CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Similar documents
Securing Your Virtual World Harri Kaikkonen Channel Manager

AS Stallion. Security for Virtual Server Environments. Urmas Püss

Dynamic Datacenter Security Solidex, November 2009

Ensure Virtualization Security and Improve Business Productivity with Kaspersky

Kaspersky Security for Virtualization Frequently Asked Questions

Securing the Data Center against

Securing the Modern Data Center with Trend Micro Deep Security

Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

Ret h i n k i n g Security f o r V i r t u a l Envi r o n m e n t s

IS B10 - Securing Your Virtual Data Centers: The Future of Endpoint and Server Security

Datacenter Security: Protection Beyond OS LifeCycle

Deep Security 9. A Server Security Platform for Physical, Virtual, Cloud. Territory Sales Manager SEE, Trend Micro. Copyright 2011 Trend Micro Inc.

Why the cloud matters?

SYMANTEC DATA CENTER SECURITY

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Symantec and VMWare why 1+1 makes 3

Deep Security 9.5 Supported Features by Platform

Stopping Advanced Persistent Threats In Cloud and DataCenters

Copyright 2011 Trend Micro Inc.

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Deep Security 9.5 Supported Features by Platform

Security in a Virtualized Environment with TrendMicro

Endpoint Security and Virtualization. Darren Niller Product Management Director May 2012

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Secure & Unified Identity

Symantec Endpoint Protection

Trend Micro deep security 9.6

Combating APTs with the Custom Defense Solution. Hans Liljedahl Peter Szendröi

Potpuna virtualizacija od servera do desktopa. Saša Hederić Senior Systems Engineer VMware Inc.

The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec

The vsphere 6.0 Advantages Over Hyper- V

VMware vsphere 4.0 The best platform for building cloud infrastructures

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Three Security Options That Can Jeopardize Your Virtual ROI

LIGHT AGENT OR AGENTLESS

AppDefense Cb Defense Configuration Guide. AppDefense Appendix Cb Defense Integration Configuration Guide

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

Network Virtualization Business Case

Expand Virtualization. Maintain Security.

Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Juniper Sky Advanced Threat Prevention

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Enterprise & Cloud Security

Managing IT Complexity Managing the Physical and Virtual world from a Single Console

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

1V0-642.exam.30q.

Symantec Reference Architecture for Business Critical Virtualization

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Securing the Software-Defined Data Center

Seqrite Endpoint Security

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

Network Security Protection Alternatives for the Cloud

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

AT&T Endpoint Security

McAfee Public Cloud Server Security Suite

MICRO-SEGMENTATION FOR CLOUD-SCALE SECURITY TECHNICAL WHITE PAPER

Catbird V-Security : You Can t Protect What You Can t Detect

The Software Defined Data Centre & vsphere 6.5 The foundation of the hybrid cloud Barry Coombs

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

The threat landscape is constantly

White Paper. Securing the virtual infrastructure without impacting performance

CSP 2017 Network Virtualisation and Security Scott McKinnon

THREAT PROTECTION FOR VIRTUAL SYSTEMS #ILTACON #ILTA156

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Secure Virtualization

Introducing Next Generation Symantec AntiVirus: Symantec Endpoint Protection. Bernard Laroche Endpoint security Product marketing

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Proactive Approach to Cyber Security

The impact of virtualization security on your VDI environment

Table of Contents HOL-PRT-1464

The Software Driven Datacenter

DOCUMENT* PRESENTED BY

ANATOMY OF AN ATTACK!

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

The McAfee MOVE Platform and Virtual Desktop Infrastructure

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Securing Your Most Sensitive Data

CS 356 Operating System Security. Fall 2013

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Trend Micro Deep Security

Directions in Data Centre Virtualization and Management

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

W11 Hyper-V security. Jesper Krogh.

Symantec Endpoint Protection 12

2013 InterWorks, Page 1

Rethinking Security: The Need For A Security Delivery Platform

MICRO-SEGMENTATION FOR CLOUD-SCALE SECURITY TECHNICAL WHITE PAPER

HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Transcription:

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro

The Changing Datacenter PHYSICAL VIRTUAL CLOUD By 2012, more than 40% of x86 architecture server loads in enterprises will be running in virtual machines (October 7, 2009)

The Benefits of Virtualisation Reduce IT Capital Expense by 50% Reduce Administration overhead Reduce IT operational expense Scalability & Business Agility Reduce Carbon Footprint Increase Flexibility

Challenges of Virtualization Security What analysts now say: The combination of more workloads being virtualized and workloads becoming more mobile creates a complex and dynamic environment that will be more difficult to secure. Neil MacDonald Gartner Group Addressing the Most Common Security Risks in Data Center Virtualization Projects January 2010

