ecosystem products to inform Archer dashboards RSA Archer egrc Remediation of non-compliant controls Solution component automatically assesses VMware configuration and updates Archer 19

RSA Archer egrc for VMware Authoritative Sources PCI, HIPAA, SOX, CSA, VMware Hardening Guide, etc. 10.10.04 Administrator and Operator Logs CxO Control Standard Generalized security controls CS-179 Activity Logs system start/stop/config changes etc. Control Procedure Technology-specific control CP-108324 Persistent logging on ESXi Server VI Admin 20

Distribution and Tracking Control Security Admin Server Admin Project Manager Network Admin VI Admin 21

Securing the Journey to the Cloud IT Production Business Production IT-As-A-Service Lower Costs Improve Quality Of Service IT-AS-ASERVICE IT PRODUCTION Compliance Improve Agility % Virtualized Risk Driven Policies 70% 85% 95% 95% 30% IT and Security Operations Alignment 30% 15% Platinum Gold Gold 15% Percent Virtualize d Lower costs 22 Platinum Visibility into virtualization infrastructure privileged user monitoring access management network security Improve agility Secure multi-tenancy Verifiable chain of trust

RSA Solution for Cloud Security and Compliance Guided Remediation Automated Measurement Agent Device Discovery + Configuration Measurement RSA Archer egrc VMware-specific Controls alerts RSA envision 2 23

Use Case: Reducing Risk of VM Theft RISK Securing virtual infrastructure is often a check list of best practices. Hardening VMware environment is complex and difficult to verify. What can I do to limit the risk of VM theft from my datacenter? Need to take preventative steps that limit access to VM files, such as: Disable Datastore Browser Limit Storage User Access Limit use of service console Use least privileged role concept for system and data access 24

Use Case: Reducing Risk of VM Theft SOLUTION Archer has built in control procedures to check for VM file access and other best practices From a centralized console security and IT ops can easily see if controls enforce policy Solution identifies VMware devices, assesses configuration status, and informs responsible administrator envision monitors to ensure security events not disrupting compliance posture 25 Results: Security and compliance best practices directly aligned with regulations and company policies are implemented and verified

RSA and VMware View A solution for better security of desktops 26

How VMware View + RSA address better security? vshield protected network RSA SecurID Endpoint with NO sensitive data The endpoint is changing Mac iphone/ipad Android phones and tablets BYOC Virtual Desktop with access to sensitive data No USB or only secure USB allowed via RSA DLP Network access controlled via VMware vshield The process is fully logged by RSA envision Application with sensitive data 27

Visibility + Control for VMware View Validated with Vblock RSA DLP for protection of data in use VMware Infrastructure VMware View Manager RSA Archer Compliance Dashboard Clients RSA SecurID for remote authentication RSA envision log management for VMware vcenter & ESX(i) VMware View RSA SecurID RSA DLP Active Directory 28

Data Loss Prevention RSA and VMware working together to secure data in a private cloud 29

VMware vshield App: Built-in Data Classification via RSA DLP Powered by Content Aware Infrastructure Trust Zone - SOX Trust Zone - PCI Trust Zone - PII VMware vsphere 5 + vshield App with Data Security Classify files within VMs RSA DLP classification technology embedded into VMware vshield App with Data Security No agents or 3 rd party software Includes 80+ expert RSA policies out of the box Consistent classification across both physical and virtual environments 30

RSA DLP + VMware vshield Discovery of sensitive data at the virtualization layer RSA DLP VMware vshield Discover sensitive data Endpoint enforcement of policies at application Network enforcement of policies Scanning of SharePoint or Lotus Notes Fingerprint files and databases Custom content discovery 31

32 Best Practices

Protecting Your Management Consoles SSL VPN supporting Two-Factor Authentication Management LAN vcenter Server ESX Service Console RSA envision Server Management Consoles Network Switch Consoles Remote desktop into your Management LAN via VPN 33

I m overwhelmed, where do I start? 34

RSA Security Practice of EMC Consulting World Class Virtualization Information Security Expertise Best Practices Proven Methodologies Realm Strategy Design Implement Operate Scope Policy Compliance Metrics Planning Roadmap Deployment SOC Service Desk Incident Response Solution Components Security Assessment for Virtualized Environments Securely Managing Virtualization Best Practices & Safeguards Security for VDI Environments Specialty Areas 35 Security Strategy Private Cloud Security Virtual Desktop Security Policy Development

Thinking Ahead Some closing thoughts on the future of security and virtualization 36

More Effective Security In Virtualized Environments Today most security is enforced by the OS and application stack. This is: Ineffective Building Inconsistent in information security enforcement Complex in the infrastructure layer ensures: Consistency Simplified security management Much higher level of visibility into security operations APP OS vapp and VM layer APP OS APP OS APP OS Virtual and Cloud Infrastructure Physical Infrastructure 37

Leverage new tools and capabilities for better security Automation and orchestration to provide consistent, measurable tasks Tasks should be a foreach loop Example PowerShell: Foreach ($host in $vmhosts {do task}) Use VMware Orchestrator to limit general access to vcenter to just those functioned required to do a job This helps to focus on out of policy actions, bringing them to the forefront Leverage capabilities of RSA and VMware to provide a secure environment that provides value to the business 38

Looking to the future The ability to conclusively tag components of the virtual infrastructure, specifically virtual machines Leverage Hardware Root of Trust Richer information about events from the virtual infrastructure Mike changed the network settings is not good enough! What did Mike change? Not just alert, but take action Automated remediation Dealing with social engineering events Leverage the new layer of defense in depth to greater use 39

40

Thank You 谢谢您 http://rsa.com/rsavirtualization 41 2010 VMware Inc. All rights reserved

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback