Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

Size: px
Start display at page:

Download "Protecting Virtual Endpoints with McAfee Server Security Suite Essentials"

Transcription

1 Sponsored by McAfee Protecting Virtual Endpoints with McAfee Server Security Suite Essentials December 2013 A SANS Analyst Whitepaper Written by Dave Shackleford Capability Sets for Virtualization Security Page 2 Discovery Page 3 Protection Page 7 Conclusion: Putting the Pieces Together PAGE SANS Institute

2 Introduction More and more organizations have adopted system virtualization technology in the past several years. As of Q4 2013, estimates indicate that 50 to 60 percent of large enterprises are using virtualization. 1 Many organizations are implementing private and hybrid cloud architectures and building or leveraging a private cloud or currently using Infrastructure-as-a-Service (IaaS) offerings from a number of cloud service providers. Because their operations increasingly take place in virtual data centers, many businesses have discovered that traditional security controls have not kept pace with the rapid technology changes associated with virtualization and private/hybrid cloud deployments. Such a gap can easily lead to system and data exposure in virtual machines, excessive consumption of resources within the virtual environment due to lack of optimization and integration with virtualization platforms, and a lack of flexibility in monitoring and reporting on the state of virtual assets, including security controls and policies. The inherent multitenant nature of these systems, especially in the public cloud, is another obvious area of risk for organizations deploying virtualization platforms. Multitenancy creates the possibility that multiple systems, owned and maintained by different business units or even different companies end up sharing physical infrastructure. Virtualization makes it easy to (sometimes unknowingly) mix applications and data in ways that would have never happened in the purely physical data center. For example, many organizations unknowingly run sensitive or compliance-related applications on the same hypervisor and thus, the same physical host as less sensitive applications, potentially exposing the sensitive data to intermingling or leakage through access by less sensitive systems or other resources. Virtual machines (VMs) that are meant to be PCI DSS-compliant could share a virtual network with systems that are less sensitive in nature, their combined traffic may be hosted on the same hypervisor, or the files making up the VMs may be stored in the same location. Security teams have struggled with this problem for some time internally, and the problem is only compounded when trying to ascertain the trust status of a cloud provider s systems. SANS had the opportunity to review several elements of McAfee s Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments. The new McAfee products tackle these problems admirably. Hypervisor validation is easily configured and maintained with Intel s latest development in hardware-based boot attestation services, and both the agent-based and agentless variations of MOVE AntiVirus can significantly streamline deployment and reduce system overhead. 1 SANS Analyst Program 1 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

3 Capability Sets for Virtualization Security McAfee s focus on data center security involves three major categories of capability sets for their products: 1. Discovery. Inventory and analysis of systems and applications, a critical starting point for inventorying and managing systems and applications. 2. Protection. Creating trust and security policies, evaluating systems and applications and providing protection from malicious code and other attacks. 3. Expansion. Enabling fluid and secure growth into private and public cloud infrastructures without sacrificing security controls and capabilities. For example, with the addition of VMware and Amazon data center connectors, McAfee is creating a powerful integration strategy for security in the cloud. Although numerous products within the McAfee portfolio follow this strategy, the focus of the SANS review was on integration with and protection of virtual infrastructure. The products and capabilities reviewed include: McAfee epolicy Orchestrator McAfee MOVE AntiVirus 3.0 McAfee Boot Attestation Service 3.0 The goal of the review was to validate that specific functions are available and working in the versions evaluated. SANS Analyst Program 2 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

4 Discovery As both internal and external cloud provisioning becomes commonplace, enterprises are shifting their concerns to knowing where workloads are located and how they are running. Visibility and system inventory have become more difficult, with the dynamic movement of virtual systems among hosts and datacenters and into public cloud infrastructure. 2 For this reason, inventory discovery and system monitoring are more important than ever, not only to IT departments, but to the organization as a whole. In McAfee s new version of the Server Security suite, the McAfee Server Security Suite Essentials, the key to central monitoring and management of the operating inventory including virtual workloads is epolicy Orchestrator (epo). Several new features have been added to the suite to facilitate discovery, monitoring and management in both internal and external cloud environments: McAfee Server Server Security Suite Essentials can be integrated into virtual and cloud environments to automatically discover all VMware and Amazon Web Services (AWS) virtual machines; epo will then display the relationships among hosts, virtual machines and virtual appliances. New Data Center Connector for vsphere allows enterprises to import all virtual machine workloads from VMware s vcenter into epo (including unprotected VMs), providing visibility beyond just those workloads protected by McAfee. A Data Center Connector for Amazon AWS provides expanded visibility into Amazon s cloud services, including the EC2 and S3 platforms. The Data Center Connector for vsphere is simple to set up; with account credentials and IP address (or DNS name) information for a VMware vcenter Server (the VMware management platform), epo can connect to vcenter over a standard HTTPS channel and begin enumerating VM workloads that are known to the vcenter system. The Data Center Connector for vsphere is shown in Figure 1. Figure 1. vcenter Connector Details 2 For the sake of clarity, we use the term host to refer to the combination of hypervisor and physical hardware; we use the terms physical host and hypervisor when a distinction between hardware and software needs to be made. SANS Analyst Program 3 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

5 Discovery (CONTINUED) Upon being successfully linked to a VMware virtualization infrastructure (or AWS account), epo recognizes the connection as a registered cloud account, as shown in Figure 2. Figure 2. Registered vcenter Cloud Account Once the vcenter connection has been created, epo will display a list of hosts and VMs known to the vsphere environment. These VMs also display their relationship to particular hosts, which can help security teams evaluate the placement and current state of workloads. Figure 3 illustrates the epo console showing hosts and VMs added from vcenter. Figure 3. Hosts and VMs from vcenter in epo SANS Analyst Program 4 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

6 Discovery (CONTINUED) A new Data Center epo dashboard debuts in this version that includes, in particular, dashboard elements that show all defined data centers known to epo; the integration and installation of MOVE AntiVirus (also known as MOVE AV), both agent-based and agentless, across VMs and cloud systems; as well as the trust attestation status for hypervisors. Additional dashboard elements display the status of McAfee s file integrity monitoring, host firewall and application control tools to provide a complete picture of host-based security controls in the virtual and physical environments. The epo console is shown in Figure 4. Figure 4. McAfee Data Center Server Security epo Dashboard It is easy to drill down into the different dashboard elements. For example, the chart shown in Figure 5 shows the antimalware status for systems within the system. Figure 5. Antimalware Status for Known Systems SANS Analyst Program 5 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

7 Discovery (CONTINUED) By clicking on the blue unprotected area of the chart, security administrators can easily list the specific systems that are currently unprotected, as shown in Figure 6. Figure 6. Drill-down Dashboard Showing Unprotected VMs These types of charts and dashboard elements provide a broad and configurable monitoring perspective within the entire data center, so administrators can see a variety of different aspects of the environment s security posture all at once. SANS Analyst Program 6 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

8 Protection The most critical element of the McAfee Server Security Suite Essentials, of course, is the protection capabilities for data center systems; and McAfee s endpoint security tools in the MOVE (Management for Optimized Virtual Environments) family do so admirably. MOVE AV optimizes the malware-processing capabilities of McAfee VirusScan in an effort to deliver improved performance and resource utilization for virtualized environments. There are three deployment options available Agent, Agentless, or both Agent and Agentless to meet a variety of needs. The tools include the following components: Agentless Deployment MOVE AntiVirus SVA (Security Virtual Appliance). The SVA provides offloaded scanning of virtual systems, minimizing the performance impact on them. McAfee Agent (MA). On the SVA, this agent handles policy, task and event communication between the MOVE SVA and epo. McAfee MOVE AntiVirus epolicy Orchestrator extension. This provides policies and controls for configuring McAfee MOVE AV through epo. VMware VMtools vshield Endpoint driver. This enables virtual desktops and servers to offload file scanning to the SVA communicating over the ESXi hypervisor. Multiplatform Deployment McAfee Offload Scan Server(s). These are Windows 2008 Server platforms that handle scanning for MOVE AV multi-platform agents. MOVE AntiVirus Client for Windows. This enables virtual desktops and servers to offload file scanning to the Offload Scan Server(s) communicating over the virtual network. McAfee Agent (MA). This handles policy, task and event communication between the MOVE AV client and epo. McAfee MOVE AntiVirus epolicy Orchestrator extension. This provides policies and controls for configuring McAfee MOVE AV through epo. SANS Analyst Program 7 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

9 Protection (CONTINUED) Deployment Options For public and hybrid cloud deployments, the multiplatform deployment option makes sense, because the SVA does not need to reside on the same hypervisor as the VMs being protected. With this model, virtual machines are protected from malware as follows: As VMs access files, a hash value or fingerprint of those files is created and compared to a local cache/ whitelist. If the file fingerprint is not in the local cache, the fingerprint is sent to the SVA for scanning. If the MOVE global cache does not recognize the fingerprint, the file itself is moved to the Offload Scan Server for assessment. The file is analyzed and also compared to available information from McAfee s Global Threat Intelligence (GTI) service. If the file is malicious, MOVE AV quarantines it, deletes it or restricts access, depending on policy for the individual VM. If the file clears these checks, its fingerprint is added to the local and global cache and access is granted. On future access (by the same or different endpoints), the local (guest system) or global (SVA) cache will be consulted, to confirm whether access is permitted or denied. The agentless deployment option is designed to integrate with VMware vshield Endpoint and addresses the challenges of protecting the virtual environment and keeping it free of malware without the need for a resource-intensive agent, resulting in easier deployment and configuration. For agentless deployment, the SVA must be on the same hypervisor as the protected endpoints, which makes this more ideally suited for private cloud scenarios with more control over hypervisor and VM placement. Agentless deployment requires all protected VMs to have VMware Tools installed; the MOVE system utilizes the vshield Endpoint driver feature in VMware Tools to intercept files bound for the VM s file system. When files are analyzed in agentless deployment scenarios, the file handle is sent to the SVA first to check the global cache, and if needed, the SVA will scan the file while it s still at the individual VM endpoint because the SVA has access to shared storage. The file is then quarantined, deleted, restricted or approved, in the same manner as the MOVE deployment, and the local and global signature caches are both updated accordingly. Setting up antimalware and operational policies for the MOVE multiplatform or agentless deployment within epo is very simple. SANS Analyst Program 8 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

10 Protection (CONTINUED) Multiplatform Configuration We configured the multiplatform deployment of MOVE AV with ease, as follows. First, we established the general settings to point our clients to a set of McAfee Offload Scan Servers; we also enabled the malware file cache settings, as shown in Figure 7. Figure 7. General Settings for Multiplatform Deployment Setting up the types of files to scan, when scanning occurs, and specific exclusions was also easy. We opened the Scan Items tab, as shown in Figure 8, and made our selections. Figure 8. Scan Options SANS Analyst Program 9 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

11 Protection (CONTINUED) In this scenario, files are scanned when reading and writing to disk, as well as when they re opened for backup. All files are scanned, and only McAfee components are excluded currently. The Alerts tab enables you to configure where you want to send alerts from the MOVE AV agent, as shown in Figure 9; the defaults are selected, sending alerts to epo and the Offload Scan Server Windows Event Log. Figure 9. Alert Options The Actions tab allows administrators to select the desired primary and secondary actions that MOVE AV takes when malware is detected. Options include deleting files or denying access to files, as shown in Figure 10. Figure 10. Malware Detection Actions Finally, if files should be quarantined when malware is detected, setting parameters including location and duration before deletion is performed on the Quarantine tab (the default quarantine location is the Offload Scan Server s C:\ drive in the Quarantine directory), shown in Figure 11. Figure 11. Quarantine Settings SANS Analyst Program 10 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

12 Protection (CONTINUED) Offload Scan Server Settings The Offload Scan Server (OSS) is critical to the proper operation of a multiplatform deployment of MOVE AV. Setting up the protection parameters for the OSS is also simple within epo. The General tab (not shown) enables you to configure the OSS cache, the number of concurrent scans and the number and size of log files. The Scan Settings tab enables you to configure scanning for unwanted programs (e.g., spyware and adware), as well as enforce scans for archives and MIME-encoded files. (Enabling these last two is usually not recommended, as they can degrade performance.) You can also set the sensitivity level of McAfee GTI here, as shown in Figure 12; the default is Medium. Figure 12. Offload Scan Server Scan Settings The Alerts tab is similar to MOVE AV s Alert tab, where you can choose to send malware alerts to the local Windows Event Log and epo. Finally, the On-Demand Scan tab enables you to configure whether scans can be started on demand and how many scans can be run at a time. The On-Demand Scan Time Window grid enables granular selection of days and times when scans are allowed to start. Configuration: Agentless The MOVE AV Agentless product scan operations are configured entirely within the Security Virtual Appliance (SVA). In order for MOVE AV to function in the agentless scenario, VMs must have VMware Tools installed to leverage the vshield Endpoint driver, which, in turn, communicates with the SVA on each host. SANS Analyst Program 11 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