Virtualisation Creates Security Challenges Old Model Infrastructure security protects applications & servers New Model Virtual servers and apps move, change IPS needs reconfiguration so does firewall where is file OS? VM1 VM2 VM3 App1 App2 App3 App4 App1 OS1 App2 OS2 App3 OS3 OS HW OS HW OS HW OS HW Hypervisor VM4 App4 OS4

Perimeter defenses are not enough 1 Encrypted Attacks 1001110011100 2 Mobile Computers 3 Wireless Networks Unsuspecting 4 Users? 5 Insider Attacks

Exploits are happening before patches are developed # of days until vulnerability is first exploited, after patch is made available 28 days 18 days 10 days Microsoft today admitted it knew of the Internet Explorer flaw used in the attacks against Google and Adobe since September last year. -- ZDNet, January 21, 2010 Zero-day Zero-day 2003 MS- Blast 2004 Sasser 2005 Zotob 2006 2010 WMF IE zero-day

Where are you vulnerable? Takes days to months until patches are available and can be tested & deployed: Microsoft Tuesday Oracle Adobe Developers not available to fix vulnerabilities: No longer with company Working on other projects Patches are no longer being developed: Red Hat 3 -- Oct 2010 Windows 2000 -- Jul 2010 Solaris 8 -- Mar 2009 Oracle 10.1 -- Jan 2009 Can t be patched because of cost, regulations, SLA reasons: POS Kiosks Medical Devices

Outside-in or perimeter-only approach and rapid virtualisation have created less secure application environments

Where is Our Company Data? I can replace my device, but not my data I I have data in multiple places use company applications, but I put my data anywhere Information store 1 Laptop! INFECTED Company Data Information store 2: Mobile phone/pda! STOLEN Information store 3: Internet-based app Gmail, Peoplesoft! DOWN, HACKED

Data protection is the most strategic concern but data is mobile, distributed, and unprotected

VMs Need Specialised Protection Same threats in virtualised servers as physical Software Vulnerability Exploits Patch Management Web ApplicationThreats Policy & Compliance System & Data Integrity New challenges: 1. Dormant VMs 2. Resource contention 3. VM Sprawl 4. Inter-VM traffic 5. vmotion App App App OS OS OS Hypervisor

Problem 1: Dormant VMs are unprotected Dormant VMs includes VM templates and backups Cannot run scan agents yet still can get infected Outdated malware signatures

Problem 2: Resource Contention:Full System Scans Existing AV solutions are not VM-aware Simultaneous full malware scans on same host can cause severe performance degradation

Problem 3: Managing VM Sprawl Security weaknesses replicate quickly Security provisioning creates bottlenecks Lack of visibility into, or integration with, virtualization console increases management complexity

Problem 4: Inter-VM Traffic NIDS / NIPS blind to intra-vm traffic First-generation security VMs require intrusive vswitch changes Tradeoff between bottleneck or security?

Problem 5: VM Mobility vmotion & vcloud: Reconfiguration required: cumbersome VMs of different sensitivities on same server VMs in public clouds (IaaS) are unprotected

Vision for the New Datacenter Security Model The virtual host must protect itself Self-secured Application App FW, IPS, AV VM & Network Security Integration VM1 VM3 App1 OS1 App3 OS3 Hypervisor

Coordinated Protection with Agent and Security Virtual Appliance Deep Packet Inspection Firewall Antimalware Log Inspection Integrity Monitoring Virtual Appliance Hypervisor Agent adds additional protection not possible over hypervisor today VM integration makes agents virtualization-aware Useful for offline desktops, cloud, defense in depth

Leveraging New Security Paradigms App OS App OS App OS Virtual Appliance Firewall IDS / IPS Web app Anti-Virus ESX Server VMsafe & vshield Endpoint APIs Secures VMs from the outside, no changes to VM VMsafe enables traffic inspection at hypervisor layer vshield Endpoint enables agentless AV scanning Enables strong tamper-proofing from malware

Intrusion Defense with VMsafe Pass Stateful Firewall DPI Drop Pass Slowpath Driver Incoming/ Outgoing Packet Tap/Inline Micro Firewall (Blacklist & Bypass) Drop Fastpath Driver

The Promise of Agentless Anti-malware Agent BEFORE Agent Agent AFTER Virtual Appliance vsphere vshield Endpoint Significantly improved manageability - no agents to configure, update and patch Faster performance Freedom from AV Storms Stronger security Instant ON protection + tamper-proofing Higher consolidation levels Inefficient operations removed

REST Anti-malware over vshield Endpoint Security Virtual Appliance Anti-malware Product Console Anti-malware Scanning Module VM VM Guest VM Security Admin vshield Endpoint Library On Access Scans On Demand Scans EPsec Interface APPs APPs APPs OS OS OS Status Monitor Remediation Caching & Filtering Kernel Kernel Vshield Guest Driver BIOS BIOS VI Admin ESX 4.1 vsphere Platform vshield Endpoint ESX Module

The Host needs to defend itself! W

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback