Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Size: px
Start display at page:

Download "Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection"

Transcription

1 Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection

2 LEVEL SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL Security Connected The Security Connected framework from McAfee enables integration of multiple products, services, and partnerships for SECURITY CONNECTED centralized, efficient, and REFERENCE ARCHITECTURE effective risk mitigation. Built on LEVEL more than two 1 decades 2 3 of 4 5 proven security practices, the Security Connected approach helps organizations of all sizes and segments across all geographies improve security postures, optimize security for greater cost effectiveness, and align security strategically SECURITY with business CONNECTED initiatives. The REFERENCE Security Connected ARCHITECTURE Reference Architecture provides a concrete LEVEL path from 1 ideas 2 3 to 4 5 implementation. Use it to adapt the Security Connected concepts to your unique risks, infrastructure, and business objectives. McAfee is relentlessly focused on finding new ways to keep our customers safe. Optimize your virtual desktop infrastructure for performance and protection The Situation You have been tasked with making Virtual Desktop Infrastructure (VDI) work in order to minimize the management of desktops. As you move VDI into production, you realize that the system resources required to support standard AV on these systems drops your number of concurrent users to an unacceptable level. You see potential for would-be users logging in, but being denied sessions due to lack of VDI resources. This bottleneck could occur with the arrival of a popular attachment or large file issued companywide, causing multiple users to access it at the same time, launching multiple AV scans. A performance hit is also caused by download and installation of required daily updates (DAT signatures and feature updates). When multiple systems update at once, the cumulative effect on the shared memory and processing of the host causes a spike in overall resources and can lead to a full system denial of access for new requests. With users relying on this new virtual desktop, denial of access is not an option, so you factor in additional resources and capacity, leading to a higher cost solution. Driving Concerns Performance issues have made it hard for IT to implement AV efficiently in virtualized desktop infrastructures you have either burdened the client guest image or chosen not to run AV. However, AV on desktops is a base requirement of most companies and an increasing number of regulations, such as the Massachusetts data privacy law. IT must find a practical way to implement AV reliably and efficiently across virtualized desktop infrastructure. Secure virtual desktops add virtualization-specific challenges to the standard issues of maintaining up-todate AV on traditional endpoints. Virtualization adds complexities such as: Peak capacity issues. Workload spikes create a hypervisor overload phenomenon called AV storming (file I/O), where AV scanning and DAT updates consume all of the resources of the virtual infrastructure. This overload prevents the opening of new sessions, restricts users from going about their daily work, and decreases availability of resources for other tasks and other clients. Resource-intensive AV client footprints. Client-based AV scanning solutions consume significant client resources, constraining the number of clients that can be installed per hypervisor and compromising the promised efficiencies of virtualization Management complexity. Today, most companies have implemented independent or overlay operation of virtualization-specific security solutions that act alongside traditional security solutions. Some projects are also run differently by different teams with varying levels of security concerns addressed in the production environment. This parallel model drives up both day-to-day operational costs and the costs of demonstrating compliance. For example, with parallel systems it is twice as difficult to ensure that the latest DAT files and feature updates are applied. 2 Securing VDI

3 Delivering clean and secure dynamic images. When new sessions are initiated, the images should come from a well-controlled image library free of malware to prevent infections from spreading Ensuring that persistent sessions stay secure. As persistent sessions are not refreshed at log off, but remain as a leased section of the data center, they are in close network proximity to critical infrastructure. They need additional security considerations to mitigate the risks that an insecure persistent session would introduce malware or open a door to a hacker. Until IT can overcome these basic VDI challenges, most organizations are unprepared to handle the trend of Consumerization of IT, which adds the need to deliver and secure virtual sessions on employeeowned computers, tablets, or smartphones. Solution Description McAfee recommends two steps to achieve efficient virtual desktop infrastructure (VDI) security. First, enterprises should offload virtual desktop AV operations to a centralized system. Second, security for VDI should integrate with the broader enterprise security infrastructure. This combination addresses the specific technical requirements of desktop virtualization: Peak capacity issues. In this model, a centralized resource a dedicated scanning server on the host or a scanning service implemented as a virtual appliance offloads and consolidates the processing of on-access scanning. The virtual appliance makes it easier to plan and scale capacity, since you only monitor a single environment. In addition, memory resource allocation for each virtual machine decreases because of the offloading and can be released back to the resource pool for more effective utilization. Resource-intensive AV client footprints. When anti-virus scanning is separated from the individual virtual machine instances, the resource requirements needed are drastically reduced. The guest images can concentrate exclusively on end-user application processing. Management complexity. Independent or overlay operation of virtualization-specific solutions can be replaced. Instead, integrated systems manage the policies and scanning of virtual and physical endpoints within a consistent management and reporting environment. Delivering clean and secure dynamic images. The design of virtual desktop infrastructure must ensure the security of the offline images that will be used to deliver dynamic images to new user requests. To keep offline images current, the solution must be able to wake up these images, scan for viruses and malware, and refresh them with the latest security updates and or patches. This maintenance will control the image library and keep it free from malware, ready to serve the next user. Ensuring that persistent sessions stay secure. Memory protection and intrusion prevention should be added to protect sessions that are not refreshed at logoff Decision Elements These factors could influence your architecture: Are you using more than one AV vendor today? Is the security team involved during the initial design stage of a VDI project? Do you want to provide VDI sessions to user-provided laptops, tablets, or smartphones? Are you concerned about persistent sessions allowing buffer overflow attacks in your virtual environment? Securing VDI 3

4 Technologies Used in the McAfee Secure VDI Solution To fulfill these requirements, the McAfee solution has two primary components, McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus and McAfee epolicy Orchestrator (McAfee epo ). For further efficiencies, we offer optional integration with other McAfee solutions for endpoint protection. VM Applications MOVE OS VM Applications MOVE OS MOVE Virtual Appliance Off-load Processing Hypervisor McAfee epo Client Virtual Desktop Client Virtual Desktop McAfee MOVE Figure 1. McAfee MOVE and McAfee epolicy Orchestrator work together to centralize and optimize AV operations in VDI. McAfee MOVE McAfee MOVE AntiVirus (AV) supports on-access file scanning and.dat update functions within virtual desktop environments. This add-on component greatly reduces the infrastructure impact seen with traditional anti-virus deployments. McAfee MOVE AV also includes desktop Host Intrusion Prevention (Host IPS) and McAfee SiteAdvisor Enterprise. For those organizations that are going beyond dynamic VDI sessions and are concerned about memory protection for these persistent sessions, the low impact McAfee Host IPS provides additional layered security to ensure continual protection. McAfee SiteAdvisor Enterprise Plus helps you reduce risk by blocking employee access to risky websites before they click. You can customize the authorization or blocking of website access, view reporting, control messaging, and assign actions based on safety ratings all to enable policy compliance. 4 Securing VDI

5 The McAfee MOVE virtual appliance is the broker that enforces security for each client based on policies defined within McAfee epo. It provides on-access scanning and security processing on behalf of guests. To ensure the responsiveness of the McAfee MOVE Server software, a virtual appliance deployment can be configured to allow both a primary and a secondary MOVE Server. The secondary server resides within the management network of the datacenter. Both servers run on dedicated virtual machines. As long as the guest is accessible on the network, continuous protection is provided. The recommended model uses a lightweight endpoint component communicating with a centralized broker that operates AV on behalf of each virtual machine desktop. The McAfee MOVE guest component is installed on every virtual desktop to communicate with the MOVE Virtual Appliance, and the McAfee Master Agent is also installed for policy enforcement. Each virtual machine can be configured with unique and individual policies or be managed as a collective work group (satisfying the needs of different teams). The broker ensures the most recent signatures (DATs) are used as it performs on-access scanning, providing active, continuous protection during each session. File reputation scores from McAfee Global Threat Intelligence (GTI) help these virtual desktops stay secure. The MOVE offload scanning appliance looks up file reputations in the McAfee GTI database to provide real-time protection. The cloud-based McAfee GTI system receives billions of file reputation queries each month and responds with a score that reflects the likelihood that the file is malware. These reputation scores are based not only on the collective intelligence from sensors querying the McAfee cloud and the analysis performed by McAfee Labs researchers and automated tools, but also on the correlation of cross-vector intelligence from file, web, and network threat data. McAfee MOVE reduces implementation complexity through its support for all of the leading virtual desktop infrastructure solutions, including Citrix, VMware, and Microsoft. McAfee epolicy Orchestrator (McAfee epo) McAfee epo is the centralized policy and management environment used by McAfee products as well as many McAfee partner solutions. For McAfee Secure VDI, this platform installs client software on each guest image, pushes out new policies, monitors client activity, and stores and sends out content and client updates. McAfee epo Extension provides the interface for configuration, scheduling, and security reporting for McAfee MOVE components. McAfee epo Agent acts as an intermediary between the guest and the McAfee epo console and database McAfee epo itself provides a single pane of glass for managing security in both virtualized and physical infrastructures and can roll up status reports across these infrastructures Securing VDI 5

6 Impact of the Solution Deployment of McAfee MOVE and McAfee epo addresses the driving concerns we outlined at the beginning, including AV storming and other peak capacity issues, client resource consumption, management complexity, and the security needs of dynamic images and persistent sessions. With the McAfee solution, you can achieve the maximum ROI of your virtual environment. For example, the design improves hypervisor density MOVE AV has shown dramatic improvements in VDI density as compared to running McAfee VirusScan Enterprise locally and enables efficiencies in CPU, disk, and file I/O management. Even though in a virtual environment you can reimage quickly, the goal is to prevent you from having to perform this activity in the first place. By scanning and updating images even in an offline state, McAfee MOVE AV for virtual desktops ensures that the image library is well controlled and free of malware. This design improves the user experience with access whenever they need it, while unburdening the load of the hypervisor. By overcoming the basic obstacles of creating a secure VDI, you can free your users to connect from multiple sources and networks. With this freedom, your company can move ahead with IT initiatives such as support for personal devices or the move to a hosted datacenter. 6 Securing VDI

7 Q&A Does MOVE AV include the anti-virus scanning engine? Yes, MOVE AV provides McAfee VirusScan Enterprise (VSE) for the dedicated off-load scanning server or the MOVE off-load scanning virtual appliance deployment. Do I need to install McAfee VirusScan into each virtual desktop? No. The MOVE AV Server provides AV functionality on behalf of the endpoints, reducing the workload of each virtual desktop. MOVE AV for virtual servers needs to have McAfee VirusScan installed within the server, but there is no need to install McAfee VirusScan into each virtual desktop. Why does MOVE AV for VDI only provides on-access virus scanning? As most dynamic sessions are refreshed for every login, the common files are in a known clean state. The concern is to ensure that new files that a user brings into the environment such as s, downloads, or from USBs are scanned during access to ensure that they are malware. In addition to AV scanning, MOVE AV also includes desktop Host Intrusion Prevention (Host IPS) and McAfee SiteAdvisor Enterprise. For those organizations that are going beyond dynamic VDI sessions and are concerned about memory protection for these persistent sessions, the low impact McAfee Host IPS provides additional layered security to ensure continual protection. McAfee SiteAdvisor Enterprise Plus helps you reduce risk by blocking employee access to risky websites before they click. You can customize the authorization or blocking of website access, view reporting, control messaging, and assign actions based on safety ratings all to ensure policy compliance. Securing VDI 7

8 Additional Resources For more information about the Security Connected Reference Architecture, visit: About the Author Uy Huynh is a Senior Director for Sales Engineering at McAfee. He is responsible for ensuring his team delivers the right security solutions, designs, and best practices to help customers improve their security postures and protect their most important digital assets. Uy is a security expert who has worked with large Fortune 100 customers such as HP, Oracle, ATT, McKesson, and others to select the right security products to meet their complex requirements. Prior to McAfee, he led and created the SE organization at Foundstone. Here he developed best practices for vulnerability management and risk management for large networks and systems. Prior to Foundstone, he was a Senior Consultant at ISS where he deployed a variety of security solutions, policies, and technologies at large organizations. The information in this document is provided only for educational purposes and for the convenience of McAfee customers. The information contained herein is subject to change without notice, and is provided AS IS without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance Mission College Boulevard Santa Clara, CA McAfee, McAfee Application Control, McAfee epolicy Orchestrator, McAfee epo, McAfee Global Threat Intelligence, McAfee Labs, McAfee MOVE AV, SiteAdvisor, VirusScan, and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2011 McAfee, Inc bp_vdi-L3_1011_wh

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications

Technology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee

More information

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide McAfee Optimized Virtual Environments - Antivirus for VDI Installation Guide COPYRIGHT Copyright 2010-2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,

More information

McAfee Optimized Virtual Environments for Servers. Installation Guide

McAfee Optimized Virtual Environments for Servers. Installation Guide McAfee Optimized Virtual Environments for Servers Installation Guide COPYRIGHT Copyright 2010 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed,

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Protecting the un-protectable Addressing Virtualisation Security Challenges

Protecting the un-protectable Addressing Virtualisation Security Challenges Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure

More information

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo

More information

McAfee MOVE AntiVirus 3.6.0

McAfee MOVE AntiVirus 3.6.0 Release Notes McAfee MOVE AntiVirus 3.6.0 For use with McAfee epolicy Orchestrator Contents About this document About the product New features Installation instructions Known issues Find product documentation

More information

McAfee MOVE / VMware Collaboration Best Practices

McAfee MOVE / VMware Collaboration Best Practices McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...

More information

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business

More information

McAfee MOVE AntiVirus Multi-Platform 3.5.0

McAfee MOVE AntiVirus Multi-Platform 3.5.0 Product Guide McAfee MOVE AntiVirus Multi-Platform 3.5.0 For use with epolicy Orchestrator 4.6.7, 4.6.8, 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption Technology Blueprint Protect Your VoIP/SIP Servers Insulating your voice network and its servers from attacks and disruption LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

McAfee Acquires NitroSecurity

McAfee Acquires NitroSecurity McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security

More information

Symantec Endpoint Protection 12.1.4

Symantec Endpoint Protection 12.1.4 Data Sheet: Endpoint Security Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec

More information

Symantec Endpoint Protection 12.1.6

Symantec Endpoint Protection 12.1.6 Data Sheet: Endpoint Security Overview Last year, we saw 317 million new malware variants, while targeted attacks and zero-day threats were at an all-time high 1. The threat environment is evolving quickly

More information

McAfee Certified Product Specialist McAfee epolicy Orchestrator

McAfee Certified Product Specialist McAfee epolicy Orchestrator McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives

More information

Endpoint Security: Become Aware of Virtual Desktop Infrastructures!

Endpoint Security: Become Aware of Virtual Desktop Infrastructures! Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity

More information

McAfee Endpoint Security Frequently Asked Questions

McAfee Endpoint Security Frequently Asked Questions McAfee Endpoint Security Frequently Asked Questions Overview You re facing new challenges in light of the increase of advanced malware. Limited integration between threat detection, network, and endpoint

More information

Data Center Connector 3.0.0 for OpenStack

Data Center Connector 3.0.0 for OpenStack Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work. Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using

More information

Solutions Brochure. Security that. Security Connected for Financial Services

Solutions Brochure. Security that. Security Connected for Financial Services Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER Table of Contents Thin, Legacy-Free, Purpose-Built Hypervisor.... 3 More Secure with Smaller Footprint.... 4 Less Downtime Caused by Patches...

More information

Endpoint protection for physical and virtual desktops

Endpoint protection for physical and virtual desktops datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become

More information

Boost your VDI Confidence with Monitoring and Load Testing

Boost your VDI Confidence with Monitoring and Load Testing White Paper Boost your VDI Confidence with Monitoring and Load Testing How combining monitoring tools and load testing tools offers a complete solution for VDI performance assurance By Adam Carter, Product

More information

Maximizing Your Desktop and Application Virtualization Implementation

Maximizing Your Desktop and Application Virtualization Implementation Maximizing Your Desktop and Application Virtualization Implementation The Essentials Series sponsored by David Davis Article 1: Using Hosted Applications with Desktop Virtualization... 1 The State of Desktop

More information

McAfee MOVE AntiVirus (Agentless) 3.6.0

McAfee MOVE AntiVirus (Agentless) 3.6.0 Product Guide McAfee MOVE AntiVirus (Agentless) 3.6.0 For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,

More information

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform McAfee Endpoint Security 10 provides customers with an intelligent, collaborative framework, enabling endpoint defenses to

More information

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure. McAfee Endpoint Protection for SMB You grow your business. We keep it secure. Big Protection for Small to Medium-Sized Businesses With the Internet and connected devices now an integral part of your business,

More information

McAfee Total Protection Reduce the Complexity of Managing Security

McAfee Total Protection Reduce the Complexity of Managing Security McAfee Total Protection Reduce the Complexity of Managing Security Computer security has changed dramatically since the first computer virus emerged 25 years ago. It s now far more complex and time-consuming.

More information

Two Great Ways to Protect Your Virtual Machines From Malware

Two Great Ways to Protect Your Virtual Machines From Malware Two Great Ways to Protect Your Virtual Machines From Malware By Maxim Weinstein, CISSP, Senior Product Marketing Manager Virtualization promises to reduce operational costs, simplify management and increase

More information

Endpoint protection for physical and virtual desktops

Endpoint protection for physical and virtual desktops datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become

More information

IBM Endpoint Manager for Core Protection

IBM Endpoint Manager for Core Protection IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,

More information

Strategies for Protecting Virtual Servers and Desktops

Strategies for Protecting Virtual Servers and Desktops Strategies for Protecting Virtual Servers and Desktops by Jonathan Tait, Product Marketing Manager Virtualization Today Over the past few years, virtualization technology has transformed the data center.

More information

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements

Technology Blueprint. Protect Your Email. Get strong security despite increasing email volumes, threats, and green requirements Technology Blueprint Protect Your Email Get strong security despite increasing email volumes, threats, and green requirements LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security

More information

McAfee Threat Intelligence Exchange 1.0.1 Software

McAfee Threat Intelligence Exchange 1.0.1 Software Release Notes McAfee Threat Intelligence Exchange 1.0.1 Software Contents About this release Installation instructions New features Resolved issues Known issues Product documentation About this release

More information

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012 McAfee Deep Safe Security beyond the OS Kai-Ping Seidenschnur Senior Security Engineer October 16, 2012 Intel/McAfee Initiatives: epo Deep Command and Deep Defender McAfee epo Deep Command Security Management

More information

When Desktops Go Virtual

When Desktops Go Virtual When Desktops Go Virtual Virtualization Security. Addressing security challenges in your virtual desktop infrastructure A Trend Micro White Paper February 2011 I. VIRTUAL DESKTOP INFRASTRUCTURE Server

More information

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes Technology Blueprint Protect Your Application Servers Preserve uptime by blocking attacks and unauthorized changes LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security Connected

More information

Optimize VDI with Server-Side Storage Acceleration

Optimize VDI with Server-Side Storage Acceleration WHITE PAPER Optimize VDI with Server-Side Storage Acceleration Eliminate Storage Bottlenecks for Fast, Reliable Virtual Desktop Performance 1 Virtual Desktop Infrastructures (VDI) give users easy access

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Driving Company Security is Challenging. Centralized Management Makes it Simple. Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary

More information

VDI Security for Better Protection and Performance

VDI Security for Better Protection and Performance VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments

More information

Bitdefender GravityZone Sales Presentation

Bitdefender GravityZone Sales Presentation 6 March 2014 Page 1 Bitdefender GravityZone Sales Presentation 1 Page 2 Bitdefender at a Glance The #1 Anti-Malware Security Technology in the world First security software vendor to receive top recommendations

More information

Technology Blueprint. Enforcing Endpoint Compliance on the network. Police your managed and unmanaged systems with Network Access Control (NAC)

Technology Blueprint. Enforcing Endpoint Compliance on the network. Police your managed and unmanaged systems with Network Access Control (NAC) Technology Blueprint Enforcing Endpoint Compliance on the network Police your managed and unmanaged systems with Network Access Control (NAC) LEVEL 2 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

Quick Start Guide. McAfee Product Improvement Program 1.1.0

Quick Start Guide. McAfee Product Improvement Program 1.1.0 Quick Start Guide McAfee Product Improvement Program 1.1.0 COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection,

More information

Symantec Endpoint Protection 12.1.2

Symantec Endpoint Protection 12.1.2 Data Sheet: Endpoint Security Overview offers comprehensive defense against complex attacks for both physical and virtual environments. It integrates ten essential security technologies in a single, high

More information

solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms?

solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms? solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms? CA Capacity Management and Reporting Suite for Vblock Platforms

More information

Endpoint Security for DeltaV Systems

Endpoint Security for DeltaV Systems DeltaV Systems Service Data Sheet Endpoint Security for DeltaV Systems Essential protection that consolidates endpoint and data security. Reduces the time and effort spent deploying and managing security

More information

McAfee MOVE AntiVirus 2.6.0

McAfee MOVE AntiVirus 2.6.0 Deployment Guide McAfee MOVE AntiVirus 2.6.0 For use with epolicy Orchestrator 4.5.0, 4.6.0 Software COPYRIGHT Copyright 2012 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,

More information

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic

More information

Maximizing Your Desktop and Application Virtualization Implementation

Maximizing Your Desktop and Application Virtualization Implementation Maximizing Your Desktop and Application Virtualization Implementation The Essentials Series sponsored by David Davis Article 1: Using Hosted Applications with Desktop Virtualization... 1 The State of Desktop

More information

Unprecedented Malware Growth

Unprecedented Malware Growth McAfee epolicy Orchestrator 4.5 Best Practices Sumeet Gohri Mid-Atlantic Sales Engineer McAfee User Group meeting organized by MEEC Agenda 9:30 am 9:45 am Welcome 9:45 am - 11:00 am epo 11:00 am 11:15

More information

McAfee Product Entitlement Definitions

McAfee Product Entitlement Definitions McAfee Product Entitlement Definitions McAfee. Part of Intel Security. 2821 Mission College Blvd Santa Clara, CA 95054 www.intelsecurity.com Application Server CPU CPU Core Database An Application Server

More information

End to End Security do Endpoint ao Datacenter

End to End Security do Endpoint ao Datacenter do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:

More information

Trend Micro Enterprise Security

Trend Micro Enterprise Security Trend Micro Enterprise Security Immediate Protection. Less Complexity. Changing the Game for Anti-Virus in the Virtual Datacenter A Trend Micro White Paper September 2010 I. INTRODUCTION From its early

More information

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1

More information

Solutions Brochure. Situation Control. Security Connected for the Public Sector

Solutions Brochure. Situation Control. Security Connected for the Public Sector Solutions Brochure Situation Under Control Security Connected for the Public Sector 2 Security Connected for the Public Sector Increase Availability. Strengthen Resiliency. Government entities face pressure

More information

Citrix desktop virtualization and Microsoft System Center 2012: better together

Citrix desktop virtualization and Microsoft System Center 2012: better together Citrix desktop virtualization and Microsoft System Center 2012: better together 2 Delivery of applications and data to users is an integral part of IT services today. But delivery can t happen without

More information

can you effectively plan for the migration and management of systems and applications on Vblock Platforms?

can you effectively plan for the migration and management of systems and applications on Vblock Platforms? SOLUTION BRIEF CA Capacity Management and Reporting Suite for Vblock Platforms can you effectively plan for the migration and management of systems and applications on Vblock Platforms? agility made possible

More information

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises

More information

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator 4.6.0 Software

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator 4.6.0 Software Hardware Sizing and Bandwidth Usage Guide McAfee epolicy Orchestrator 4.6.0 Software COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,

More information

White Paper. Getting the most out of your cloud deployment

White Paper. Getting the most out of your cloud deployment White Paper Getting the most out of your cloud deployment Contents Introduction...3 Moving your application into the cloud...3 Securing your application in the cloud...4 Traditional security pitfalls...4

More information

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what

More information

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE White Paper JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE Copyright 2012, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3 Typical Antivirus Use Cases...3 Use Case

More information

McAfee Web Reporter Turning volumes of data into actionable intelligence

McAfee Web Reporter Turning volumes of data into actionable intelligence McAfee Web Reporter Turning volumes of data into actionable intelligence Business today is more Internet-dependent than ever before. From missioncritical services to productivity tools, Internet access

More information

Security Information & Event Management (SIEM)

Security Information & Event Management (SIEM) Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting

More information

Meeting the Challenges of Virtualization Security

Meeting the Challenges of Virtualization Security Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization

More information

Best Practices Guide Revision B. McAfee epolicy Orchestrator 5.1.0 Software

Best Practices Guide Revision B. McAfee epolicy Orchestrator 5.1.0 Software Best Practices Guide Revision B McAfee epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com

More information

Extreme Networks Security Analytics G2 Vulnerability Manager

Extreme Networks Security Analytics G2 Vulnerability Manager DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering

More information

Database Security in Virtualization and Cloud Computing Environments

Database Security in Virtualization and Cloud Computing Environments White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and

More information

Reducing the cost and complexity of endpoint management

Reducing the cost and complexity of endpoint management IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and

More information

Product Guide. McAfee Endpoint Security 10

Product Guide. McAfee Endpoint Security 10 Product Guide McAfee Endpoint Security 10 COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE,

More information

Consulting Solutions WHITE PAPER Citrix XenDesktop. XenDesktop 5. Reference Architecture.

Consulting Solutions WHITE PAPER Citrix XenDesktop. XenDesktop 5. Reference Architecture. Consulting Solutions WHITE PAPER Citrix 5 Reference Architecture www.citrix.com Contents Contents... 2 Overview... 3 Conceptual Architecture... 3 Hosted VDI Desktop Conceptual Architecture... 4 Control

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

Symantec Endpoint Protection 12.1.5 Datasheet

Symantec Endpoint Protection 12.1.5 Datasheet Symantec Endpoint Protection 12.1.5 Datasheet Data Sheet: Endpoint Security Overview Malware has evolved from large-scale massive attacks to include Targeted Attacks and Advanced Persistent Threats that

More information

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Solution Paper Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS Contents About this Document...3 Executive Overview...3 Introduction...4 Brief

More information

VIRTUALIZATION SECURITY IN THE REAL WORLD

VIRTUALIZATION SECURITY IN THE REAL WORLD VIRTUALIZATION SECURITY IN THE REAL WORLD Growing Technology Virtualization has become the standard for many corporate IT departments. The market for server virtualization infrastructure has matured, surpassing

More information

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE Combining protection and performance in your virtualized environment kaspersky.com/beready Introduction In the end, they re all servers and someone

More information

Parallels VDI Solution

Parallels VDI Solution Parallels VDI Solution White Paper Version 1.0 April 2009 Table of Contents Enterprise Desktop Computing Challenges... 3 What is Virtual Desktop Infrastructure (VDI)... 3 Benefits of Virtual Desktop Infrastructure...

More information

White paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios

White paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios White paper Microsoft and Citrix VDI: Virtual desktop implementation scenarios Table of contents Objective Microsoft VDI offering components High definition user experience...3 A very cost-effective and

More information

McAfee VirusScan and epolicy Orchestrator Administration Course

McAfee VirusScan and epolicy Orchestrator Administration Course McAfee VirusScan and epolicy Orchestrator Administration Course Intel Security Education Services Administration Course Training The McAfee VirusScan and epolicy Orchestrator Administration course from

More information

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

New possibilities in latest OfficeScan and OfficeScan plug-in architecture New possibilities in latest OfficeScan and OfficeScan plug-in architecture Märt Erik AS Stallion Agenda New in OfficeScan 10.5 OfficeScan plug-ins» More Active Directory support» New automated client grouping

More information

Tough Times. Tough Choices.

Tough Times. Tough Choices. Security-as-a-Service is the right choice, right now. Table of Contents A New Choice for Every Business: Security-as-a-Service 3 Security-as-a-Service: One Service, Countless Protections 4 Outsource Your

More information

WHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY

WHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY WHITE PAPER The Protection and Operational Benefits of Agentless Security in Virtual Environments An Osterman Research White Paper Published March 2012 SPONSORED BY sponsored by! SPON sponsored by Osterman

More information

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources

More information

Maximizing Your Desktop and Application Virtualization Implementation

Maximizing Your Desktop and Application Virtualization Implementation Maximizing Your Desktop and Application Virtualization Implementation The Essentials Series sponsored by David Davis Desktop and Application Virtualization Management Best Practices... 1 Image Management

More information

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...

More information

McAfee epolicy Orchestrator * Deep Command *

McAfee epolicy Orchestrator * Deep Command * SOLUTION BLUEPRINT IT SECURITY MANAGEMENT McAfee epolicy Orchestrator * Deep Command * Industry IT security management across industries Business Challenge Comprehensive security management solution allowing

More information

McAfee Enterprise Mobility

McAfee Enterprise Mobility McAfee Enterprise Mobility Bringing Mobile Devices into the Security Infrastructure John Dasher 14 September 2011 Devices/Users (MM in Log Scale) Hypergrowth in Mobile Devices Computing Cycles in Perspective

More information