How RSA has helped EMC to secure its Virtual Infrastructure

Transcription

1 How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano Veronese, Senior Technology Consultant 1 EMC IT At A Glance User Profiles 24,000 Internal Users 51,000 Internal Users IT Environment 70,000 Customers And Partners 5 Data Centers, 960 TB Storage 400,000+ Customers And Partners 5 Data Centers, 10 PB Storage Business Applications ~ 400 Applications And Tools ~500 Applications And Tools Virtualization 2,000 Physical Servers ~ 6,000 OS Images (Worldwide) 86% Of All Servers Virtualized Global Support 50+ Countries And 15 Languages 80+ Countries And 20 Languages 2 EMC IT s Journey To The Cloud IT PRODUCTION BUSINESS PRODUCTION IT-AS-A-SERVICE Infrastructure Focus Applications Focus Business Focus 100% % VIRTUALIZED 86% 70% 30% 40% 15%

2 4 The EMC s Security Requirements for its Virtual Infrastructure needs Ensure the business critical applications we are moving to the virtual infrastructure will run in a secure and compliant environment Security and compliance checks must run across mixed VMware and physical IT environments also to manage the transition period Quickly react to to security events coming from the virtual environment Be able to assess hybrid and public cloud service providers to move in the future to a hybrid model What does it mean secure and compliant? The Concept of Compliance Compliance is an ongoing cyclical activity Desired: e.g. Best Practice Corporate Objectives Policies Mandated: e.g. PCI, Basel II Control Standards Questionnaire s Control Procedures People Process Technology Effectiveness Control Self Assessments Independent Reviews Compliance Tool Integration Technical Control Checks Issue Findings Remediation Exceptions 5 EMC and RSA jointly developed the RSA Solution for Cloud Security and Compliance Enabling the Cycle of Compliance: RSA Securbook Discover VMware infrastructure using Archer EM Define security policy and controls using Archer PM Manage security incidents that affect compliance using Archer CM/IM and the RSA envision SIEM RSA Archer egrc Manual and automated configuration assessment leveraging Archer CM Remediation of non-compliant controls leveraging Archer Issue 6

3 7 The architecture Automated Measurement Agent Component Discovery and Population Configuration Measurement VMware-specific Controls RSA Archer egrc alerts RSA envision The RSA Archer egrc Ecosystem 8 RSA Archer egrc Solutions Business Continuity Automate your approach to business continuity and disaster recovery planning, and enable rapid, effective crisis management in one solution. Threat Track threats through a centralized early warning system to help prevent attacks before they affect your enterprise. Audit Centrally manage the planning, prioritization, staffing, procedures and reporting of audits to increase collaboration and efficiency. Policy Centrally manage policies, map them to objectives and guidelines, and promote awareness to support a culture of corporate governance. Risk Identify risks to your business, evaluate them through online assessments and metrics, and respond with remediation or acceptance. Compliance Document your control framework, assess design and operational effectiveness, and respond to policy and regulatory compliance issues. Vendor Centralize vendor data, manage relationships, assess vendor risk, and ensure compliance with your policies and controls. Incident Report incidents and ethics violations, manage their escalation, track investigations and analyze resolutions. Enterprise Manage relationships and dependencies within your enterprise hierarchy and infrastructure to support GRC initiatives. 9

4 10 Enabling the Cycle of Security Compliance Manage security incidents that affect compliance using Archer CM/IM and the RSA envision SIEM Manual and automated configuration assessment leveraging Archer CM RSA Archer egrc Remediation of non-compliant controls leveraging Archer Issue Discover VMware infrastructure and define policy/controls to manage 11 Vmware-specific control procedures Over 130 VMware control procedures (guidelines/checklist to configure or verify configurations) have been added to the Archer Content Library to provide specific instructions for configuring and hardening VMware infrastructure in the following areas Access control Platform security Information security Operational security Vmware control procedures derive directly from the VMware vsphere 4.1 Security Hardening Guide 12

5 13 Control Procedure List, Status and Measurement Method Mapping VMware security controls to regulations and standards ISO Communications & operations management Customer Policy For example, EMC 5.9 Malicious Software ISO Communications & operations management VMP01 General Protection Secure VM as you would physical machine 10.4 Protection against malicious code Installation and regular update of detection and repair software All Corporate owned systems must be protected against the possible infection of viruses 10.4 Protection against malicious code Installation and regular update of detection and repair software Ensure antivirus, antispyware, intrusion detection, etc. are enabled 14 Enabling the Cycle of Security Compliance Manage security incidents that affect compliance using Archer CM/IM and the RSA envision SIEM RSA Archer egrc Remediation of non-compliant controls leveraging Archer Issue 15

6 16 Distribution and Tracking Control Procedures Security Admin Server Admin Project Manager Network Admin VI Admin Initial Deployment Questionnaire 17 V.I Admin logs in and respond to questionnaires 18

7 19 Enabling the Cycle of Security Compliance Manage security incidents that affect compliance using Archer CM/IM and the RSA envision SIEM Manual and automated configuration assessment leveraging Archer CM RSA Archer egrc Deployment and Remediation Work Queues 20 Overall Virtual Infrastructure Compliance Dashboard 21

8 22 Enabling the Cycle of Security Compliance Manual and automated configuration assessment leveraging Archer CM RSA envision collects, analyzes and feeds security incidents from RSA, VMware and ecosystem products to inform Archer dashboards RSA Archer egrc Remediation of non-compliant controls leveraging Archer Issue Manage Events and Incidents in real time VMware vshield Network Security Events Fed to Archer 23 Help select providers for Hybrid Clouds Assessing Service Provider Compliance RSA Solution for Cloud Security and Compliance aligns with CSA Consensus Assessment Questions by automating 195 questions that customers can issue to assess cloud service providers. Cloud Security Alliance s 13 domains of focus for cloud computing 24

9 25 Example: Assessing Cloud Service Providers Results: Benchmarking vendors based on CSA standards Summary Verify V.I compliance and security automatically (mostly) saving time and overall costs Addresses both physical and virtual environments Maps technical security controls for VMware environments to regulations, standards and VMware Hardening Guide Includes automated device discovery Integrates the Virtual Infrastructure security and compliance into the bigger enterprise view (thanks to the GRC) Fight the silos approach logic promoted by acquiring specialized products Integrates VMWare controls into the enterprise control framework Add you own policies and map the VMWare controls Understand how the V.I can impact the IT and Enterprise RISK level THANK YOU 27