RSA Security Solutions for Virtualization
|
|
- Warren Copeland
- 8 years ago
- Views:
Transcription
1 RSA Security Solutions for Virtualization Grzegorz Mucha
2 Securing the Journey to the Cloud The RSA Solution for Virtualized Datacenters The RSA Solution for VMware View The RSA Solution for Cloud Security and Compliance 2
3 What do these numbers mean? Why Question is this bad? Does your IT Restricted security address potential the value risks associated with Increased virtualization potential and for private data cloud breaches before they are implemented? 24% 43% 22% 11% Yes, in all cases In some cases, but there are gaps No, security is brought in after the fact The business moves ahead without security Source: Live EMC Forum pole conducted in 5 cities across N. America, 10/09
4 Securing the Journey to The Cloud IT Production Lower Costs Business Production Improve Quality Of Service IT-As-A-Service Improve Agility % Virtualized 85% 95% 70% 30% 15% Platinum Gold Secure multi-tenancy, Verifiable chain of trust Security Compliance, information-centric security, risk-driven policies, IT and security operations alignment Visibility into virtualization infrastructure, privileged user monitoring, access management, network security
5 Gartner: Most Common Security Risks in Data Center Virtualization Projects* Gartner Risks Information Security Isn't Initially Involved in the Virtualization Projects Compromise of the Virtualization Layer Could Result in the Compromise of All Hosted Workloads Workloads of Different Trust Levels Are Consolidated Onto a Single Physical Server Without Sufficient Separation Adequate Controls on Administrative Access to the Hypervisor/VMM Layer and to Administrative Tools Are Lacking There Is a Potential Loss of Separation of Duties for Network and Security Controls How RSA can help Security Virtualization Assessment Gartner Says 60 Percent of Virtualized Servers Will Be Less Secure Than the Physical Servers RSA envision They Replace Through 2012 RSA DLP Suite RSA envision RSA SecurID RSA SecurID *
6 End to end chain of trust and visibility (Physical and Virtual) Better Security with Virtualization Trusted zone DMZ APP OS APP OS VM layer APP OS Logical security zones that move with virtual machines (e.g. VMware vshield Zones virtual firewall) Unified Point of Control Deep visibility and unified reporting e.g. RSA envision & RSA Archer support for VMware Compute Virtual Infrastructure (including hypervisor) Network Storage Unified Security controls embedded deep within Reporting virtual infrastructure (e.g., VMsafe APIs for deep security Efficient, introspection) Flexible Integrity monitoring for hardware and hypervisor to ensure a trusted computing environment (e.g., Intel, VMware, RSA PoC)
7 The RSA Solution for Virtualized Datacenters
8 RSA SecurID Same OTP Algorithm Time Same Time Algorithm Time Authentication Manager Seed Same Seed Seed 2 Factor Authentication Time-based OTP has precise clock that changes password every 60 seconds Multiple form factors of tokens
9 RSA envision Event Log Management Simplifying Compliance Enhancing Security Optimizing IT & Network Operations Compliance reports for regulations and internal policy Reporting Auditing Real-time security alerting and analysis Forensics Alert / correlation IT monitoring across the infrastructure Network baseline Visibility Purpose-built database (IPDB) RSA envision Log Management Platform Security Devices Network Devices Applications / Databases Servers Storage
10 Event Anomaly Recognized
11 envision in the VMware Environment envision Collector uses VMware native API s to retrieve the logs from vcenter and all ESX/ESXi servers Only SIEM that collects 2 distinct logs from VMware environment thru 1 seamless, agentless connection vcenter logs ESX/ESXi server logs 19 Event Categories (Auth.Failures, System.Shutdown etc) Over 380 distinct messages (vmotion, Snapshots, User Login, VM Power On/Off/Reset, VM Clone etc.) Ease of analysis, implementation and change control in VMware environment
12 Auto Discover All Managed ESX Servers through Virtual Center
13 Purpose-built Virtualization Reports
14 Easily Build Customized Virtualization Reports
15 envision Dashboard VMware Events and Activity
16 Vblock A New Way of Delivering IT to Business Production-ready Pre-integrated, tested and modular packages of virtualized infrastructure Best of breed technologies Compute: Cisco UCS Network: Cisco Nexus family, Cisco MDS 9000 series Storage: EMC Symmetrix V-Max or EMC Unified Storage (Celerra and CLARiiON) Hypervisor: VMware vsphere 4 Management: Cisco UCS Manager, EMC Ionix Unified Infrastructure Manager, VMware vcenter Security: RSA
17 RSA s Approach to Securing Vblock 2 Secure each application validated with Vblock (e.g., VMware View, SAP) Central Security Management and Reporting 1 Secure the core Vblock platform (VMware, Cisco, EMC components)
18 Secure the Core Vblock Platform Validated with Vblock Vmware Administrator vsphere Management Assistant RSA SecurID Strong authentication before access to ESX Service Console and vsphere Management Assistant Virtual Machines and Applications vsphere UCS Storage Security and compliance officer RSA envision Comprehensive visibility into security events Security incident management, compliance reporting
19 envision Dashboard: Monitoring Vblock Event Sources by Event Category
20 Understand and Monitor Admin Activity of your Virtualized Storage
21 Understanding Activity in your Virtualized World Do you need to be alerted when VM s are restarted? Do you need to monitor permission changes in VMWare? Would you like to know when VM s are being created and by whom? Would you like to know when VM s are moved to another ESX Server? Would you like to know when Virtualized Storage has been reconfigured? Do you need to incorporate VMWare activity into your Compliance Audits? Would you like to be able to correlate events from VMWare administration with events from the Operating Systems Logs and Application Logs?