13 Protection (CONTINUED) The first setting to configure is the SVA Authentication tab, enabling communication with vcenter Server or a host. Figure 13 shows a typical configuration, using HTTPS over TCP port 443, where the administrator or root credentials are provided. Figure 13. SVA Authentication The next step is to configure the Scan Settings tab. The settings on this tab are very similar to those described for the OSS cache settings, on-demand scanning, scan times permitted with the addition of a checkbox labeled VM-based scan configuration. This setting enables admins to add, modify and assign scan policies to individual VMs, groups or resource pools protected by the SVA. Figure 14 illustrates the Scan Settings tab options. Figure 14. SVA Scan Settings SANS Analyst Program 12 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

14 Protection (CONTINUED) Finally, the SVA Quarantine settings tab controls the quarantining of files when malware is detected in them. Unlike the OSS, the SVA quarantines files to a designated network share. Users must enter credentials in the form of a username and password to allow SVA to access the share, as shown in Figure 15. Figure 15. SVA Quarantine Settings The scan policies for antimalware protection in the agentless deployment are relatively straightforward to configure. The General settings, shown in Figure 16, control MOVE AV s On-Access and On-Demand scanning for VMs. Figure 16. Agentless Scanning The majority of the scan policy settings for MOVE AV in an agentless setup are configured in the Scan Items tab. Here, we can set up on-access scans when files are opened and/or closed, designate certain file types to scan, scan compressed and/or MIME-encoded files (again, not usually recommended) and choose McAfee GTI sensitivity levels. SANS Analyst Program 13 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

15 Protection (CONTINUED) McAfee antimalware heuristics, which look for behavioral patterns of files that may indicate malware, can also be enabled. The unwanted programs detection options are more granular here, enabling admins to select specific categories and types of programs that should be detected and handled under the policy. These are shown in Figure 17. Figure 17. MOVE AV Agentless Scan Policy In an agentless deployment, exclusions are similar to those for MOVE AV s multiplatform mode; they allow for wildcards to be specified, but require the entire directory path. You can specify applicable actions on malware detection for both on-access and on-demand scans, and you can enable quarantining as well (the default is Disabled). SANS Analyst Program 14 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

16 Protection (CONTINUED) We determined that the McAfee MOVE AV virtualizationaware product, both agent-based and agentless, appears to perform as indicated in limited, nonperformance testing. Hypervisor statistics at normal loads did not indicate unwanted overhead due to antimalware processing. EICAR test files nonmalicious files used to validate that signaturebased scanning is functioning properly were used to validate antimalware scanning and detection, and we successfully demonstrated the results within epo, as shown in Figure 18. When quarantining is enabled in an agentless deployment and MOVE AV deletes a malware file, a.vmq file is created that contains an obfuscated version of the malware file s contents. The.vmq file also has a header with associated metadata used to identify the malware sample s VM of origin, its original path on that VM, its MD5 and other properties. The.vmq file is a temporary backup of the original malware sample and will be deleted automatically once it is 28 days old. Figure 18. MOVE Malware Detection in epo SANS Analyst Program 15 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

17 Protection (CONTINUED) Boot Attestation Service The last piece of the McAfee Server Server Security Suite Essentials that we reviewed was the Boot Attestation Service, which McAfee developed in conjunction with Intel, which ensures that the hypervisor image booted is the expected one. Suitable physical hosts have a chipset containing the Intel Trusted Execution Technology (TXT) functionality. Administrators boot up a machine with a gold image in a clean-room environment and extract and save the values of the registers computed by TXT (This is called a Known Good Machine KGM). Other similar hosts in the data center are associated with this KGM. When each of them boots up, their TXT register values are compared against those of the KGM. If they match, it is a trusted boot; if not, it is untrusted. To set up Boot Attestation, you need to download a Linux-based Boot Attestation Server as an Open Virtualization Format (OVF) virtual appliance and then configure it to communicate with epo. After that, you can configure simple policies, based on each host s hardware, on the Boot Attestation Server, that allow an individual host to be configured as trusted or not. A new column (VMM Trust State) appears in the hypervisor listing within epo s system tree, as shown in Figure 19. Figure 19. VMM Trust State Column in epo SANS Analyst Program 16 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

18 Protection (CONTINUED) In addition, a new epo Dashboard chart (Boot Attestation Status) can be displayed that shows the total number of trusted and untrusted hosts (see Figure 20). Figure 20. Boot Attestation Status Graph in epo More extensive analysis of Boot Attestation settings and policies was not performed, but the fundamental product and capabilities seem to function as designed. SANS Analyst Program 17 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

19 Conclusion: Putting the Pieces Together Overall, McAfee has taken a number of progressive steps in adapting its technology for virtual and cloud environments, and the Server Security Suite Essentials reflects this. The MOVE AV product was easy to set up and configure, and it integrated well with VMware vsphere virtual environments. MOVE AV will be particularly attractive to organizations looking to put an end to AV storms caused by excessive overhead processing and resource utilization on VMs; by leading to dynamic migration of guest systems, such storms can destabilize an data center environment. In addition, the use of Intel TXT technology in the chipsets of the physical hosts adds an entirely new dimension to building a trusted multitenant cloud infrastructure, whether public or private. By controlling which VMs can run on which hosts, organizations can now gain an entirely new set of controls by which to manage their overall system and data security posture. As mainstream cloud providers move to embrace this technology and provide APIs and native monitoring capabilities for TXT protection, the security and auditability of public cloud environments may improve dramatically. Overall, we found the products in the new McAfee Server Security Suite Essentials to work well, and they were easy to set up and configure. Because new virtual appliances are required, it s important to properly plan for the additional overhead they ll represent in the virtual data center, but some of this is likely offset by the reduction in overhead across VMs due to minimal antimalware and security processing. When more cloud provider connectors are available, and cloud providers support TXT attestation, this set of security solutions could easily facilitate a significant increase in overall cloud security in the areas of visibility and host and data protection. SANS Analyst Program 18 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

20 About the Author Dave Shackleford is the founder and principal consultant with Voodoo Security, a SANS analyst, instructor and course author, and a GIAC technical director. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. He is a VMware vexpert and has extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft and CTO for the Center for Internet Security. Dave is the author of the Sybex book Virtualization Security. Recently, Dave co-authored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance. SANS would like to thank its sponsor: SANS Analyst Program 19 Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

McAfee MOVE AntiVirus (Agentless) 3.6.0

McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide McAfee MOVE AntiVirus (Agentless) 3.6.0 For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

McAfee MOVE / VMware Collaboration Best Practices

McAfee MOVE / VMware Collaboration Best Practices McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...

More information

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0 Product Guide McAfee MOVE AntiVirus Multi-Platform 3.5.0 For use with epolicy Orchestrator 4.6.7, 4.6.8, 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

McAfee MOVE AntiVirus 3.6.0

McAfee MOVE AntiVirus 3.6.0 Release Notes McAfee MOVE AntiVirus 3.6.0 For use with McAfee epolicy Orchestrator Contents About this document About the product New features Installation instructions Known issues Find product documentation

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Data Center Connector 3.0.0 for OpenStack

Data Center Connector 3.0.0 for OpenStack Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Learn the Essentials of Virtualization Security

Learn the Essentials of Virtualization Security Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption

More information

Security Intelligence in Action: SANS Review of McAfee Enterprise Security Manager (ESM) 9.2

Security Intelligence in Action: SANS Review of McAfee Enterprise Security Manager (ESM) 9.2 Sponsored by McAfee Security Intelligence in Action: SANS Review of McAfee Enterprise Security Manager (ESM) 9.2 May 2013 A SANS Whitepaper Written by Dave Shackleford The ESM Interface Page 2 Rapid Event

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

Learn the essentials of virtualization security

Learn the essentials of virtualization security Learn the essentials of virtualization security White Paper Table of Contents 3 Introduction 4 Hypervisor connectivity and risks 4 Multi-tenancy risks 5 Management and operational network risks 5 Storage

More information

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com 1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security

More information

Trend Micro Deep Security

Trend Micro Deep Security Trend Micro Deep Security VMware Global Technology Alliance Partner Changing the Game with Agentless Security for the Virtual Data Center A 2012 Trend Micro White Paper I. INTRODUCTION From its early experimental

More information

GRAVITYZONE HERE. Deployment Guide VLE Environment

GRAVITYZONE HERE. Deployment Guide VLE Environment GRAVITYZONE HERE Deployment Guide VLE Environment LEGAL NOTICE All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, including

More information

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Bitdefender GravityZone Sales Presentation

Bitdefender GravityZone Sales Presentation 6 March 2014 Page 1 Bitdefender GravityZone Sales Presentation 1 Page 2 Bitdefender at a Glance The #1 Anti-Malware Security Technology in the world First security software vendor to receive top recommendations

More information

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Product Guide. McAfee Endpoint Protection for Mac 2.1.0 Product Guide McAfee Endpoint Protection for Mac 2.1.0 COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Solution Paper Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Contents About this Document...3 Executive Overview...3 Introduction...4 Brief

More information

Trend Micro Enterprise Security

Trend Micro Enterprise Security Trend Micro Enterprise Security Immediate Protection. Less Complexity. Changing the Game for Anti-Virus in the Virtual Datacenter A Trend Micro White Paper September 2010 I. INTRODUCTION From its early

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes

More information

Effective End-to-End Cloud Security

Effective End-to-End Cloud Security Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.7.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Making Data Security The Foundation Of Your Virtualization Infrastructure

Making Data Security The Foundation Of Your Virtualization Infrastructure Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges

More information

Scaling Analytics to Meet Real-Time Threats in Large Enterprises: A Deep Dive into LogRhythm s Security Analytics Platform

Scaling Analytics to Meet Real-Time Threats in Large Enterprises: A Deep Dive into LogRhythm s Security Analytics Platform Sponsored by LogRhythm Scaling Analytics to Meet Real-Time Threats in Large Enterprises: A Deep Dive into LogRhythm s Security Analytics Platform September 2013 A SANS Analyst Program Review Written by

More information

Total Cloud Protection

Total Cloud Protection Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased

More information

GRAVITYZONE UNIFIED SECURITY MANAGEMENT. Use Cases for Beta Testers

GRAVITYZONE UNIFIED SECURITY MANAGEMENT. Use Cases for Beta Testers GRAVITYZONE UNIFIED SECURITY MANAGEMENT Use Cases for Beta Testers Introduction This document provides beta testers with guidelines for testing Bitdefender GravityZone solutions. To send your feedback,

More information

McAfee MOVE AntiVirus 2.6.0

McAfee MOVE AntiVirus 2.6.0 Deployment Guide McAfee MOVE AntiVirus 2.6.0 For use with epolicy Orchestrator 4.5.0, 4.6.0 Software COPYRIGHT Copyright 2012 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

vcloud Suite Licensing

vcloud Suite Licensing vcloud Suite 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this

More information

VDI Security for Better Protection and Performance

VDI Security for Better Protection and Performance VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Drobo How-To Guide. Cloud Storage Using Amazon Storage Gateway with Drobo iscsi SAN

Drobo How-To Guide. Cloud Storage Using Amazon Storage Gateway with Drobo iscsi SAN The Amazon Web Services (AWS) Storage Gateway uses an on-premises virtual appliance to replicate a portion of your local Drobo iscsi SAN (Drobo B1200i, left below, and Drobo B800i, right below) to cloudbased

More information

Antivirus Solution Guide for Clustered Data ONTAP 8.2.1: McAfee

Antivirus Solution Guide for Clustered Data ONTAP 8.2.1: McAfee Technical Report Antivirus Solution Guide for Clustered Data ONTAP 8.2.1: McAfee Saurabh Singh and Brahmanna Chowdary Kodavali, NetApp June 2015 TR-4286 Abstract An antivirus solution is key for enterprises

More information

Next-Generation Datacenters = Next-Generation Security

Next-Generation Datacenters = Next-Generation Security Sponsored by McAfee Next-Generation Datacenters = Next-Generation Security May 2013 A SANS Whitepaper Written by Dave Shackleford Introduction to Virtualization: The Stack and Components Page 2 Virtualization

More information

Evaluation of Multi-Hypervisor Management with HotLink SuperVISOR

Evaluation of Multi-Hypervisor Management with HotLink SuperVISOR White Paper White Paper Managing Public Cloud Computing in the Enterprise Evaluation of Multi-Hypervisor Management with HotLink SuperVISOR A Quick Start Guide By David Davis vexpert 1 Table of Contents

More information

Agentless Security for VMware Virtual Data Centers and Cloud

Agentless Security for VMware Virtual Data Centers and Cloud Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying

More information

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES BITDEFENDER SECURITY FOR AMAZON WEB SERVICES Beta Version Testing Guide Bitdefender Security for Amazon Web Services Beta Version Testing Guide Publication date 2015.03.04 Copyright 2015 Bitdefender Legal

More information

Product Guide. McAfee Endpoint Security for Mac Threat Prevention 10.1.0

Product Guide. McAfee Endpoint Security for Mac Threat Prevention 10.1.0 Product Guide McAfee Endpoint Security for Mac Threat Prevention 10.1.0 COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com

More information

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Table of Contents Thin, Legacy-Free, Purpose-Built Hypervisor.... 3 More Secure with Smaller Footprint.... 4 Less Downtime Caused by Patches...

More information

Make Optimizing Security Protection in Virtualized Environments a Priority

Make Optimizing Security Protection in Virtualized Environments a Priority G00229651 Make Optimizing Security Protection in Virtualized Environments a Priority Published: 15 February 2012 Analyst(s): Neil MacDonald As the virtualization of servers and desktops becomes more common,

More information

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Table of Contents Overview...3 Monitoring VMware vsphere ESX & ESXi Virtual Environment...4 Monitoring using Hypervisor Integration...5

More information

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to

More information

When Desktops Go Virtual

When Desktops Go Virtual When Desktops Go Virtual Virtualization Security. Addressing security challenges in your virtual desktop infrastructure A Trend Micro White Paper February 2011 I. VIRTUAL DESKTOP INFRASTRUCTURE Server

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

Two Great Ways to Protect Your Virtual Machines From Malware

Two Great Ways to Protect Your Virtual Machines From Malware Two Great Ways to Protect Your Virtual Machines From Malware By Maxim Weinstein, CISSP, Senior Product Marketing Manager Virtualization promises to reduce operational costs, simplify management and increase

More information

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work. Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using

More information

VMware vsphere-6.0 Administration Training

VMware vsphere-6.0 Administration Training VMware vsphere-6.0 Administration Training Course Course Duration : 20 Days Class Duration : 3 hours per day (Including LAB Practical) Classroom Fee = 20,000 INR Online / Fast-Track Fee = 25,000 INR Fast

More information

Virtual Appliance Setup Guide

Virtual Appliance Setup Guide The Virtual Appliance includes the same powerful technology and simple Web based user interface found on the Barracuda Web Application Firewall hardware appliance. It is designed for easy deployment on

More information

UP L17 Virtualization: Security Without Sacrificing Performance

UP L17 Virtualization: Security Without Sacrificing Performance UP L17 Virtualization: Security Without Sacrificing Performance Hands on lab Description In this hands on lab you will learn how to optimize SEP 12 for your virtual desktops to get maximum protection without

More information

Acronis Backup & Recovery 10 Advanced Server Virtual Edition. Quick Start Guide

Acronis Backup & Recovery 10 Advanced Server Virtual Edition. Quick Start Guide Acronis Backup & Recovery 10 Advanced Server Virtual Edition Quick Start Guide Table of contents 1 Main components...3 2 License server...3 3 Supported operating systems...3 3.1 Agents... 3 3.2 License

More information

Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology

Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology WHITE PAPER Intel Trusted Execution Technology Intel Xeon Processor Secure Cloud Computing Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology The Taiwan Stock Exchange Corporation

More information

vshield Quick Start Guide

vshield Quick Start Guide vshield Manager 5.0 vshield App 5.0 vshield Edge 5.0 vshield Endpoint 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.

More information

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

Version 1.15. Kaspersky Lab www.kaspersky.com FOR INTERNAL USE ONLY

Version 1.15. Kaspersky Lab www.kaspersky.com FOR INTERNAL USE ONLY Version 1.15 Kaspersky Lab www.kaspersky.com Table of Contents Introduction... 4 Virtualization... 4 Hypervisors... 4 Full virtualization and para-virtualization... 6 Virtualization platforms... 7 Protection

More information

Zerto Virtual Manager Administration Guide

Zerto Virtual Manager Administration Guide Zerto Virtual Manager Administration Guide AWS Environment ZVR-ADVA-4.0U2-01-23-07-15 Copyright 2015, Zerto Ltd. All rights reserved. Information in this document is subject to change without notice and

More information

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V Installation Guide for Microsoft Hyper-V Egnyte Inc. 1890 N. Shoreline Blvd. Mountain View, CA 94043, USA Phone: 877-7EGNYTE (877-734-6983) www.egnyte.com 2013 by Egnyte Inc. All rights reserved. Revised

More information

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1. This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1. WD31_VirtualApplicationSharedServices.ppt Page 1 of 29 This presentation covers the shared

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization

More information

WatchGuard Training. Introduction to WatchGuard Dimension

WatchGuard Training. Introduction to WatchGuard Dimension WatchGuard Training Introduction to WatchGuard Dimension Introduction to WatchGuard Dimension What is WatchGuard Dimension? Deploy WatchGuard Dimension Configure WatchGuard Dimension Use WatchGuard Dimension

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud

More information

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs

More information

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com Protecting the Irreplacable November Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com PC Sales continue to fall. Lack of innovation and no excitement Windows 8 doesn t seem to have excited the

More information

How to Backup and Restore a VM using Veeam

How to Backup and Restore a VM using Veeam How to Backup and Restore a VM using Veeam Table of Contents Introduction... 3 Assumptions... 3 Add ESXi Server... 4 Backup a VM... 6 Restore Full VM... 12 Appendix A: Install Veeam Backup & Replication

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE Combining protection and performance in your virtualized environment kaspersky.com/beready Introduction In the end, they re all servers and someone

More information

Web Application Firewall

Web Application Firewall Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

More information

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources

More information

Virtual Server Agent v9 with VMware. March 2011

Virtual Server Agent v9 with VMware. March 2011 Virtual Server Agent v9 with VMware March 2011 Contents Summary... 3 Backup Transport Methods... 3 Deployment Scenarios... 3 VSA Installation Requirements... 4 VSA Patch Requirements... 4 VDDK Installation...

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide McAfee Optimized Virtual Environments - Antivirus for VDI Installation Guide COPYRIGHT Copyright 2010-2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,

More information

End to End Security do Endpoint ao Datacenter

End to End Security do Endpoint ao Datacenter do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:

More information

PCI DSS 3.0 Compliance

PCI DSS 3.0 Compliance A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments

More information

Virtualization and Cloud: Orchestration, Automation, and Security Gaps

Virtualization and Cloud: Orchestration, Automation, and Security Gaps Virtualization and Cloud: Orchestration, Automation, and Security Gaps SESSION ID: CSV-R02 Dave Shackleford Founder & Principal Consultant Voodoo Security @daveshackleford Introduction Private cloud implementations

More information

Thinspace deskcloud. Quick Start Guide

Thinspace deskcloud. Quick Start Guide Thinspace deskcloud Quick Start Guide Version 1.2 Published: SEP-2014 Updated: 16-SEP-2014 2014 Thinspace Technology Ltd. All rights reserved. The information contained in this document represents the

More information

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,

More information

McAfee VirusScan and epolicy Orchestrator Administration Course

McAfee VirusScan and epolicy Orchestrator Administration Course McAfee VirusScan and epolicy Orchestrator Administration Course Intel Security Education Services Administration Course Training The McAfee VirusScan and epolicy Orchestrator Administration course from

More information

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic

More information

About the VM-Series Firewall

About the VM-Series Firewall About the VM-Series Firewall Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 http://www.paloaltonetworks.com/contact/contact/

More information

Blind as a Bat? Supporting Packet Decryption for Security Scanning

Blind as a Bat? Supporting Packet Decryption for Security Scanning Sponsored by VSS Monitoring Blind as a Bat? Supporting Packet Decryption for Security Scanning November 2012 A SANS Whitepaper Written by: Dave Shackleford Options for SSL Inspection Page 2 Implementing

More information

Unitrends Virtual Backup Installation Guide Version 8.0

Unitrends Virtual Backup Installation Guide Version 8.0 Unitrends Virtual Backup Installation Guide Version 8.0 Release June 2014 7 Technology Circle, Suite 100 Columbia, SC 29203 Phone: 803.454.0300 Contents Chapter 1 Getting Started... 1 Version 8 Architecture...

More information

vshield Quick Start Guide

vshield Quick Start Guide vshield Manager 5.0.1 vshield App 5.0.1 vshield Edge 5.0.1 vshield Endpoint 5.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

VMware vshield Zones R E V I E W E R S G U I D E

VMware vshield Zones R E V I E W E R S G U I D E VMware vshield Zones R E V I E W E R S G U I D E Table of Contents Getting Started..................................................... 3 About This Guide...................................................

More information

How to Develop Cloud Applications Based on Web App Security Lessons

How to Develop Cloud Applications Based on Web App Security Lessons Applications Based on Before moving applications to the public cloud, it is important to implement security practices and techniques. This expert E-Guide provides guidance on how to develop secure applications

More information

Best Practice Configurations for OfficeScan (OSCE) 10.6

Best Practice Configurations for OfficeScan (OSCE) 10.6 Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan

More information

Trend Micro OfficeScan 11.0. Best Practice Guide for Malware

Trend Micro OfficeScan 11.0. Best Practice Guide for Malware Trend Micro OfficeScan 11.0 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned

More information