Secure Virtualization in the Federal Government

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Secure Virtualization in the Federal Government"

Transcription

1 White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk

2 Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in data centers 4 Securing virtualized desktop infrastructure 6 Securing the infrastructure 7 Manage Everything, Anywhere 7 More Efficiency, More Confidence 7 2

3 Federal IT leaders embracing virtualized systems servers, desktops, or network devices must account for the unique aspects of virtualization and their effects on security. Leveraging security proven in the physical world and optimized for the virtual world can ensure that virtualization efforts deliver the desired efficiency gains without compromising security or compliance. IT leaders in the US Federal Government face considerable pressure to sustain the highest level of security while maintaining performance, maximizing utilization of shared infrastructure (including cloud), rapidly supporting new services and applications, and improving situational awareness across physical and virtual platforms. These demands compete with the very real constraints of shrinking IT budgets, fewer staff, and finite physical resources such as rack space, cooling, and power. Virtualization technologies are helping government teams balance these opposing forces in a flexible, integrated cybersecurity and compliance strategy that adapts existing infrastructure to changing needs and resources. Virtualization has migrated from server farms and data centers into desktop infrastructure and network components. This adoption is helping federal organizations improve operational efficiency but will it help or hinder risk management? Ready, Fire, Aim? Since deployment of new virtualized systems is much easier than deployment of physical systems, they can sprout quickly, everywhere, without the normal careful planning for security risk. Federal IT teams may not realize that virtual systems in the data center, in virtualized desktop infrastructure, and in the network require additional, specialized security. For example, traditional server security products such as antivirus and host intrusion prevention do not operate efficiently on virtualized platforms if deployed out of the box. Designed to use dedicated physical resources, they can quickly rob shared hypervisor memory and processing and undermine performance. Other challenges include: Unauthorized installation of applications can disrupt stability of the system, introduce vulnerabilities, or siphon off resources Malicious attacks can exploit shared resources in the virtualized environment, potentially compromising neighboring virtual machines (VMs) Infected virtual server templates can spread malware across the production environment The virtual server network itself becomes critical infrastructure that must be managed and protected Patch and security update management programs must work around the shared and high-utilization design of virtualized infrastructure Risk management programs must account for these issues, or ad hoc configurations will introduce service disruption, noncompliance, and performance bottlenecks called scan storms. When these problems emerge, the pressure to deliver at service levels necessary to assure the mission can cause administrators to work around or waive security controls. There s a better way to capture efficiency while managing risk appropriately. McAfee Solutions for Virtualization Servers and Data Centers McAfee Application Control McAfee Change Control McAfee Database Activity Monitoring McAfee Host IPS McAfee MOVE AntiVirus for virtual servers McAfee VirusScan Enterprise McAfee VirusScan Enterprise for Offline Virtual Images McAfee epolicy Orchestrator (McAfee epo ) McAfee MOVE Scheduler Virtualized Desktop Infrastructure McAfee Application Control McAfee MOVE AntiVirus for virtual desktops McAfee Host Intrusion Prevention System (IPS) McAfee SiteAdvisor Enterprise McAfee VirusScan Enterprise McAfee epo Virtual Infrastructure McAfee Network Security Platform McAfee Firewall Enterprise McAfee Security Innovation Alliance Partners, including Bromium, Hytrust, Invincea, and Reflex Refer to individual product specifications on for certification levels for FIPS and Common Criteria. 3

4 McAfee Solutions for Virtualization McAfee continues to lead the evolution of integrated, agile security tools for government. McAfee solutions can help federal IT teams support more end users, more workloads, and more geographies, while adhering to strict government compliance standards. Our solutions include virtualized appliance versions of proven government-grade security products such as the McAfee Network Security Platform and McAfee Firewall Enterprise, as well as innovations like McAfee Optimized for Virtualized Environments (MOVE AV) and McAfee VirusScan Enterprise for Offline Virtual Images. These specialized technologies make our best traditional antivirus and host intrusion prevention capabilities work efficiently within virtualized deployments, with both hypervisor-aware and hypervisor-agnostic options to preserve flexibility. In addition, a range of McAfee products extends key controls such as application whitelisting and change control into the virtual environment, providing flexibility and a seamless continuum of options from physical to cloud deployments. Securing virtual servers in data centers Virtual servers in data centers, both on your premises and in the cloud, consolidate multiple physical systems onto virtual compute, storage, and management platforms that communicate across a unified network. This model reduces the number of physical servers, storage resources, management systems, and their associated capital and operational expenses. Unified Network VM VM VM VM Mgmt Servers Storage Arrays Figure 1. By sharing back-end compute, storage, and management resources, virtualized datacenters can support more users and applications with greater efficiency. These systems require core security processes such as antimalware scanning and intrusion prevention, but not in the traditional per node model of servers. Scanning operations must work around the hypervisor design and data center schedules to ensure memory and processing resources remain available to new sessions. In addition, a consolidated model also removes the security advantages of the physical separation between databases, application servers, web servers, and other software. That physical isolation frustrates malware authors and hackers who hope to exploit vulnerabilities in these components to navigate around your environment. To compensate, you must build stronger security into virtualized systems everywhere, but particularly in mission-critical data centers. McAfee helps optimize your virtual server security environment while achieving the same level of security that you demand in traditional server environments. For example, McAfee MOVE AV reduces the performance impact of traditional antivirus by eliminating the need for installation of a full antivirus client on each virtual server and offloading on-access scanning to a centralized resource: a dedicated scanning server or a scanning service implemented as a virtual appliance. This model makes it easier to plan and scale capacity and streamlines operations. You monitor just a single environment and perform maintenance functions such as daily signature updates or product patch installations on one system. 4

5 In addition, the offloading decreases memory resource allocation for each virtual machine, so the memory can be released back to the resource pool for more effective utilization. In MOVE AV for virtual servers, a special feature orchestrates on-demand scans based on hypervisor and resource availability. MOVE manages the schedule of on-demand scans to prevent hypervisors from being overloaded, and allow them to have higher VM density, enabling greater efficiency for the overall system. This configuration also includes McAfee VirusScan Enterprise for Offline Virtual Images, which ensures stored offline images used for disaster recovery or continuity of operations are intact and ready when needed. The software can wake up dormant images, scan for viruses and malware, and refresh them with the latest security updates and patches before they are called into use. McAfee virtual server security options include advanced technologies such as McAfee Application Control and McAfee Change Control. They prevent buffer overflow attacks and memory exploits while blocking rogue applications and malware from being installed or executed. These controls help prevent attacks from spreading through compromised virtual servers and can also provide protection until a vulnerable server is patched. McAfee Change Control can continuously detect system-level changes being made across the virtual enterprise and prevent unauthorized changes to critical system files, directories, and configurations. It helps you stabilize both physical and virtualized infrastructure against inadvertent or malicious changes. These systems are centrally managed and exchange data through the McAfee management platform, McAfee epo. Through this environment, you gain leverage and visibility across policies and products used in both traditional physical security processes and your expanding virtualized environments. Virtualization is not limited to hosts. At the edge of your data center, McAfee Network Security Platform (NSP) and McAfee Firewall Enterprise allow you to apply unique security policies to virtual hosts, networks, or tenants to re-establish the partitions typically lost in the move from traditional physical deployments. You can define trust zones, for example, that set rules and boundaries for key data center systems subject to PCI or other sensitive data restrictions. McAfee Network Security Platform Virtual Server Applications MOVE AV OS McAfee epo Image Data Storage - McAfee VirusScan for Offline Virtual Images Virtual Machines - McAfee Application Control - McAfee Change Control - MOVE AV (Agent) Hypervisor MOVE Scanning Servers - MOVE AV - McAee VirusScan Enterprise Hypervisor Figure 2. McAfee security systems mitigate network attacks as well as attacks that traverse virtualized server deployments. 5

6 To enhance the security of your virtualized data center, McAfee NSP can inspect all the packets that traverse the virtual switches throughout the virtual server network, looking for anomalies, exploits, and denial of service attacks. Through integration with the IP and file reputation services of McAfee Global Threat Intelligence, NSP can help organizations profile and block incoming malware and the malicious external IP addresses that are attempting denial of service or buffer overflow attacks. Securing virtualized desktop infrastructure Many of the same technologies used in virtualized data centers also deliver value in virtualized desktop infrastructure (VDI). The chief operational difference is that desktop infrastructures have many more simultaneously active guest images per server, and the session lengths tend to be shorter. This dynamic environment requires a different approach to virtualization security. McAfee offers two options: an agent-based solution that supports all the major hypervisor vendors, and an adaptive, agentless solution tightly integrated with VMware vshield. McAfee MOVE AV for virtual desktops includes the core features of optimized antimalware scanning, plus host intrusion prevention, a desktop firewall, memory protection, and web application protection (through McAfee SiteAdvisor Enterprise). Federal IT teams can use McAfee MOVE AV to implement and maintain protection and efficiency across VDI. This step helps ensure federal organizations have deployed antivirus and other controls stipulated by the US Government Configuration Baseline (USGCB). VM Applications MOVE OS VM Applications MOVE OS MOVE Virtual Appliance Off-load Processing Hypervisor McAfee epo Client Virtual Desktop Client Virtual Desktop McAfee MOVE Figure 3. McAfee MOVE and McAfee epolicy Orchestrator work together to centralize and optimize AV operations in VDI. The same strengths McAfee provides to virtual servers extrapolate well to virtualized desktop infrastructure. In particular, McAfee MOVE AV overcomes the performance issues that have made it hard for IT to implement AV efficiently in virtualized desktop infrastructures. The MOVE AV design leaves the client guest image free to concentrate exclusively on end-user application processing. The MOVE AV configuration for virtual desktop infrastructure includes extra protection against the sort of attacks common to desktop environments. The desktop firewall and advanced memory protection of McAfee Host Intrusion Prevention restrict the activities of malware to prevent malicious activity and 6

7 preserve file integrity. McAfee SiteAdvisor Enterprise alerts users to malicious and risky URLs and gives administrators policy-based control over web usage. These interventions help reduce the chance of downloading malware. As with virtual servers, we also recommend deployment of McAfee Application Control to prevent users installing undesired or risky applications. The open McAfee epo management platform allows security for VDI to integrate with your broader security infrastructure. Instead of independent or overlay operation of virtualization-specific solutions, one integrated system can manage the policies and scanning of virtual and physical endpoints within a consistent policy management and reporting environment. Cloud Infrastructure Security Network Storage Compute Datacenter Facilities (e.g. cooling, power) Figure 4. Security systems can be virtualized to support the move to the cloud. Securing the infrastructure Network-based security tools such as network intrusion prevention systems and network firewalls can help government agencies realize the cost saving and hardware reduction that virtualization brings by emulating literally up to 1000 standalone devices on a single appliance. This is crucial as IT teams collapse network, storage, and computing resources into centralized datacenters. Network security devices can be protecting your data center perimeter or monitoring traffic within your network and within your virtualized infrastructure. For example, McAfee Network Security Platform can integrate with VMware to inspect traffic and enforce policy on and between virtual machines, regardless of their physical location. Virtualizing network security infrastructure allows you to reduce the number of physical sensors on your network, consolidating operations into a single node between the switch and the router. Additionally, the McAfee epo management platform integrates with third-party virtualization security and management vendors such as Bromium, Reflex Systems, Invincea, and HyTrust to extend security to hardware virtualization, application virtualization, and hypervisor reporting and management. Manage Everything, Anywhere The technologies working on the virtual server, in the virtualized desktop infrastructure, and in virtualized network devices can be centrally managed and reported via the McAfee epo console, bringing these systems into the same management environment as your physical security infrastructure. Connecting all your virtual security systems to your physical security infrastructure through McAfee epo means your organization can have broad visibility across your environment. In addition, the open McAfee platform integrates with hundreds of partners, helping reduce the number of consoles and windows you need to monitor in order to understand your risk posture. Policy management, security maintenance, auditing, and reporting all get easier when you have consistent, correlated data sets. With new visibility into threats and relevant actions, federal IT organizations can close the security gaps that exist within your virtual infrastructure. 7

8 More Efficiency, More Confidence The McAfee approach to virtualization security helps organizations optimize virtualized resources and ease management of the virtualized systems that are becoming a core part of government infrastructure. McAfee solutions overcome the unique concerns that arrive with virtualized infrastructure: performance, unauthorized installation of applications, malicious attacks, exploitation of shared resources, the integrity of active and offline virtual machines, the security of the virtual server network itself, software (.DAT and patch) maintenance, and overall management complexity. With the McAfee solution, you can achieve the maximum ROI of your virtual environment. For example, the design improves hypervisor density MOVE AV has shown dramatic improvements in VDI density as compared to running McAfee VirusScan Enterprise locally and enables efficiencies in CPU, disk, and file I/O management. Even though in a virtual environment you can reimage quickly, the goal is to prevent you from having to perform this activity in the first place. By scanning and updating images even in an offline state, McAfee MOVE AV for virtual desktops ensures that the image library is well controlled and free of malware. This design improves the user experience with access whenever they need it, while unburdening the load of the hypervisor. Server and desktop virtualization can yield tremendous savings as government organizations drive toward optimizing existing computing resources, but security and compliance solutions must adapt to the changing environment, too. McAfee delivers comprehensive and integrated datacenter, desktop, and network solutions to secure this dynamic frontier intelligently and allow organizations to focus on their missions. Our security and compliance tools offer the flexibility to maintain a standard, virtualized, hosted, or hybrid server and desktop environment without compromising on efficiency or risk management objectives. Learn more at Mission College Boulevard Santa Clara, CA McAfee, the McAfee logo, epolicy Orchestrator, McAfee epo, SiteAdvisor, VirusScan, and McAfee Global Threat Intelligence are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2013 McAfee, Inc wp_fed-virtualization_0313_fnl_ETMG

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee

More information

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

VDI Security for Better Protection and Performance

VDI Security for Better Protection and Performance VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments

More information

Total Cloud Protection

Total Cloud Protection Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased

More information

Trend Micro Deep Security

Trend Micro Deep Security Trend Micro Deep Security VMware Global Technology Alliance Partner Changing the Game with Agentless Security for the Virtual Data Center A 2012 Trend Micro White Paper I. INTRODUCTION From its early experimental

More information

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business

More information

Agentless Security for VMware Virtual Data Centers and Cloud

Agentless Security for VMware Virtual Data Centers and Cloud Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying

More information

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes Technology Blueprint Protect Your Application Servers Preserve uptime by blocking attacks and unauthorized changes LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected

More information

McAfee MOVE AntiVirus 3.6.0

McAfee MOVE AntiVirus 3.6.0 Release Notes McAfee MOVE AntiVirus 3.6.0 For use with McAfee epolicy Orchestrator Contents About this document About the product New features Installation instructions Known issues Find product documentation

More information

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE White Paper JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE Copyright 2012, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3 Typical Antivirus Use Cases...3 Use Case

More information

Endpoint Security: Become Aware of Virtual Desktop Infrastructures!

Endpoint Security: Become Aware of Virtual Desktop Infrastructures! Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity

More information

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo

More information

Trend Micro Cloud Security for Citrix CloudPlatform

Trend Micro Cloud Security for Citrix CloudPlatform Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing

More information

Securing Your Journey to the Cloud. Thomas J. Miller Executive Vice President

Securing Your Journey to the Cloud. Thomas J. Miller Executive Vice President Securing Your Journey to the Cloud Thomas J. Miller Executive Vice President February 23, 2011 Classification 2/24/2011 Copyright 2011 Trend Micro Inc. 1 Have you ever tried to explain Virtualization to

More information

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next One Size Does Not Fit All 1 For virtualization security, there s no one size

More information

Trend Micro Enterprise Security

Trend Micro Enterprise Security Trend Micro Enterprise Security Immediate Protection. Less Complexity. Changing the Game for Anti-Virus in the Virtual Datacenter A Trend Micro White Paper September 2010 I. INTRODUCTION From its early

More information

Tough Times. Tough Choices.

Tough Times. Tough Choices. Security-as-a-Service is the right choice, right now. Table of Contents A New Choice for Every Business: Security-as-a-Service 3 Security-as-a-Service: One Service, Countless Protections 4 Outsource Your

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com 1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption

More information

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE Combining protection and performance in your virtualized environment kaspersky.com/beready Introduction In the end, they re all servers and someone

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

Strategies for Protecting Virtual Servers and Desktops

Strategies for Protecting Virtual Servers and Desktops Strategies for Protecting Virtual Servers and Desktops by Jonathan Tait, Product Marketing Manager Virtualization Today Over the past few years, virtualization technology has transformed the data center.

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization

More information

When Desktops Go Virtual

When Desktops Go Virtual When Desktops Go Virtual Virtualization Security. Addressing security challenges in your virtual desktop infrastructure A Trend Micro White Paper February 2011 I. VIRTUAL DESKTOP INFRASTRUCTURE Server

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0 Product Guide McAfee MOVE AntiVirus Multi-Platform 3.5.0 For use with epolicy Orchestrator 4.6.7, 4.6.8, 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure. McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,

More information

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials Sponsored by McAfee Protecting Virtual Endpoints with McAfee Server Security Suite Essentials December 2013 A SANS Analyst Whitepaper Written by Dave Shackleford Capability Sets for Virtualization Security

More information

Database Security in Virtualization and Cloud Computing Environments

Database Security in Virtualization and Cloud Computing Environments White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and

More information

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments #1 Management and Security for Windows Server and Hyper-V The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments by Brien M. Posey In the not too distant past, VMware was the hypervisor of

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security

More information

Symantec Endpoint Protection 12.1.4

Symantec Endpoint Protection 12.1.4 Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking

More information

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to

More information

VMware vcloud Networking and Security

VMware vcloud Networking and Security VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility

More information

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by

More information

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1

More information

End to End Security do Endpoint ao Datacenter

End to End Security do Endpoint ao Datacenter do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

Virtualization Essentials

Virtualization Essentials Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically

More information

Secure Your Next-Generation Data Center

Secure Your Next-Generation Data Center Business Brief Secure Your Next-Generation Data Center Build security into the design phase for maximum flexibility and advanced threat reduction Key Takeaways Data center upgrades are pervasive, driven

More information

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Table of Contents Thin, Legacy-Free, Purpose-Built Hypervisor.... 3 More Secure with Smaller Footprint.... 4 Less Downtime Caused by Patches...

More information

WHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY

WHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY WHITE PAPER The Protection and Operational Benefits of Agentless Security in Virtual Environments An Osterman Research White Paper Published March 2012 SPONSORED BY sponsored by! SPON sponsored by Osterman

More information

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc. Deep Security Προστατεύοντας Server Farm Available Aug 30, 2011 Σωτήρης Δ. Σαράντος Σύμβουλος Δικτυακών Λύσεων Copyright 2011 Trend Micro Inc. Legacy Security Hinders Datacenter Consolidation Physical

More information

Solutions Brochure. Security that. Security Connected for Financial Services

Solutions Brochure. Security that. Security Connected for Financial Services Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk

More information

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources

More information

McAfee MOVE / VMware Collaboration Best Practices

McAfee MOVE / VMware Collaboration Best Practices McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...

More information

VIRTUALIZATION SECURITY IS NOT AN OXYMORON. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

VIRTUALIZATION SECURITY IS NOT AN OXYMORON. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next VIRTUALIZATION SECURITY IS NOT AN OXYMORON With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next PREPARING FOR THE VIRTUALIZATION ADVANTAGE Widely acknowledged and celebrated, the

More information

McAfee Product Entitlement Definitions

McAfee Product Entitlement Definitions McAfee Product Entitlement Definitions McAfee. Part of Intel Security. 2821 Mission College Blvd Santa Clara, CA 95054 www.intelsecurity.com Application Server CPU CPU Core Database An Application Server

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

VIRTUALIZATION SECURITY IN THE REAL WORLD

VIRTUALIZATION SECURITY IN THE REAL WORLD VIRTUALIZATION SECURITY IN THE REAL WORLD Growing Technology Virtualization has become the standard for many corporate IT departments. The market for server virtualization infrastructure has matured, surpassing

More information

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what

More information

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard Partner Addendum Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard The findings and recommendations contained in this document are provided by VMware-certified

More information

5 Best Practices to Protect Your Virtual Environment

5 Best Practices to Protect Your Virtual Environment CONTENTS OF THIS WHITE PAPER Security Virtualization s Big Hurdle..1 Why Old-STyle Protections Fall short..2 Best Practices...3 Create A VM Service Good List... 3 Monitor and Protect the Hypervisor...

More information

Securing the Next-Generation Data Center

Securing the Next-Generation Data Center Business Brief Securing the Next-Generation Data Center Build security into the design phase for maximum flexibility and advanced threat reduction Key Points Data center upgrades are pervasive, driven

More information

Journey to the Private Cloud. Key Enabling Technologies

Journey to the Private Cloud. Key Enabling Technologies Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion

More information

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide McAfee Optimized Virtual Environments - Antivirus for VDI Installation Guide COPYRIGHT Copyright 2010-2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,

More information

Symantec Endpoint Protection 12.1.6

Symantec Endpoint Protection 12.1.6 Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly

More information

Effective End-to-End Cloud Security

Effective End-to-End Cloud Security Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of

More information

OPTIMIZING SERVER VIRTUALIZATION

OPTIMIZING SERVER VIRTUALIZATION OPTIMIZING SERVER VIRTUALIZATION HP MULTI-PORT SERVER ADAPTERS BASED ON INTEL ETHERNET TECHNOLOGY As enterprise-class server infrastructures adopt virtualization to improve total cost of ownership (TCO)

More information

Meeting the Challenges of Virtualization Security

Meeting the Challenges of Virtualization Security Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization

More information

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Solution Paper Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Contents About this Document...3 Executive Overview...3 Introduction...4 Brief

More information

1518 Best Practices in Virtualization & Cloud Security with Symantec

1518 Best Practices in Virtualization & Cloud Security with Symantec 1518 Best Practices in Virtualization & Cloud Security with Symantec Tues May 6, 11:00 Kevin Stultz Symantec Product Management Chip Epps Symantec Product Marketing 1 Agenda 1 2 Trends in Virtualization

More information

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency. Optimize your defense, resilience, and efficiency. Table of Contents Need Stronger Network Defense? Network Concerns Security Concerns Cost of Ownership Manageability Application and User Awareness High

More information

McAfee Total Protection Reduce the Complexity of Managing Security

McAfee Total Protection Reduce the Complexity of Managing Security McAfee Total Protection Reduce the Complexity of Managing Security Computer security has changed dramatically since the first computer virus emerged 25 years ago. It s now far more complex and time-consuming.

More information

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012 McAfee Deep Safe Security beyond the OS Kai-Ping Seidenschnur Senior Security Engineer October 16, 2012 Intel/McAfee Initiatives: epo Deep Command and Deep Defender McAfee epo Deep Command Security Management

More information

Agile Business, Flexible Choices

Agile Business, Flexible Choices White Paper Security-as-a-Service (SaaS) is the right choice, right now Table of Contents A New Choice for Every Business: Cloud-Based, Cloud-Managed Security Services 3 One Service, Layered Protections

More information

McAfee MOVE AntiVirus (Agentless) 3.6.0

McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide McAfee MOVE AntiVirus (Agentless) 3.6.0 For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

INFORMATION PROTECTED

INFORMATION PROTECTED INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never

More information

White Paper. Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection

White Paper. Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection Table of Contents Security Consolidation 3 Application identification and control 3 User identification and control 3 Intrusion

More information

IBM Endpoint Manager for Core Protection

IBM Endpoint Manager for Core Protection IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,

More information

Bitdefender GravityZone Sales Presentation

Bitdefender GravityZone Sales Presentation 6 March 2014 Page 1 Bitdefender GravityZone Sales Presentation 1 Page 2 Bitdefender at a Glance The #1 Anti-Malware Security Technology in the world First security software vendor to receive top recommendations

More information

Best Practices for Managing Virtualized Environments

Best Practices for Managing Virtualized Environments WHITE PAPER Introduction... 2 Reduce Tool and Process Sprawl... 2 Control Virtual Server Sprawl... 3 Effectively Manage Network Stress... 4 Reliably Deliver Application Services... 5 Comprehensively Manage

More information

McAfee Certified Product Specialist McAfee epolicy Orchestrator

McAfee Certified Product Specialist McAfee epolicy Orchestrator McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives

More information

Agent or Agentless Policy Assessments: Why Choose?

Agent or Agentless Policy Assessments: Why Choose? Technical Brief Agent or Agentless Policy Assessments: Why Choose? McAfee Total Protection for Compliance Meeting newer, more stringent regulatory standards and the increasing number of IT audits requires

More information

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it Complete and high performance protection where you need it Overview delivers high-performance protection against physical and virtual server downtime with policy based prevention, using multiple protection

More information

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud

More information

Captaining datacenter security: putting you at the helm

Captaining datacenter security: putting you at the helm Captaining datacenter security: putting you at the helm 2 Introduction Running a datacenter involves a plethora of complex tasks, of which security is just one. But the security of virtual environments

More information

Data Center Connector 3.0.0 for OpenStack

Data Center Connector 3.0.0 for OpenStack Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

POS Security That Pays Its Own Way

POS Security That Pays Its Own Way POS Security That Pays Its Own Way The rising costs of POS system management and security Table of Contents A Pain Point for Retailers Is an Opportunity for POS Vendors...3 The Solution: McAfee Integrity

More information

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Product Guide. McAfee Endpoint Protection for Mac 2.1.0 Product Guide McAfee Endpoint Protection for Mac 2.1.0 COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee

More information

IBM Global Technology Services March 2008. Virtualization for disaster recovery: areas of focus and consideration.

IBM Global Technology Services March 2008. Virtualization for disaster recovery: areas of focus and consideration. IBM Global Technology Services March 2008 Virtualization for disaster recovery: Page 2 Contents 2 Introduction 3 Understanding the virtualization approach 4 A properly constructed virtualization strategy

More information