22 Use Case Scenarios Protecting Management Console Applying Patch to Production System Lost Laptop Unauthorized Administrator
23 Scenario Apply Patch to Production System - Before Production Datacenter HR Application Server VM PATCH Test Environment HR Application Server VM PATCH HR Database Server VM HR Database Server VM HRDB Name, SSN, DoB, etc HRDB Name, SSN, DoB, etc Is the test Is this A common an way to apply 1 Clone patches virtual is to try environment Who them accessed out in a the test environment Was the VM 3 Apply environment authorized Patch 2to Test production Patch data environment in the test destroyed after In a virtual This sufficiently is world difficult protected you and can time-consuming clone the system, in a production data and all procedure? environment? it was used? environment, & controlled? but very easy in a virtual environment
24 Scenario Apply Patch to Production System - After Production Datacenter HR Application Server VM PATCH Test Environment HR Application Server VM PATCH HR Database Server VM HR Database Server VM HRDB Name, SSN, DoB, etc HRDB Name, SSN, DoB, etc 3 Apply 1Patch Clone 2to virtual Test production Patch environment environment VM Cloned VM Cloned Patch Applied RSA envision can log the administrative activity from vcenter, like the VM being cloned RSA envision Patch Applied Patch Applied VM Deleted If this is out of policy If the test we environment can alert a security is properly protected, analyst then it will also be monitored by RSA envision
25 Scenario Protecting Your Management Console Remote desktop into your Management LAN via VPN Management LAN vcenter Server ESX Service Console Vblock Management Console SSL VPN supporting RSA SecurID
26 Scenario Unauthorized Administrator PCI Zone Non-PCI Zone Store Management Windows VM Transaction Management Application Transaction DB Credit Card numbers In a PCI environment, you Suppose permissions are set up need VM to Moved validate that only incorrectly, and an unauthorized authorized administrators administrator by kpbrady can move a VM are modifying the system RSA envision Authorized PCI Admin? Active Directory RSA If the envision RSA administrator envision can check logs is not against what authorized, activities a watchlist RSA envision of were authorized performed can alert PCI a and administrators security by whom analyst
27 RSA Solution for VMware View
28 Today s Endpoint Security Challenges Expensive but still vulnerable 60% of the security budget is consumed by endpoint security software (1) Lost or stolen laptops is the largest single source of breaches (2) Gateway to infection and theft 35% of infected PCs had up-to-date antivirus software installed. (3) Malware, typically contracted through web browsing, contributed to 82% of records compromised in 2009 (4) Fraudsters Physical endpoint Virtual Data Center Online Banking, Social Networking e-commerce, etc. Source: (1) Gartner, Inc. (2) OSF Data loss DB (3) Panda Labs (4) Verizon Business
29 So how does VDI make me more secure?
30 How VDI addresses the Lost Laptop Scenario vshield protected network RSA SecurID Endpoint with NO sensitive data Virtual Desktop with access to sensitive data Application with sensitive data Virtual Desktop No USB or only secure USB allowed via RSA DLP Network access controlled via VMware vshield The process is fully logged by RSA envision
31 RSA Solution for VMware View Validated with Vblock VMware VCM for security config and patch management VMware Infrastructure RSA DLP for protection of data in use RSA SecurID for remote authentication Active Directory VMware View Manager VMware vcenter Clients RSA SecurID for ESX Service Console and vma RSA envision log collection VMware vcenter & ESX(i) VMware View RSA SecurID RSA DLP Active Directory
32 RSA SecurBook for VMware View RSA Solutions Multi-product solutions Validated in the RSA Solutions Center RSA SecurBooks Guides for planning, deploying, and administering RSA solutions. Comprehensive reference architecture, screenshots, practical guidance Google rsa securbook view
33 RSA Solution for Cloud Security and Compliance
34 Security-Specific Factors That Would Enable More Widespread Usage of Server Virtualization From an information security perspective, which of the following developments need to take place in order to enable more widespread server virtualization usage? (Percent of respondents, N=105, multiple responses accepted) More secure virtualization management and operations Virtual security tools that use the same formats as my physical security devices 33% 33% Compliance management tools that recognize virtual server events Need better tools to identify and configure relationships between virtual machines Tighter integration between security management and security management tools A better understanding of how server virtualization security will align with cloud-based security services Data/storage encryption to protect virtual machines on disk Virtual firewalls and filtering devices to secure virtual machine to virtual machine traffic Network encryption to protect virtual machines in flight 27% 26% 26% 24% 24% 23% 22% Additional virtualization training for security staff 20% Log management or SIEM tools that recognize virtual server events 18% New host-based security tools designed for virtual servers 16% 2010 Enterprise Strategy Group 0% 5% 10% 15% 20% 25% 30% 35%
35 Customer Challenges Business Objective (CIO) Accelerate/start virtualization of business critical apps to continue optimizing costs PAINS Lack of visibility into and control over security and compliance status of the virtual infrastructure Business Objective (CISO) Manage risk and compliance while going from IT production to business production Difficult to rationalize the complexity of compliance requirements across virtual and physical environments Lack of guidance and orchestration for securing virtual infrastructure comprehensively High cost and difficulty of responding to compliance audits for virtual environments Inefficient management of security and compliance across IT and security operations teams Lack of consistency in physical and virtual security increases cost and complexity of virtualization Fragmented views of data across hybrid infrastructure causes delays in identifying risk and compliance breaches/concerns
36 Securing the Journey to The Cloud IT Production Lower Costs Business Production Improve Quality Of Service IT-As-A-Service Improve Agility % Virtualized 85% 95% 70% 30% 15% Platinum Gold Secure multi-tenancy, Verifiable chain of trust Security Compliance, information-centric security, risk-driven policies, IT and security operations alignment Visibility into virtualization infrastructure, privileged user monitoring, access management, network security
37 How we do it: Solution Components v1.0 RSA Archer egrc Platform 130+ control procedures mapped to VMware best practices Automated deployment workflow, configuration measurement, incident notification and reporting Maps technical security controls to Authoritative Sources (Regulations like PCI) Single business view of compliance for both physical and virtual RSA envision (SIEM) Correlate security and compliance events across virtual and physical environments, fed into Archer E.g. VMware vshield, VMware vcloud Director, HyTrust Appliance, EMC Ionix, etc RSA Data Loss Prevention (DLP) Suite RSA SecurBook
38 Enabling the Cycle of Security Compliance Discover VMware infrastructure Define security policy Manage security incidents that affect compliance Manual and automated configuration assessment RSA Archer egrc Remediation of non-compliant controls
39 Enabling the Cycle of Security Compliance Discover VMware infrastructure Define security policy What s New Over 100 VMware-specific controls added to Archer library, mapped to regulations/standards Manage security incidents that affect compliance Manual and automated configuration assessment RSA Archer egrc Remediation of non-compliant controls
40 RSA Archer: Mapping VMware security controls to regulations and standards Authoritative Source Regulations (PCI-DSS, etc.) Administrator and Operator Logs CxO Control Standard Generalized security controls CS-179 Activity Logs system start/stop/config changes etc. Control Procedure Technology-specific control CP Persistent logging on ESXi Server VI Admin
41 Discover VMware infrastructure and define policy/controls to manage
42 Distribution and Tracking Control Procedures Security Admin Server Admin Project Manager Network Admin VI Admin
43 Enabling the Cycle of Security Compliance Discover VMware infrastructure Define security policy Manage security incidents that affect compliance Manual and automated configuration assessment RSA Archer egrc Remediation of non-compliant controls What s New New solution component automatically assesses VMware configuration and updates Archer
44 Initial Deployment Questionnaire
45 Automated Assessment via PowerCLI Automatically discover and assess VMware infrastructure via PowerCLI RSA Archer egrc VMware objects (ESX, vswitches, etc ) are automatically populated into Archer They are then mapped to control procedures. Over 40% are automatically assessed via PowerCLI and the results fed into Archer for reporting and remediation.
46 Enabling the Cycle of Security Compliance Discover VMware infrastructure Define security policy Manage security incidents that affect compliance Manual and automated configuration assessment RSA Archer egrc Remediation of non-compliant controls
47 Control Procedure List, Status and Measurement Method
48 Deployment and Remediation Work Queues
49 Overall Virtual Infrastructure Compliance Dashboard
50 Enabling the Cycle of Security Compliance Discover VMware infrastructure Define security policy Manage security incidents that affect compliance Manual and automated configuration assessment What s New RSA envision collects, analyzes and feeds security incidents from RSA, VMware and ecosystem products to inform Archer dashboards (e.g. DLP, vshield, HyTrust, etc.) RSA Archer egrc Remediation of non-compliant controls
51 RSA Solution for Cloud Security and Compliance: Architecture Regulations, standards Generalized security controls VMware-specific security controls Automated assessment RSA envision Configuration State VMware cloud infrastructure (vsphere, vshield, VCD) Security Events Ecosystem (HyTrust, Ionix,)
52 VMware vshield Network Security Events Fed to Archer
53 Overall Compliance Dashboard and Reporting: Physical and Virtual
54 RSA SecurBook A technical guide for deploying and operating RSA Solution for Cloud Infrastructure Model: RSA SecurBook for VMware View / MS SharePoint Solution architecture Solution deployment and configuration guides Operational guidance for effective using the solution Troubleshooting guidance
55
RSA Solutions for VMware and Vblock. Dominique Dessy Senior Technical Consultant
RSA Solutions for VMware and Vblock Dominique Dessy Senior Technical Consultant Agenda What is a Vblock? RSA s Approach to Securing Vblock Typical use cases Vblock A New Way of Delivering IT to Business
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationHow RSA has helped EMC to secure its Virtual Infrastructure
How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano
More informationThe RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief
The RSA Solution for Cloud Security and Compliance A GRC foundation for VMware infrastructure security and compliance Solution Brief The RSA Solution for Cloud Security and Compliance enables end-user
More informationSichere Virtualisierung mit VMware
Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationVMware Integrated Partner Solutions for Networking and Security
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes
More informationEnabling Security Operations with RSA envision. August, 2009
Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationManaging Cloud Infrastructure
Managing Cloud Infrastructure The Key to deliver IT as a Service Eitan Segal Technology Consultant 1 Managing Cloud Infrastructure The Key to Deliver IT as a Service Eitan Segal Technology Consultant 2
More informationVBLOCK GRC SOLUTION WITH RSA (GOVERNANCE, RISK, AND COMPLIANCE)
VCE Word Template Table of Contents www.vce.com VBLOCK GRC SOLUTION WITH RSA (GOVERNANCE, RISK, AND COMPLIANCE) August 2011 1 Contents Executive Summary... 3 The Challenge... 3 The Solution... 4 Governance,
More informationBuilding the Private cloud
Building the Private cloud Yiannis Psichas Senior Technology Consultant Psichas_yiannis@emc.com 1 IT Infrastructure Needs to Change 77% keeping the lights on 23% delivering new capabilities Too much complexity.
More informationEMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management
EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Applied Technology Abstract Securing a Microsoft Exchange e-mail environment presents a myriad of challenges and compliance issues
More informationRSA SIEM and DLP Infrastructure and Information Monitoring in One Solution
RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution David Mateju RSA Sales Consultant, RSA CSE david.mateju@rsa.com Adding an information-centric view Infrastructure Information
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationKeith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com
1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption
More informationAgentless Security for VMware Virtual Data Centers and Cloud
Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationPICO Compliance Audit - A Quick Guide to Virtualization
WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization
More informationMANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS
VCE Word Template Table of Contents www.vce.com MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS January 2012 VCE Authors: Changbin Gong: Lead Solution Architect Michael
More informationTrend Micro Deep Security
Trend Micro Deep Security VMware Global Technology Alliance Partner Changing the Game with Agentless Security for the Virtual Data Center A 2012 Trend Micro White Paper I. INTRODUCTION From its early experimental
More informationComprehensive security platform for physical, virtual, and cloud servers
datasheet Trend Micro deep security 9 Comprehensive security platform for physical, virtual, and cloud servers Virtualization and cloud computing have changed the face of today s data center. Yet as organizations
More informationMeeting the Challenges of Virtualization Security
Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationSecurity in the Software Defined Data Center
Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined
More informationVblock Infrastructure Packages: Accelerating Deployment of the Private Cloud. 2009 Cisco EMC VMware. All rights reserved.
Vblock Infrastructure Packages: Accelerating Deployment of the Private Cloud 1 IT is undergoing a transformation Enterprise IT solutions remain costly to analyze and design, procure, customize, integrate,
More informationJourney to the Private Cloud. Key Enabling Technologies
Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion
More informationSecure Administration of Virtualization - A Checklist ofVRATECH
Securing the Administration of Virtualization An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Market Research Report Prepared for RSA, The Security Division of EMC March 2010 IT MANAGEMENT RESEARCH, Table of
More informationSecurity Solution Architecture for VDI
Solution Architecture for VDI A reference implementation of VMware BENEFITS Validated solution architecture provides unprecedented end-to-end security dashboard for virtual desktop infrastructure (VDI)
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationVCE Addendum to VMware Solution Guide for Payment Card Industry Data Security Standard
March 2013 Solution Guide for Payment Card Industry (PCI) Partner Addendum VCE Addendum to VMware Solution Guide for Payment Card Industry Data Security Standard VCE Vblock Systems The findings and recommendations
More informationDrawbacks to Traditional Approaches When Securing Cloud Environments
WHITE PAPER Drawbacks to Traditional Approaches When Securing Cloud Environments Drawbacks to Traditional Approaches When Securing Cloud Environments Exec Summary Exec Summary Securing the VMware vsphere
More informationThe growing importance of a secure Cloud environment
The growing importance of a secure Cloud environment Jan Tiri jtiri@vmware.com System Engineer, VMware BeLux 2009 VMware Inc. All rights reserved Cloud components Enterprises Cloud Service Providers Private
More informationRSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively
RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively Arrow ECS DLP workshop, Beograd September 2011 Marko Pust marko.pust@rsa.com 1 Agenda DLP in general What to expect from
More information#ITtrends #ITTRENDS SYMANTEC VISION 2012 1
#ITtrends 1 Strategies for Security and Management in a Mobile and Virtual World Anil Chakravarthy Senior Vice President, Enterprise Security Group 2 MASSIVE INCREASE IN SOPHISTICATED ATTACKS 403 million
More informationTrusted Geolocation in The Cloud Technical Demonstration
Trusted Geolocation in The Cloud Technical Demonstration NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation Trusted Geolocation in the Cloud Business Business
More informationProtect Root Abuse privilege on Hypervisor (Cloud Security)
Protect Root Abuse privilege on Hypervisor (Cloud Security) Nantharat Puwarang, CISSP Senior Technical Consultant Protect Software Defined Data Center 1 The Road to Software Defined Data Centers: Virtualization
More informationPreparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
More informationThe Virtualization Practice
The Virtualization Practice White Paper: A Look at Trend Micro Deep Security 7.5 Edward L. Haletky Analyst March 2011 2011 The Virtualization Practice. All Rights Reserved. Abstract Trend Micro Deep Security
More informationHow to Achieve Operational Assurance in Your Private Cloud
How to Achieve Operational Assurance in Your Private Cloud As enterprises implement private cloud and next-generation data centers to achieve cost efficiencies and support business agility, operational
More informationKelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan
The Truth about Data Loss Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan RSA Data Loss Prevention Data Breaches Overview RSA DLP Solution Five Critical Factors
More informationVirtualization Essentials
Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically
More informationMcAfee Server Security
Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or
More informationAn Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011
An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011 Brian McLean, CISSP Sr Technology Consultant, RSA Changing Threats and More Demanding Regulations External
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationCloud and Data Center Security
solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationVBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: TECHNICAL OVERVIEW
VBLOCK SOLUTION FOR TRUSTED MULTI-TENANCY: TECHNICAL OVERVIEW August 2011 2011 VCE Company LLC, All rights reserved. Table of Contents Executive Summary... 6 Goal of This Document... 6 Audience... 6 Introduction...
More informationSecuring Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits
A Clear View of Challenges, Solutions and Business Benefits Introduction Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide
More informationThe Virtualization Practice
The Virtualization Practice White Paper: Security Requirements of Hybrid Clouds: A Product Comparison! Edward L. Haletky Analyst Virtualization and Cloud Security! The Virtualization Practice Sponsored
More informationCitrix XenDesktop & XenApp
VMware Management Pack for Citrix XenDesktop & XenApp How Blue Medora Complements vrealize VMware provides best-ofbreed management for Virtualization / Cloud vsphere via vrealize Operations How Blue Medora
More informationA ROAD MAP FOR GEOSPATIAL INFORMATION SYSTEM APPLICATIONS ON VBLOCK INFRASTRUCTURE PLATFORMS
A ROAD MAP FOR GEOSPATIAL INFORMATION SYSTEM APPLICATIONS ON VBLOCK INFRASTRUCTURE PLATFORMS June 2011 WHITE PAPER 2011 VCE Company LLC, All rights reserved. 1 Table of Contents Executive Overview... 3
More informationTrend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION
SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic
More informationVirtual Computing Environment Coalition
Efficiency. Control. Choice Virtual Computing Environment Coalition Ahmad Muammar Presales Manager-North Gulf EMC Copyright 2009 EMC Corporation. All rights reserved. 1 2 Waves of Information Technology
More informationAvailability for your modern datacenter
Availability for your modern datacenter - Agentless backup and replication for VMware and Hyper-V - Scalable, powerful, easy-to-use, affordable Veeam Availability protection for the Always-On Business
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationWhat s New in VMware vsphere 4.1 VMware vcenter. VMware vsphere 4.1
What s New in VMware vsphere 4.1 VMware vcenter VMware vsphere 4.1 W H I T E P A P E R VMware vsphere 4.1 ( vsphere ) continues to improve on its industry-leading virtualization platform, continuing the
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationHyTrust Logging Solution Brief: Gain Virtualization Compliance by Filling Log Data Gaps
WHITE PAPER HyTrust Logging Solution Brief: Gain Virtualization Compliance by Filling Log Data Gaps Summary Summary Compliance with PCI, HIPAA, FISMA, EU, and other regulations is as critical in virtualized
More informationVMware Workspace Portal Reference Architecture
VMware Workspace Portal 2.1 TECHNICAL WHITE PAPER Table of Contents Executive Summary.... 3 Overview.... 4 Hardware Components.... 5 VMware vsphere.... 5 VMware Workspace Portal 2.1.... 5 VMware Horizon
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationRSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA
RSA, The Security Division of EMC Zamanta Anguiano Sales Manager RSA The Age of the Hyperextended Enterprise BUSINESS ISSUES IMPACT Innovation Collaboration Exploding Information Supply Chain Customer
More informationVBLOCK SOLUTION FOR SAP: SIMPLIFIED PROVISIONING FOR OPERATIONAL EFFICIENCY
VBLOCK SOLUTION FOR SAP: SIMPLIFIED PROVISIONING FOR OPERATIONAL EFFICIENCY August 2011 2011 VCE Company, LLC. All rights reserved. 1 Table of Contents Introduction... 3 Purpose... 3 Audience... 3 Scope...
More informationPCI DSS 3.0 Compliance
A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments
More informationvshield Administration Guide
vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by
More informationTotal Cloud Protection
Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased
More informationTrend Micro Enterprise Security
Trend Micro Enterprise Security Immediate Protection. Less Complexity. Changing the Game for Anti-Virus in the Virtual Datacenter A Trend Micro White Paper September 2010 I. INTRODUCTION From its early
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationVMware Virtual Desktop Infrastructure (VDI) - The Best Strategy for Managing Desktop Environments Mike Coleman, VMware (mcoleman@vmware.
VMware Virtual Desktop Infrastructure (VDI) - The Best Strategy for Managing Desktop Environments Mike Coleman, VMware (mcoleman@vmware.com) Copyright 2008 EMC Corporation. All rights reserved. Agenda
More informationVMware vcloud Networking and Security
VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility
More informationVirtualization Journey Stages
Deep Security 7.5 Todd Thiemann Sr. Dir. of Datacenter Security Marketing Trend Micro Harish Agastya Director of Datacenter Security Marketing Trend Micro Classification 11/12/2010 1 Virtualization Journey
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationHP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion
More informationArchitecting Security for the Private Cloud. Todd Thiemann
Architecting Security for the Private Cloud Todd Thiemann Classification 4/9/2010 Copyright 2009 Trend Micro Inc. 1 The Evolving Datacenter Lowering Costs, Increasing Flexibility Public Cloud Private Cloud
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationData Center Connector for vsphere 3.0.0
Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationVDI Security for Better Protection and Performance
VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments
More informationKhóa học dành cho các kỹ sư hệ thống, quản trị hệ thống, kỹ sư vận hành cho các hệ thống ảo hóa ESXi, ESX và vcenter Server
1. Mục tiêu khóa học. Khóa học sẽ tập trung vào việc cài đặt, cấu hình và quản trị VMware vsphere 5.1. Khóa học xây dựng trên nền VMware ESXi 5.1 và VMware vcenter Server 5.1. 2. Đối tượng. Khóa học dành
More informationThe Top 8 Questions to ask about Virtualization in a PCI Environment
A COALFIRE WHITE PAPER The Top 8 Questions to ask about Virtualization in a PCI Environment DALLAS DENVER LOS ANGELES NEW YORK SEATTLE 877.224.8077 info@coalfire.com www.coalfire.com This paper provides
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationOperationalize Policies. Take Action. Establish Policies. Opportunity to use same tools and practices from desktop management in server environment
Microsoft IT Systems Strategy DATACENTER APPLICATIONS Process-Led, Model-Driven Unified and Virtualized USER-CENTRICITY ServiceEnabled Basic Standardize d Rationalized Dynamic Cost center Efficient cost
More informationSolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements
SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements SolarWinds Security Information Management in the Payment Card
More informationEMC Data Protection Advisor 6.0
White Paper EMC Data Protection Advisor 6.0 Abstract EMC Data Protection Advisor provides a comprehensive set of features to reduce the complexity of managing data protection environments, improve compliance
More informationvcloud Air Disaster Recovery Technical Presentation
vcloud Air Disaster Recovery Technical Presentation Agenda 1 vcloud Air Disaster Recovery Overview 2 What s New 3 Architecture 4 Setup and Configuration 5 Considerations 6 Automation Options 2 vcloud Air
More informationA Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud
WHITE PAPER A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud Abstract Data center consolidation and virtualization have set the stage for cloud computing.
More informationH Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments
H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service
More informationVMware Virtual Desktop Manager User Authentication Guide
Technical Note VMware Virtual Desktop Manager User Authentication Guide VMware Virtual Desktop Manager The purpose of this guide is to provide details of user authentication in VMware Virtual Desktop Manager
More informationBitdefender GravityZone Sales Presentation
6 March 2014 Page 1 Bitdefender GravityZone Sales Presentation 1 Page 2 Bitdefender at a Glance The #1 Anti-Malware Security Technology in the world First security software vendor to receive top recommendations
More informationPresentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012
Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:
More informationSecuring Virtual Applications and Servers
White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating
More informationThe Advantages of Cloud Services
Cloud-Based Services: Assure Performance, Availability, and Security What You Will Learn Services available from the cloud offer cost and efficiency benefits to businesses, but until now many customers
More informationDRIVING BUSINESS VALUE WITH VBLOCK INFRASTRUCTURE PLATFORMS
DRIVING BUSINESS VALUE WITH VBLOCK INFRASTRUCTURE PLATFORMS Private clouds, built on pervasive virtual infrastructures, are increasingly appealing to organizations looking to deliver IT resources to end
More informationSecurity Compliance in a Virtual World
RSA Security Brief Security Compliance in a Virtual World Best Practices to Build a Solid Foundation Authors Bret Hartman, Chief Technology Officer, RSA, the Security Division of EMC Dr. Stephen Herrod,
More informationF5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access
F5 PARTNERSHIP SOLUTION GUIDE F5 and VMware Virtualization solutions to tighten security, optimize performance and availability, and unify access 1 W H AT 'S INS I DE Data Center Virtualization 3 Enterprise
More informationVBLOCK SYSTEMS MOBILE SECURE WORKSPACE SOLUTION ARCHITECTURE
Vblock Systems Mobile Secure Desktop Solution Architecture www.vce.com VBLOCK SYSTEMS MOBILE SECURE WORKSPACE SOLUTION ARCHITECTURE Version 1.1 May 2013 Copyright 2012, 2013 VCE Company, LLC. All Rights
More information