Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend

Similar documents
Securing the Modern Data Center with Trend Micro Deep Security

Stopping Advanced Persistent Threats In Cloud and DataCenters

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Dynamic Datacenter Security Solidex, November 2009

Symantec Endpoint Protection Family Feature Comparison

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

McAfee Public Cloud Server Security Suite

DATA SHEET AlienVault USM Anywhere Powerful Threat Detection and Incident Response for All Your Critical Infrastructure

Commercial Product Matrix

Copyright 2011 Trend Micro Inc.

Trend Micro deep security 9.6

Datacenter Security: Protection Beyond OS LifeCycle

The threat landscape is constantly

McAfee Cloud Workload Security Product Guide

Qualys Cloud Platform

TRUE DATABASE VISIBILITY Meet your speakers Raymond Pe Sr Database Administrator Alliant Credit Union Ron Kozakowski Manager, Data Services Alliant Cr

VMware Hybrid Cloud Solution

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: V i r t u a l ization and Cloud C h a n g e s E ve r yt h i n g

How Security Policy Orchestration Extends to Hybrid Cloud Platforms

Microsoft Security Management

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

VMworld 2015 Track Names and Descriptions

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

The Evolution of Data Center Security, Risk and Compliance

Security in a Virtualized Environment with TrendMicro

Symantec and VMWare why 1+1 makes 3

McAfee Endpoint Security for Servers Product Guide. (McAfee epolicy Orchestrator)

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

SYMANTEC DATA CENTER SECURITY

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Development. Architecture QA. Operations

Automating Security Practices for the DevOps Revolution

Defend Against the Unknown

ForeScout CounterACT. Configuration Guide. Version 1.1

CLOUD WORKLOAD SECURITY

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

Cloud Workload Discovery 4.5.1

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Agenda Basecamp The Journey So Far Enhancements Into the Fear Zone Climbing The VM-Series Performance Peak New VM-Series Models and Licensing Best Pra

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified. Professionals Course Description

Seamless Security in the Age of Cloud Services: Securing SaaS Applications & Cloud Workloads

Pasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Kaspersky Managed Service Providers Program

AppDefense Cb Defense Configuration Guide. AppDefense Appendix Cb Defense Integration Configuration Guide

Ret h i n k i n g Security f o r V i r t u a l Envi r o n m e n t s

CREATING A CLOUD STRONGHOLD: Strategies and Methods to Manage and Secure Your Cloud

McAfee Endpoint Security for Servers Product Guide

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

Enterprise & Cloud Security

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

Survey Results: Virtual Insecurity

CONFIDENTLY INTEGRATE VMWARE CLOUD ON AWS WITH INTELLIGENT OPERATIONS

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Citrix Workspace Cloud

Client Health Key Features Datasheet. Client Health Key Features Datasheet

McAfee epolicy Orchestrator

CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers Martijn Baecke Patrick Daigle VMworld 2017 Content: Not fo

Expand Virtualization. Maintain Security.

VMworld 2015 Track Names and Descriptions

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Threat Landscape vs Threat Management. Thomas Ludvik Næss Country Manager

VMware Cloud on AWS Technical Deck VMware, Inc.

Securing the Software-Defined Data Center

RED HAT CLOUDFORMS. Chris Saunders Cloud Solutions

Qualys Cloud Platform

Securing Your Virtual World Harri Kaikkonen Channel Manager

VMworld 2017 Content: Not for publication #CNA1699BE CONFIDENTIAL 2

Table of Contents HOL-SDC-1415

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

McAfee Virtual Network Security Platform

the SWIFT Customer Security

Best Practices in Securing a Multicloud World

SECURITY AUTOMATION BEST PRACTICES. A Guide to Making Your Security Team Successful with Automation


Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

Deep Security 9. A Server Security Platform for Physical, Virtual, Cloud. Territory Sales Manager SEE, Trend Micro. Copyright 2011 Trend Micro Inc.

Why the cloud matters?

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

1V0-642.exam.30q.

Moving Beyond Prevention: Proactive Security with Integrity Monitoring

Securing Your Amazon Web Services Virtual Networks

Whitepaper. Endpoint Strategy: Debunking Myths about Isolation

Transcription:

SAI3314BES Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend Micro #VMworld #SAI3314BES

Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend Micro VMworld 2017 Also meet us on Wednesday 11am Hall 8.0, Room 25 for [SAI3316BES] Skip the Security Slow Lane With VMware on AWS Content: Not for publication

Agenda Who is Trend Micro? Automated security: From bolted on to part of the fabric The Business Case for Automated Virtual Patching Integration with vrealize Operations 3

Trend Micro 28 years focused on security software Headquartered in Japan, Tokyo Exchange Nikkei Index (4704) Annual sales over $1B US Customers include 45 of top 50 global corporations 5500+ employees in over 50 countries 500k commercial customers & 155M endpoints protected Consumers r Small Business Enterprise Midsize Business 4

Integrated security: From bolted on to part of the fabric 5

What s the problem with bolted on security? With the introduction of workload virtualization, we made a quantum leap in Operations. The same is happening with network virtualization. But in many cases, Security, remained stuck in the Dark Ages. In many cases, Security is still something that is manually applied afterwards. In today s real-time enterprise, the Operations team has to do more with less, every day. They create more new workloads than ever before. Manually adding the security controls, takes a lot of time and it is often postponed (and/or finally... forgotten ) We need to shift left security and integrate it in the automation. 6

You can t protect what you don t see Visibility Context Risk assessment VMworld 2017 Content: Not for Protect Maintain publication 7

Visibility Many Security Dashboards only show workloads which had been brought under the control of the Security Solution (and have a security agent installed on them) Can you still see the trees in the forest? How can you detect Shadow IT? distribu or 8

Can you see VMs that were created by the Operations team in vcenter, VCD, vcloud air, AWS, Azure, Active Directory?...automatically, without running a scan and even if those are not yet protected? 9

Can you still see the trees in the forest? Can you organize your VMs in a structure that makes sense from a Security perspective? And which is not imposed by the underlying Operations? 10

Context Visibility Context Risk assessment VMworld 2017 Content: Not for Protect Maintain publication 11

Security is all about context Can you tell if you are looking at a Web server or a Database server? Is it Internet facing or in the Datacenter? Is it a server of workstation VM? Is it a server with Marketing flyers or is it a Finance system? Is it a Windows server, some Linux server, a Docker Host, a SAP system... 12

Context 13

Estimate the Risk Visibility Context Risk assessment VMworld 2017 Content: Not for Protect Maintain publication 14

Estimate the Risk Which OS (/version/patch level/..) is this? Which applications are running on this system? Which OS vulnerabilities exist on this system? Which Application vulnerabilities exist on this system? Can you automate a scan for vulnerabilities? How would you know which policies to apply? 15

Some High Risk Vulnerabilities 16

17 1

Automatically apply the right security controls Risk assessment Visibility Context Protect VMworld 2017 Content: Not for Maintain publication 18

Event-based tasks to profile new systems 19

20

The Same Exploits... now Protected by Deep Security 21

22

Rich API set Rich API set to integrate with virtually any orchestration and automation tools and/or scripting language VMworld 2017 PowerShell Content: Not for publication 23

Multi-Layered security for the Hybrid Cloud Intrusion Prevention Network Security Firewall Vulnerability Scanning Stop network attacks, shield vulnerable applications & servers VMworld 2017 Application Control System Security Integrity Monitoring Lock down systems & detect suspicious activity Log Inspection Anti- Malware Malware Prevention Behavioral Analysis & Machine Learning Stop malware & targeted attacks Sandbox Analysis Content: Not for publication 24

Full, multi-layered security 8 layers of security: - Anti-Malware - Web Reputation - Firewall - Intrusion Prevention - Integrity Monitoring - Log Inspection - Application Control - Protection for SAP systems (NW-VSI) 25

Make sure the systems remain protected Risk assessment Visibility Context Protect Maintain VMworld 2017 Content: Not for publication 26

Protect against drift Integrity Monitoring Monitor sensitive files and sensitive registry keys for changes Application Control: Freezes the server and blocks new executables and scripts from running 27

Protect against the latest vulnerabilities: Scheduled Vulnerability Scans 28

Securing business transformation Deep Security 29

The Business Case For Automated Virtual Patching 30

Typical patch cycle without virtual patching Monthly Security Patching Half-yearly Full Patching 12 x patching /year 31

High-impact zero days require immediate attention VMworld 2017 Are we vulnerable? (risk?) Who can provide a patch? When can we have the patch? When can we test it? Who can test it (team?) Where can we test it? (test environment) Content: Not for publication When can we have a maintenance window to Patch and Reboot our servers? 32

Typical patch cycle with virtual patching Automated Ongoing Security Patching Half-yearly Full Patching 2 x patching /year 33

Win-Win: increases security + reduces cost 34

5 days after ShellShock: 766 attacks blocked (Customer example) 766 attacks blocked by Deep Security Automated Virtual Patching on Sept 30th, at a customer managing 100+ instances If Emergency (physical) Patching takes 5 days... 35

Integration with vrealize Operations 36

Isolated worlds... User call - VM slow to respond or Administrator receives a security alert Virtual Infrastructure Administrator Log Ticket Log Ticket Security Administrator Admin logs in to vrealize Operations Admin logs in to Deep Security Manager Attempt to vmotion Reboot the VM Recycle the VM Change rules to block specific ports Quarantine and scan Close Ticket Close Ticket Root Cause Analysis Root Cause Analysis 37

Single pane of glass For Trend Micro events and VMware events 38

Correlate vrops Events with Security Events VMworld 2017 Content: Not for publication 39

Customer References 40

Deep Security on VMware NSX See Customer Success Stories - Join Experience - Emirates NBD - Integra Networks - Telecom Italia - University of Pittsburgh Please visit: TrendMicro.com/customers "Deep Security extends the benefits of NSX micro-segmentation with security policies and capabilities that automatically follow virtual machines no matter where they go." 41

Summary 42

Ongoing Automated Holistic Protection Visibility Connectors and Smart Folders across physical, virtual, cloud and containers allows for clear line of site from one console Context Rich data on workload, eventbased tasks to profile new systems Risk assessment Recommendation scan for high risk vulnerabilities APIs Protect Eight layers of security and threat protection capabilities Maintain Automated virtual patching, Application Control and integration with vrealize Operations 43

Summary Hopefully this presentation has provided a few insights and practical examples on how to bring your Hybrid Cloud Security into the 21 st century. By automating and integrating security in the operations stack, you can greatly improve your security posture and reduce operational costs Do the same setup and demo yourself in the VMworld Hands on Labs LAB HOL-1841 VMworld 2017 Content: Not for publication

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback