Trend Micro. Advanced Security Built for the Cloud

Size: px
Start display at page:

Download "Trend Micro. Advanced Security Built for the Cloud"

Transcription

1 datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers including Amazon Web Services, Microsoft Azure, VMware vcloud and others. To ensure an end-to-end secure computing environment, cloud providers employ a shared security responsibility model with their customers. While the cloud provider delivers secure facilities and processes, it is up to organizations to protect their cloud workloads, including operating systems, applications, and data. Built on Trend Micro s industry leading cloud and data center security solution, Trend Micro Deep Security as a Service is designed specifically to complement cloud provider security so that organizations can be fully protected and worry free. The Deep Security service provides a complete suite of security capabilities including firewall, intrusion detection and prevention, anti-malware, integrity monitoring, log inspection, and web reputation. Deep Security as a Service was developed specifically for securing cloud workloads. This highly optimized security offering is cloud based for quick setup and automates and simplifies security operations for cloud instances. Deep Security as a Service is elastic, dynamic and flexible all characteristics necessary to enable organizations to fully exploit the benefits of cloud computing while remaining protected. Key Benefits Deep Security as a Service Security and compliance with a broad set of recommended security capabilities for the deployment of AWS instances Fast deployment from the cloud reduces setup time and eliminates hardware Minimal change to deployment with support for leading cloud deployment tools Lowered risk with instances automatically recognized and secured upon their launch Easy management from an integrated console with customizable policy rules and templates Built on proven technology selected by thousands of customers to secure millions of servers Maximize Operational Cost Reductions Avoids setup and hardware costs by hosting on leading cloud provider platforms Saves the effort to deploy and manage disparate products with a single suite of security capabilities Reduces administrative workload with automatic recognition of new instances Provides vulnerability protection to prioritize secure coding and cost-effective implementation of unscheduled patching Reduces management costs by automating repetitive and resource intensive security tasks, reducing false positive security alerts, and enabling workflow of security incident response Prevent Data Breaches and Business Disruptions Detects and removes malware in real time with minimal performance impact Blocks malware that attempts to evade detection by uninstalling or otherwise disrupting the security program Reduces exposure to attack by ensuring cloud servers are only communicating with expected systems Shields known and unknown vulnerabilities Detects and alerts suspicious or malicious activity to trigger proactive, preventive actions Leverages the web reputation capabilities by controlling server communication at the domain level Achieve Cost-Effective Compliance Addresses major compliance requirements for PCI DSS 2.0, as well as HIPAA, NIST, and SAS 70 with one integrated and cost-effective solution Provides detailed, auditable reports that document prevented attacks and policy compliance status Reduces the preparation time and effort required to support audits Supports internal compliance initiatives to increase visibility of internal network activity Leverages proven technology certified to Common Critera EAL4+ Page 1 of 4 datasheet deep security as a service

2 key features Anti-Malware Optimizes security operations to avoid antivirus storms commonly seen in full system scans and pattern updates Tamper-proofs security from sophisticated attacks in virtual environments by isolating malware from anti-malware Integrity Monitoring Monitors and tracks both authorized and unauthorized changes made to an instance and detects and reports malicious and unexpected changes in real time Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events Web Reputation Integrates with Trend Micro Smart Protection Network for web reputation capabilities to reduce the risk of communicating with compromised domain servers Intrusion Detection and Prevention Protects against known and zero-day attacks by shielding known vulnerabilities from unlimited exploits Examines all incoming and outgoing traffic for protocol deviations, policy violations, or content that signals an attack Automatically shields newly discovered vulnerabilities from attack with auto-updating security policies Assists compliance (PCI DSS 6.6) to protect web applications and the data they process Defends against SQL injection, cross-site scripting, and other web application vulnerabilities Shields against vulnerabilities until code fixes can be completed Includes out-of-the-box vulnerability protection for all major operating systems and over 100 applications, including database, web, , and FTP servers Provides increased visibility into, or control over applications accessing the network Bidirectional Stateful Firewall Decreases the attack surface of each cloud server by creating a firewall perimeter to block attacks and limit communication to only the ports and protocols necessary Centrally manages server firewall policy, including templates for common server types Prevents denial-of-service attacks and detects reconnaissance scans Log Inspection Collects and analyzes operating system and application logs for suspicious behavior, security events, and administrative events across your cloud instances Assists compliance (PCI DSS 10.6) to optimize the identification of important security events buried in multiple log entries Forwards events to SIEM system or centralized logging server for correlation, reporting, and archiving Clear Control at Your Fingertips Enables policy-driven management and administration Customizable dashboard enables users to see the health of their security environment at a glance Customizable policy templates allow users to enable and disable security controls on the fly based on rules they assigned Provides users with immediate notification of events or activities that may require their immediate attention (Logging Alert) Page 2 of 4 datasheet deep security as a service

3 cloud Instances deep security as a service integrated Dashboard Alerts Reports Administrator Deep Security Agent Elastic, Seamless and Stress-Free Designed to seamlessly integrate with cloud infrastructure security controls, making it fast and easy for users to get up and running in minutes Works seamlessly with industry-leading cloud management tools such as Chef, Puppet, Rightscale and others Enables cloud instances to be immediately secured regardless of the deployment method (Active Protection) The AutoSync feature detects new instances and provides detailed information that can be used to automatically set security policy without administrative intervention Built for Security in the Cloud Trend Micro Deep Security as a Service is optimized for leading cloud providers infrastructures, including support of the most common instance types: And compatibility with cloud management tools: Deep Security as a Service Helps You Resolve Key Business Issues Virtual Patching Shield vulnerabilities before they can be exploited and eliminate the operational pains of emergency patching, frequent patch cycles, and costly system downtime Zero-Day Security Protection against zero-day malware while minimizing operational impact from resource inefficiencies and emergency patching Compliance Achieve and prove compliance to a number of regulatory requirements including PCI DSS 2.0, FIPAA, FISMA/NIST, NERC, SAS 70 and more Integrated Security Consolidate all security point products into one comprehensive platform that optimizes protection across all cloud instances Page 3 of 4 datasheet deep security as a service

4 Supported Platforms Microsoft Windows (32/64 bit) Amazon Linux AMI (32/64 bit) Ubuntu (64 bit) Red Hat Enterprise 4, 5, 6 (32-bit/64-bit) 1 SUSE Enterprise 10, 11 (32-bit/64-bit) 1 Deep Security as a Service fits how enterprises use the cloud Customers can deploy in the cloud with the investment model that is consistent with how they purchase cloud services paying on-demand with a credit card within the application, or for reserved instance security, via the Trend Micro sales channel. Flexible Pricing to Meet Cloud Needs Deep Security as a Service provides flexible pricing to reflect how you use the cloud. You can pay only for what you use with a simple per hour rate for securing your cloud instances. There is no minimum fee. Billing is monthly via credit card. Key Certifications and Alliances Common Criteria EAL 4+ PCI Suitability Testing for HIPS (Nss Labs) Visualization by VMware Microsoft Application Protection Program Microsoft Certified Partnership Oracle Partnership HP Business Partnership Certified Red Hat Ready Certification for CSPs Trend Ready for Cloud Service Providers is a global testing program designed for Cloud Service Providers (CSPs) to prove interoperability with industry-leading cloud security solutions from Trend Micro. You can also purchase as an annual-per-server subscription. For this and other purchasing options, please contact your Trend Micro sales representative or reseller, or contact us at Special Pricing for AWS Deep Security as a Service also introduces special pricing for Amazon Web Services that delivers unprecedented value and that reflects how you use AWS. Not only do you pay only for what you use without minimum fees, your costs are based on EC2 instance pricing. With Deep Security as a Service, you only pay for security you use at a rate of 20% of the EC2 price for the instances you are protecting. For example: Securing a Small Instance costs 20% of the current AWS EC2 price (for example, $0.060 per hour) for a cost of $0.012 per hour. Securing an Extra Large Instance costs 20% of the current AWS EC2 price (for example, $0.480 per hour) for a cost of $0.096 per hour. This AWS special pricing requires the use of the Deep Security AWS Connector to detect AWS instance types. Otherwise charges of $0.10 per hour will apply. Pricing is based on Linux, On-Demand Instance price in the US East (N. Virginia) data center. This assures you the lowest cost regardless of what O/S or Region you actually use. As EC2 Pricing changes, your costs will automatically be updated! Or if you would like to manage Deep Security yourself, you can purchase our software version directly on AWS Marketplace. Securing Your Journey to the Cloud 2014 by Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo, and Smart Protection Network are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their owners. Information contained in this document is subject to change without notice. [DS03_DSaaS_141121US] Page 4 of 4 datasheet deep security as a service

ADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS:

ADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS: A Websense White Paper ADVANCED PERSISTENT THREATS AND OTHER ADVANCED ATTACKS: THREAT ANALYSIS AND DEFENSE STRATEGIES FOR SMB, MID-SIZE, AND ENTERPRISE ORGANIZATIONS REV 2 ADVANCED PERSISTENT THREATS AND

More information

Payment Card Industry (PCI) Data Security Standard Approved Scanning Vendors

Payment Card Industry (PCI) Data Security Standard Approved Scanning Vendors Payment Card Industry (PCI) Data Security Standard Approved Scanning Vendors Program Guide Version 2.0 May 2013 Document Changes Date Version Description February 11, 2010 1.0 May 2013 2.0 Approved Scanning

More information

EMC VSPEX PRIVATE CLOUD

EMC VSPEX PRIVATE CLOUD Proven Infrastructure Guide EMC VSPEX PRIVATE CLOUD VMware vsphere 5.5 for up to 1,000 Virtual Machines Enabled by Microsoft Windows Server 2012 R2, EMC VNX Series, and EMC Powered Backup EMC VSPEX Abstract

More information

PCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011

PCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011 Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines

More information

How AWS Pricing Works May 2015

How AWS Pricing Works May 2015 How AWS Pricing Works May 2015 (Please consult http://aws.amazon.com/whitepapers/ for the latest version of this paper) Page 1 of 15 Table of Contents Table of Contents... 2 Abstract... 3 Introduction...

More information

Domain Time II. Time Synchronization Software Suite Precise Time Synchronization for the Entire Enterprise

Domain Time II. Time Synchronization Software Suite Precise Time Synchronization for the Entire Enterprise Domain Time II Time Synchronization Software Suite Precise Time Synchronization for the Entire Enterprise Key Features Comprehensive time client, server & management software for precise time synchronization

More information

Guide to Security for Full Virtualization Technologies

Guide to Security for Full Virtualization Technologies Special Publication 800-125 Guide to Security for Full Virtualization Technologies Recommendations of the National Institute of Standards and Technology Karen Scarfone Murugiah Souppaya Paul Hoffman NIST

More information

Public or Private Cloud: The Choice is Yours

Public or Private Cloud: The Choice is Yours white paper Public or Private Cloud: The Choice is Yours Current Cloudy Situation Facing Businesses There is no debate that most businesses are adopting cloud services at a rapid pace. In fact, a recent

More information

PROACTIVE ASSET MANAGEMENT

PROACTIVE ASSET MANAGEMENT PROACTIVE ASSET MANAGEMENT A pathway to optimized reliability and world-class business performance Oracle Utilities Work and Asset Management 2 Effective work and asset management ensures mission-critical

More information

An architectural blueprint for autonomic computing.

An architectural blueprint for autonomic computing. Autonomic Computing White Paper An architectural blueprint for autonomic computing. June 2005 Third Edition Page 2 Contents 1. Introduction 3 Autonomic computing 4 Self-management attributes of system

More information

Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control. Protect Your Business and Your Customers with Visa s Layers of Security

Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control. Protect Your Business and Your Customers with Visa s Layers of Security Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control Protect Your Business and Your Customers with Visa s Layers of Security Millions of Visa cardholders worldwide make one or more purchases

More information

ORACLE HEALTH SCIENCES INFORM: COMPREHENSIVE CLINICAL DATA CAPTURE AND MANAGEMENT CLOUD

ORACLE HEALTH SCIENCES INFORM: COMPREHENSIVE CLINICAL DATA CAPTURE AND MANAGEMENT CLOUD ORACLE HEALTH SCIENCES INFORM: COMPREHENSIVE CLINICAL DATA CAPTURE AND MANAGEMENT CLOUD KEY BENEFITS Accelerate clinical trial timelines while reducing trial cost and risk Collect and deliver higher-quality

More information

Server Management with Lenovo ThinkServer System Manager

Server Management with Lenovo ThinkServer System Manager Server Management with Lenovo ThinkServer System Manager For next-generation Lenovo ThinkServer systems Lenovo Enterprise Product Group Version 1.0 September 2014 2014 Lenovo. All rights reserved. LENOVO

More information

Out-of-Band Security Solution // Solutions Overview

Out-of-Band Security Solution // Solutions Overview Introduction A few years ago, IT managed security using the hard outer shell approach and established walls where traffic entered and departed the network assuming that the risks originated outside of

More information

Business Management Made Simpler

Business Management Made Simpler SAP Brief SAP s for Small Businesses and Midsize Companies SAP Business One Objectives Business Management Made Simpler Successfully manage and grow your small business Successfully manage and grow your

More information

Achieving Intel Transformation through IT Innovation

Achieving Intel Transformation through IT Innovation IT@Intel Achieving Intel Transformation through IT Innovation 2014 2015 Intel IT Business Review Annual Edition The Transformative Power of Innovation Kim Stevenson Intel Chief Information Officer Contents

More information

What s New in the VMware vsphere 6.0 Platform

What s New in the VMware vsphere 6.0 Platform What s New in the VMware vsphere 6.0 Platform VERSION 1.1/TECHNICAL WHITE PAPER MARCH 2015 Table of Contents Introduction.... 3 vsphere Hypervisor Enhancements.... 3 Scalability Improvements.... 3 ESXi

More information

Architectural Overview

Architectural Overview Architectural Overview Table of Contents SOLUTION HIGHLIGHTS... 1 PHONEX ONE KEY FEATURES... 2 Fully Web-based Solution... 3 SQL Database... 3 MS SQL Express Database...3 Dynamic Hierarchy... 3 Modular

More information

How Do Threat Actors Move Deeper Into Your Network?

How Do Threat Actors Move Deeper Into Your Network? SECURITY IN CONTEXT LATERAL MOVEMENT: How Do Threat Actors Move Deeper Into Your Network? LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is

More information

VMware vsphere with Operations Management and VMware vsphere

VMware vsphere with Operations Management and VMware vsphere VMware vsphere with Operations Management and VMware vsphere Licensing, Pricing and Packaging WHITE PAPER Table of Contents Executive Summary.... 3 VMware vsphere with Operations Management Overview....

More information

Guidelines on Firewalls and Firewall Policy

Guidelines on Firewalls and Firewall Policy Special Publication 800-41 Revision 1 Guidelines on Firewalls and Firewall Policy Recommendations of the National Institute of Standards and Technology Karen Scarfone Paul Hoffman NIST Special Publication

More information

See What's Coming in Oracle Service Cloud

See What's Coming in Oracle Service Cloud See What's Coming in Oracle Service Cloud May 2015 Capabilities and Benefits - Release Content Document ORACLE SERVICE CLOUD MAY RELEASE OVERVIEW This latest release of Oracle Service Cloud provides significant

More information

EOS: The Next Generation Extensible Operating System

EOS: The Next Generation Extensible Operating System EOS: The Next Generation Extensible Operating System Performance, resiliency and programmability across the entire network are now fundamental business requirements for next generation cloud and enterprise

More information

Web Scale IT in the Enterprise

Web Scale IT in the Enterprise Web Scale IT in the Enterprise It all starts with the data Issue 1 2 Q&A With Claus Moldt, Former Global CIO for SalesForce.com and David Roth, CEO of AppFirst 6 From the Gartner Files: Building a Modern

More information

lights-out testing for end-to-end business process validation What It Is and Why You Need It.

lights-out testing for end-to-end business process validation What It Is and Why You Need It. lights-out testing for end-to-end business process validation Contents Executive Summary...3 The Evolution of Testing...3 Lights-Out Testing Defined...4 Why Don t You Have It Already?...5 How Do You Get

More information

FEDERAL CLOUD COMPUTING STRATEGY. Vivek Kundra U.S. Chief Information Officer

FEDERAL CLOUD COMPUTING STRATEGY. Vivek Kundra U.S. Chief Information Officer FEDERAL CLOUD COMPUTING STRATEGY Vivek Kundra U.S. Chief Information Officer FEBRUARY 8, 2011 TABLE OF CONTENTS Executive Summary 1 I. Unleashing the Power of Cloud 5 1. Defining cloud computing 5 2.

More information

An Oracle White Paper October, 2013. Delivering Database as a Service (DBaaS) using Oracle Enterprise Manager 12c

An Oracle White Paper October, 2013. Delivering Database as a Service (DBaaS) using Oracle Enterprise Manager 12c An Oracle White Paper October, 2013 Delivering Database as a Service (DBaaS) using Oracle Enterprise Manager 12c Executive Overview...2 Evolution of Database as a Service...2 Managing the Database Lifecycle...4

More information

Solutions Guide for Data-At-Rest

Solutions Guide for Data-At-Rest Solutions Guide for Data-At-Rest - 2 - SSIF Guide to Data-At-Rest Solutions Table of Contents Introduction... 5 Why Should You Encrypt Your Data?... 6 Threat Model for Data-at-Rest... 7 Encryption Strength...

More information

Who s Really Attacking Your ICS Equipment?

Who s Really Attacking Your ICS Equipment? Trend Micro Incorporated Research Paper 2013 Who s Really Attacking Your ICS Equipment? By: Kyle Wilhoit LEGAL DISCLAIMER The information provided herein is for general information and educational purposes

More information