Secure Cloud Computing

Size: px
Start display at page:

Download "Secure Cloud Computing"

Transcription

1 Secure Cloud Computing

2 Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for Securing Cloud Infrastructure & Services Approach & Methodology for Securing Cloud Infrastructure & Services Government laws regarding data security and controls Q&A

3 Advanced Targeted Attack Life Cycle Criminal Theft Espionage Sabotage After the Fact Expensive Public Uncertainty COMPROMISE CONTAINMENT ATTACK DISCOVERY High Value Data Key Systems Exploit Weakness Stealthy Replacement Process Preparation Sadder but Wiser 2

4 Security-Related TCO Is Skyrocketing Multiple products operate in separate functional silos Constantly rising costs of operational security No efficiency, no effectiveness Stale defenses lack adaptive, contextaware capabilities Increasingly complex to manage 4

5 Recent Notable Advanced Targeted Attacks Targeted attacks against Point-of-Sale (POS) systems Memory parsing/scraping malware Extracts full magnetic stripe data out of memory Not detected by traditional A/V Not detected for a significant amount of time Substantial damage million credit cards where ex-filtrated in the TARGET compromise Containment took long (VISA) 5

6 Evolution of Cloud Computing

7 Evolution of the Datacenter Discrete Datacenter Compute Management Storage Network Consolidation Discrete Networks Traditional Security - Policies tied to physical attributes Virtualized Datacenter Servers Unified Network VM VM VM VM Mgmt Storage Arrays Flexible Management 10G Unified Network Virtualized Security - Context aware policies Cloud Datacenter Cloud Infrastructure Security Network Storage Compute Datacenter Facilities (e.g. cooling, power) Efficient and Secure Open Architecture Simplified Network Federated Security - Security delivered as a set of services

8 Cloud Enabler-Virtualization Virtualization = New platform for greater flexibility Flexibility & Scalability Rapid deployment of Servers & Desktops based on standard built Heterogeneous OS & Application environment running on one single HW Virtualization changes the definition of an endpoint Virtualized systems are no longer systems, they become data Virtual images built on the fly re-define the notion of an asset

9 The Business Need for a New Model Reduce Costs, Improve Agility 5 weeks Workload Some minutes = Differentiated storage Differentiated networks Differentiated isolation Differentiated security Other 3 rd party services Few Days 9

10 Reduce Costs, Improve Agility for all Datacenter Security and Services Differentiated storage Differentiated networks Minutes VDC Differentiated isolation Differentiated security Few Days Other 3 rd party services Datacenter Security Consolidated Workload-centric Policy-driven Extensible

11 Virtual Datacenter Cloud Infrastructure Datacenter spans physical, virtual and cloud deployments SaaS Applications Manage Dashboard PaaS Workloads Data Policies Workflows Compliance Infrastructure IaaS Compute Storage Network Essential Characteristics Broad Access, Rapid Elasticity, On Demand Self Service, Resource Pooling

12 Overall Objective of Cloud Security: Transparency Secure cloud infrastructure- Physical & Virtual Delivering Secure Cloud Services Providers should implement current & future cloud Standards & Certifications Automation of auditing & security 12 Transparency Confidence

13 Cloud Security Challenges/Concerns Data and Identity Centric Controls in Cloud are hard Dynamic perimeter based on data access and service requirements vs. logical network separation How do provision (and de-provision) identify + authorization across a network of providers Data Leakage threats from Cloud Infrastructure Database Compromises from Cloud Infrastructure High Availability and Performance requirements Virtual infrastructure makes traditional security solutions difficult on both network Content security Lack of Visibility in Inter-VM traffic Advanced Persistent Threats (e.g. Stuxnet, Operation Aurora, Operation Shady RAT etc.) Security controls need to understand the legacy and next generation message exchange protocols Anti-malware protection across large volumes of data must be optimized Protect access to critical data resources from multiple threat vectors to include insiders

14 Cloud Security Requirements Dynamic Risk Assessment Enterprise framework that support Machine to Machine data collection for continuous monitoring Comprehensive assessment for vulnerability, behavior, configuration and impact Real-time discovery capability for assets, applications and data Threat-Based Defense Defend the key attack vectors and priority targets based on intelligence Automated assessments with countermeasure awareness No impact to availability or performance of critical systems Handling APT Attacks Monitoring across several domains Integration of IT risk data or events with cyber physical data for impact decisions & higher level decision support systems Handling Big Security Data

15 Strategy for Secure Cloud Infrastructure & Services

16 Cloud Security Approach/Methodology Secure the Physical and Virtual Datacenter Architecture Defend the whole of the datacenter from infrastructure to application and across all threat vectors Enable comprehensive readiness assessment for web applications, databases and systems Provide continuous monitoring, rapid data retrieval and analysis for incident response Application access through API Calls Secure the Cloud Provider Protect data and identity services in the provider datacenter Secure Software-as-a-Service providers with Cloud Security Platform Enable Secure Use of Cloud Services Understand messaging protocols to ease integration of legacy systems and provide data loss protection Identity management provided by Cloud Based Identity Management solution

17 Securing Cloud Based Data Centers

18 Cloud Security Components for VDC Security Monitoring and Management Datacenter Asset Inventory with Security Overlay Risk Based Event/Log Correlation Local Threat Intelligence Server Security Memory Protection Application Whitelisting Change Control Hardware Assisted Security Virtualized Platform Hypervisor Security Resource Optimization through Offloading Agent-less Security through Integration with VMM Unified Management G T I SIEM Secure Data at Rest Encryption & Database Security Securing data at Storage Virtual Network Security Advanced Evasion Prevention Virtual Intrusion Prevention Virtual Next Generation Firewalls Secure Data in Motion Content & Context Visibility Virtualized Network Protection

19 Unified Management Open APIs Partner Ecosystem Unified Management Automated Compliance Auditing (Policy Auditor/ Vulnerability Manager) Management (Unified Command Center) Alerts Notifications Reporting SLAs Unified Management Across Physical Virtual and Cloud Access from anywhere via web-based UI Highly Extensible Leverage partner ecosystem APIs to adapt to changing market and business requirements End-to-end Visibility and Control Insight into policies and compliance posture across applications, endpoints, servers and networks SIEM for situational and context awareness Regulations Frameworks Standards SOX ISO PCI DSS HIPAA COBIT CIS GLBA NIST NIST FISMA FDCC DISA STIGS McAfee Confidential Internal Use Only

20 Global Threat and Vulnerability Intelligence Threat Reputation Network Security Mobile Security Web Security Mail Security Endpoint Security Database Security 3rd Party Feed.

21 Cloud Based Unified Security Management Platform See log frequencies Search for logs Correlate events What data is involved? Who is doing it? Are they a bad actor? What is the risk of the system? What is the risk of the user? Big Security Data DB Applications Visualize, Investigate, Respond Advanced Correlation Engine GLOBAL THREAT LANDSCAPE Threat intelligence feed Immediate alerting Historical Analysis Dynamic Context Content Aware Traditional Context Log Management Scalable Architecture ENTERPRISE RISK LANDSCAPE Vulnerabilities Countermeasures Individuals Risk Advisor epolicy Orchestrator Database OPTIMIZED High Speed Intelligent Correlation

22 Delivering Secure Cloud Services

23 Delivering Cloud Computing Cloud Partners Cloud Vendors Applications Customers Data Loss Intrusion Authentication Web Data Loss Intrusion Enterprise Mobile Users Enterprise Users Private Cloud Applications

24 Secure Cloud Service Delivery Modules Partners Unified Management, Policy and Reporting, Integration Identity Management Security Cloud Ecosystem Cloud Vendors Applications Authentication Web Data Loss Prevention Global Threat Intelligence Cloud Security Platform Customers Services API Gateway Web Security SaaS or Appliance Mobile Users Enterprise Enterprise Users Private Cloud Applications

25 Cloud Access Challenges-Identity Management Multiple Logins / Weak Security Lack of Visibility Manual Provisioning Single Sign On (SSO) & Strong Authentication Centralized Management Console Auto Account Provisioning & Profile Sync ID Infrastructure Integration Audit Silos Scalable, Federated Trust AuthN & Provisioning Connectors AD & IAM Centralized Audit Logging Standards Based

26 Identity Management with Strong Authentication SSO Provisioning Strong Auth Enterprise Provision Access Adaptive Strong Auth Secure SSO Regulatory Compliance Provision/de-provision user accounts AD integration Sync Id Profiles Selectively apply 2 nd factor OTP AuthN Variety of software AuthN methods and devices- mobile devices, SMS, Federate windows/ AD login To popular SaaS like Salesforce and Google Apps Rich audit trail of user login showing AuthN level De-provision and orphan account reports

27 Deployment to the cloud 1. Account Provisioning 2. Browser Federation/SSO Old Enterprise Perimeter Dynamic Perimeter Account Provision IdM or Active Directory Portal / Apps Internal Session Cloud Identity Manager Service API Calls Provisioning Policy Cloud SSO SSO Request Custom Apps User Browser Bring secured, monitored cloud endpoints under enterprise IT control

28 Deployment to the cloud Step Central up Monitoring, OTP Strong Auth Audit, Privacy Settings Old Enterprise Perimeter Dynamic Perimeter IdM or Active Directory Audit Repository Portal / Apps OTP Strong Auth Cloud Identity Manager Cloud SSO Cloud SSO Mgt Console Custom Apps User Browser Bring secured, monitored cloud endpoints under enterprise IT control

29 Secure Cloud Service Delivery Modules Partners Unified Management, Policy and Reporting, Integration Identity Management Security Cloud Ecosystem Cloud Vendors Applications Authentication Web Data Loss Prevention Global Threat Intelligence Cloud Security Platform Customers Services API Gateway Web Security SaaS or Appliance Mobile Users Enterprise Enterprise Users Private Cloud Applications

30 Diverse Apps are Exposed as Services & APIs to Consumers Consumers Services Abstraction Pattern App Types Citizen A P I Unemployment Tax payment WOA REST egov Employee/Partner A P I Order status Inventory SOA Supply Chain Developer A P I Applications Components App Store Web 2.0 Operations A P I Configure Capacity Monitoring IaaS/PaaS Cloud

31 APIs are everywhere Cloud Provider API Leverage third-party services API Shielding API Cloud Provider Applications move off premise Fast Changing Cloud APIs Enterprise

32 A Service Gateway Broker Model Makes a lot of sense Cloud Provider API Cloud Provider Enterprise APIs can be exposed, consumed, and proxied to a Service Gateway to offload security & communicate with back end infrastructure vs point to point integration

33 Secure Cloud Service Delivery Modules Partners Unified Management, Policy and Reporting, Integration Identity Management Security Cloud Ecosystem Cloud Vendors Applications Authentication Web Data Loss Prevention Global Threat Intelligence Cloud Security Platform Customers Services API Gateway Web Security SaaS or Appliance Mobile Users Enterprise Enterprise Users Private Cloud Applications

34 PROTECT EVALUATE ANALYZE SOURCE Data Loss Prevention At Rest In Use In Motion DLP Discover: Find and Inspect DLP Monitor: Capture Policy Intelligence Admin Action Policy Application DLP Prevent: Enforcement User Action Encrypt Block Monitor Educate Move

35 Protection In Cloud Delivery Platforms Mobile Devices (Appliance, Virtual Appliance, SaaS, Blade Server, and Hybrid) Simplified Cost Model Unified Policies &Quarantines Protection Business Continuity ( and DLP) Layered Protection (Maximized scalability and security)

36 Web Protection In Cloud Delivery Platforms Mobile Workers & Devices (Appliance, Virtual Appliance, SaaS, Blade Server) Pricing Consistency Common Policy Web Protection Security Services Common Reporting (Web Filtering, Gateway Antimalware, GTI, DLP, SSL, App Control)

37 Modules Summary: Key Attributes of Secure Cloud Services Partners Mobile Users Cloud Vendors Services Gateway Security Cloud Ecosystem Applications Customers Authentication Data Loss Web Prevention Global Threat Intelligence Cloud Security Platform Enterprise Enterprise Users Identity Management Web Security Private Cloud Applications SaaS or Appliance More Flexibility Modular based On-premise, SaaS or virtual Protect headquarters, remote offices and mobile users Easier to Manage Consolidated solution Centralized reporting through Unified Management Open platform to integrate existing solutions Greater Protection Creates secure bridge covering primary Cloud traffic channels Consistent protection & policies across web, identity & Real-time protection via Global Threat Intelligence

38 Government laws regarding data security and controls Indian IT Act 2000 (Amendment 2008) Section 43A of the Information Technology (Reasonable security practices and procedures and sensitive personal data information) Rules 2011 The provision require any corporate bodies which 'receives, possesses, stores, deals, or handles any 'sensitive personal data' to implement and maintain 'reasonable security practices', failing which, they are held liable to compensate those affected Section 72A of the (Indian) Information Technology Act, 2000, disclosure of information, knowingly and intentionally, without the consent of the person concerned and in breach of the lawful contract. Section 72 of the IT Act provides for penalty for breach of confidentiality and privacy. Some of the links are as follows: Other Security Frameworks: ISO 27001, NERC etc. 38

39 Securing Cloud Infrastructure & Services- Summary Cloud Security Survivability= Speed of Detection + Speed of Response 39

40 Q&A 40

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:

More information

Security Information & Event Management (SIEM)

Security Information & Event Management (SIEM) Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

An New Approach to Security. Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com

An New Approach to Security. Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com An New Approach to Security Chris Ellis McAfee Senior System Engineer Chris_Ellis@McAfee.com Advanced Targeted Attack Challenges Criminal Theft Sabotage Espionage After the Fact Expensive Public Uncertainty

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO Data everywhere but protection? Unprotected Data Needing Protection

More information

Mucho Big Data y La Seguridad para cuándo?

Mucho Big Data y La Seguridad para cuándo? Mucho Big Data y La Seguridad para cuándo? Juan Carlos Vázquez Sales Systems Engineer, LTAM mayo 9, 2013 Agenda Business Drivers Big Security Data GTI Integration SIEM Architecture & Offering Why McAfee

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

Virtualization Impact on Compliance and Audit

Virtualization Impact on Compliance and Audit 2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance

More information

Security in the Software Defined Data Center

Security in the Software Defined Data Center Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined

More information

IT Security & Compliance. On Time. On Budget. On Demand.

IT Security & Compliance. On Time. On Budget. On Demand. IT Security & Compliance On Time. On Budget. On Demand. IT Security & Compliance Delivered as a Service For businesses today, managing IT security risk and meeting compliance requirements is paramount

More information

Leading The World Into Connected Security. Paolo Florian Sales Engineer

Leading The World Into Connected Security. Paolo Florian Sales Engineer Leading The World Into Connected Security Paolo Florian Sales Engineer History of Defining Largest Dedicated Delivering a Next Generation Architecture Security Provider Security Architecture Inventor of

More information

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics

More information

Operationalize Policies. Take Action. Establish Policies. Opportunity to use same tools and practices from desktop management in server environment

Operationalize Policies. Take Action. Establish Policies. Opportunity to use same tools and practices from desktop management in server environment Microsoft IT Systems Strategy DATACENTER APPLICATIONS Process-Led, Model-Driven Unified and Virtualized USER-CENTRICITY ServiceEnabled Basic Standardize d Rationalized Dynamic Cost center Efficient cost

More information

Cloud and Regulations: A match made in heaven, or the worst blind date ever?

Cloud and Regulations: A match made in heaven, or the worst blind date ever? Cloud and Regulations: A match made in heaven, or the worst blind date ever? Vinod S Chavan Director Industry Cloud Solutions, IBM Cloud October 28, 2015 Customers are faced with challenge of balancing

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

McAfee Network Security Platform

McAfee Network Security Platform McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking

More information

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com 1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption

More information

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France F5 Identity and Access Management (IAM) Overview Laurent PETROQUE Manager Field Systems Engineering, France F5 s Security Strategy Protect Apps/Data Wherever They Reside Control Access to Apps/Data from

More information

PCI Compliance for Cloud Applications

PCI Compliance for Cloud Applications What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage

More information

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO

More information

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways

More information

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015 NEXPOSE ENTERPRISE METASPLOIT PRO Effective Vulnerability Management and validation March 2015 KEY SECURITY CHALLENGES Common Challenges Organizations Experience Key Security Challenges Visibility gaps

More information

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information

More information

Enterprise Security Solutions

Enterprise Security Solutions Enterprise Security Solutions World-class technical solutions, professional services and training from experts you can trust ISOCORP is a Value-Added Reseller (VAR) and services provider for best in class

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

Unified Security, ATP and more

Unified Security, ATP and more SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users

More information

RSA Identity Management & Governance (Aveksa)

RSA Identity Management & Governance (Aveksa) RSA Identity Management & Governance (Aveksa) 1 RSA IAM Enabling trusted interactions between identities and information Access Platform Authentication Federation/SSO Employees/Partners/Customers Identity

More information

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture

More information

Continuous Network Monitoring

Continuous Network Monitoring Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment

More information

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic

More information

Secure & Unified Identity

Secure & Unified Identity Secure & Unified Identity for End Users & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Identity at Center of Cyber Attacks PRIVILEGED USERS END USERS Copyright 2015 Centrify

More information

QRadar SIEM 6.3 Datasheet

QRadar SIEM 6.3 Datasheet QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar

More information

What is Security Intelligence?

What is Security Intelligence? 2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the

More information

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc. Deep Security Προστατεύοντας Server Farm Available Aug 30, 2011 Σωτήρης Δ. Σαράντος Σύμβουλος Δικτυακών Λύσεων Copyright 2011 Trend Micro Inc. Legacy Security Hinders Datacenter Consolidation Physical

More information

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks 全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks Agenda Challenges and PCI DSS 3.0 Updates Personal Information Protection Act Strategy to Protect against leak of Confidential Personal and Corporate

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

Realizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific

Realizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific Realizing the Benefits of Hybrid Cloud Anand MS Cloud Solutions Architect Microsoft Asia Pacific Agenda Key drivers for Hybrid Cloud Unified Cloud Strategy Example Use Cases How to get there Hybrid Cloud:

More information

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101 Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro

More information

Security of Cloud Computing for the Power Grid

Security of Cloud Computing for the Power Grid ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY

More information

Infrastructure for more security and flexibility to deliver the Next-Generation Data Center

Infrastructure for more security and flexibility to deliver the Next-Generation Data Center Infrastructure for more security and flexibility to deliver the Next-Generation Data Center Stefan Volmari Manager Systems Engineering Networking & Cloud Today's trends turn into major challenges Cloud

More information

SecureVue Product Brochure

SecureVue Product Brochure SecureVue unifies next-generation SIEM, security configuration auditing, compliance automation and contextual forensic analysis into a single platform, delivering situational awareness, operational efficiency

More information

RSA Identity and Access Management 2014

RSA Identity and Access Management 2014 RSA Identity and Access Management 2014 1 Agenda Today s Enterprises and IAM Customer Challenges IAM Requirements RSA IAM Our Competitive Advantage Leading The Pack RSA Views on Identity Management and

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Intel Security and TCS: Together Securing Workloads of the Modern Data Center

Intel Security and TCS: Together Securing Workloads of the Modern Data Center Intel Security and TCS: Together Securing Workloads of the Modern Data Center Data center security today is extremely different from what it was an era ago primarily because the data center has undergone

More information

Clavister InSight TM. Protecting Values

Clavister InSight TM. Protecting Values Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide

More information

Q1 Labs Corporate Overview

Q1 Labs Corporate Overview Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,

More information

October 2014. Four Best Practices for Passing Privileged Account Audits

October 2014. Four Best Practices for Passing Privileged Account Audits Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Looking Ahead The Path to Moving Security into the Cloud

Looking Ahead The Path to Moving Security into the Cloud Looking Ahead The Path to Moving Security into the Cloud Gerhard Eschelbeck Sophos Session ID: SPO2-107 Session Classification: Intermediate Agenda The Changing Threat Landscape Evolution of Application

More information

Trend Micro. Advanced Security Built for the Cloud

Trend Micro. Advanced Security Built for the Cloud datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers

More information

Securing the Cloud through Comprehensive Identity Management Solution

Securing the Cloud through Comprehensive Identity Management Solution Securing the Cloud through Comprehensive Identity Management Solution Millie Mak Senior IT Specialist What is Cloud Computing? A user experience and a business model Cloud computing is an emerging style

More information

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

Caretower s SIEM Managed Security Services

Caretower s SIEM Managed Security Services Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During

More information

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

WHITE PAPER SPLUNK SOFTWARE AS A SIEM SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)

More information

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Seven Things To Consider When Evaluating Privileged Account Security Solutions Seven Things To Consider When Evaluating Privileged Account Security Solutions Contents Introduction 1 Seven questions to ask every privileged account security provider 4 1. Is the solution really secure?

More information

Modular Network Security. Tyler Carter, McAfee Network Security

Modular Network Security. Tyler Carter, McAfee Network Security Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution

More information

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP Dennis de Leest Sr. Systems Engineer Netherlands Microsoft Forefront Threat Management Gateway (TMG) Microsoft Forefront Threat Management

More information

Unified Threat Management, Managed Security, and the Cloud Services Model

Unified Threat Management, Managed Security, and the Cloud Services Model Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical

More information

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service

More information

2013 AWS Worldwide Public Sector Summit Washington, D.C.

2013 AWS Worldwide Public Sector Summit Washington, D.C. Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

OVERVIEW. Enterprise Security Solutions

OVERVIEW. Enterprise Security Solutions Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s

More information

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features The SparkWeave Private Cloud & Secure Collaboration Suite The SparkWeave Private Cloud is a virtual platform hosted in the customer s data center. SparkWeave is storage agnostic, autonomously providing

More information

Mobile Security and Management Opportunities for Telcos and Service Providers

Mobile Security and Management Opportunities for Telcos and Service Providers Mobile Security and Management Opportunities for Telcos and Service Providers Lionel Gonzalez Symantec EMEA Solution architect Mike Gibson Protirus Brice Renaud Orange Business Services ST B03 - Mobile

More information

From the Bottom to the Top: The Evolution of Application Monitoring

From the Bottom to the Top: The Evolution of Application Monitoring From the Bottom to the Top: The Evolution of Application Monitoring Narayan Makaram, CISSP Director, Security Solutions HP/Enterprise Security Business Unit Session ID: SP01-202 Session 2012 Classification:

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security

More information

Log Management Solution for IT Big Data

Log Management Solution for IT Big Data Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE PLATFORM FOR SECURITY, COMPLIANCE, AND IT OPERATIONS More than 1,300 customers across a variety of industries

More information

1518 Best Practices in Virtualization & Cloud Security with Symantec

1518 Best Practices in Virtualization & Cloud Security with Symantec 1518 Best Practices in Virtualization & Cloud Security with Symantec Tues May 6, 11:00 Kevin Stultz Symantec Product Management Chip Epps Symantec Product Marketing 1 Agenda 1 2 Trends in Virtualization

More information

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs? A Special Primer on APTs DETECTING THE ENEMY INSIDE THE NETWORK How Tough Is It to Deal with APTs? What are APTs or targeted attacks? Human weaknesses include the susceptibility of employees to social

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

Trend Micro Cloud Security for Citrix CloudPlatform

Trend Micro Cloud Security for Citrix CloudPlatform Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing

More information

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features The SparkWeave Private Cloud & Secure Collaboration Suite The SparkWeave Private Cloud is a virtual platform hosted in the customer s data center, completely independent from the physical storage hardware,

More information

Creating a Strong Security Infrastructure for Exposing JBoss Services

Creating a Strong Security Infrastructure for Exposing JBoss Services Creating a Strong Security Infrastructure for Exposing JBoss Services JBoss Enterprise SOA Platform Service Clients Service Gateway Enterprise Services Blake Dournaee, Product Management, Intel SOA Products

More information

Security management solutions White paper. Extend business reach with a robust security infrastructure.

Security management solutions White paper. Extend business reach with a robust security infrastructure. Security management solutions White paper Extend business reach with a robust security infrastructure. July 2007 2 Contents 2 Overview 3 Adapt to today s security landscape 4 Drive value from end-to-end

More information

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Compliance

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Compliance SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Compliance www.citrix.com Contents Introduction... 3 Fitting Compliance to the Cloud... 3 Considerations for Compliance in the Cloud... 4

More information

Effective End-to-End Cloud Security

Effective End-to-End Cloud Security Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of

More information

CyberArk Privileged Threat Analytics. Solution Brief

CyberArk Privileged Threat Analytics. Solution Brief CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect

More information

access convergence management performance security

access convergence management performance security access convergence management performance security 2010 2009 2008 2007 WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010 Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE

More information

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy? SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business

More information

What you need to know about Office 365

What you need to know about Office 365 What you need to know about Office 365 Phoenix ISACA Dede Alexiadis Imperva Skyfence Agenda Microsoft Office 365 basics Anytime Anywhere Let the data flow Risk and Governance Deployment Considerations

More information

SourceFireNext-Generation IPS

SourceFireNext-Generation IPS D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture

More information

Integrating Single Sign-on Across the Cloud By David Strom

Integrating Single Sign-on Across the Cloud By David Strom Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud Contents Overview...3 Management Issues...3 Real-World

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

Empowering Your Business in the Cloud Without Compromising Security

Empowering Your Business in the Cloud Without Compromising Security Empowering Your Business in the Cloud Without Compromising Security Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive

More information

REVOLUTIONIZING ADVANCED THREAT PROTECTION

REVOLUTIONIZING ADVANCED THREAT PROTECTION REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my

More information

Unified Identity Management

Unified Identity Management Unified Identity Management Across Data Center, Cloud and Mobile Enterprise of Things = More Complexity DESKTOPS + MOBILE DATA CENTER APPS CLOUD (SaaS) by Red Hat + DATA CENTER SERVERS + CLOUD (IaaS &

More information

Securing Virtual Applications and Servers

Securing Virtual Applications and Servers White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

More information

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD Protecting your infrastructure requires you to detect threats, identify suspicious

More information

VISIBLY BETTER RISK AND SECURITY MANAGEMENT

VISIBLY BETTER RISK AND SECURITY MANAGEMENT VISIBLY BETTER RISK AND SECURITY MANAGEMENT Mason Hooper Practice Manager, SIEM Solutions, McAfee APAC December 13, 2012 Oct 17 10:00:27, Application=smtp, Oct 17 10:00:27, Application=smtp, Event='Email

More information