Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro
Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock) is looming No more patches from Microsoft Migration takes time; custom support is expensive Painful experience from previous End of life (Win 2000 and XP)
Cybersecurity Is Getting More Difficult In your opinion, which of the following factors have made network security management and operations more difficult? (Percent of respondents, N=313, three responses accepted) An increase in malware sophistication that may lead to malware designed to circumvent traditional network security control An increase in the number of overall devices with access to the network 36% 38% An increase in the number of targeted attacks that may circumvent traditional network security controls 32% An increase in the number of mobile devices accessing the network 29% An increase in the number of users with access to the network 25% An increase in malware volume 25% 2015 by The Enterprise Strategy Group, Inc. 30% 5% 10% 15% 20% 25% 30% 35% 40%
Windows Server 2003 RIP End of life, July 14, 2015 2015 by The Enterprise Strategy Group, Inc. 4
Windows Server 2003 Installed Base Approximately what percentage of your organization s total Windows server environment is comprised of Windows Server 2003? (Percent of respondents, N=601) 20% 18% 16% 17% 19% 15% 14% 12% 10% 12% 10% 10% 8% 6% 4% 2% 5% 3% 3% 2% 2% 1% 0% 0% 1% to 10% 11% to 20% 21% to 30% 31% to 40% 41% to 50% 51% to 60% 61% to 70% 71% to 80% 81% to 90% 91% to 100% Don t know 2015 by The Enterprise Strategy Group, Inc. 5
Windows Server 2003 Migration Plans What are your organization s plans for upgrading from and/or migrating off of its Windows Server 2003 systems? (Percent of respondents, N=497, multiple responses accepted) Upgrade to Windows Server 2012 and reinstall application(s) 73% Reinstall/redeploy application(s) on public cloud infrastructure (e.g., MS Azure, Amazon Web Services, Google, etc.) 35% Retire server, operating system, and application(s) 32% Replace application(s) with a SaaS-based application(s) 31% Continue to run Windows Server 2003 without support and maintenance 25% 2015 by The Enterprise Strategy Group, Inc. 0% 10% 20% 30% 40% 50% 60% 70% 80% 6
Why Not Just Upgrade? Regulations Packaged application vendors Custom applications Time needed for testing Exploration of other options Other priorities 2015 by The Enterprise Strategy Group, Inc. 7
Risks Hours to days Days to weeks Weeks Weeks to months 0-day vulnerability discovered in the wild Monitization of 0-day Exploit kit Custom malicious payloads Data breaches 2015 by The Enterprise Strategy Group, Inc. 8
Compensating Controls Microsoft support agreement Server configuration hardening MS, NIST, NSA... Network security controls Network segmentation, ACLs, firewall rules Virtual patching Enhanced server monitoring Log events, profiling, forensics, network connections... 2015 by The Enterprise Strategy Group, Inc. 9
Server Compensating Controls Application controls Advanced malware detection/prevention Server-based or server- and network-based File integrity monitoring/control Trusted hardware execution (TPM, TXT, etc.) 2015 by The Enterprise Strategy Group, Inc. 10
The Bigger Truth W2k3 server headache Time-consuming migrations Security vulnerabilities Organizations must do something Compensating controls Keys to success Thorough strategy for security efficacy and operational efficiency 2015 by The Enterprise Strategy Group, Inc. 11
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life
78% believe challenges are similar to Win 2000 & XP EOL 65% of companies planning to migrate Source: Trend Micro Customer Survey, May 2015 Copyright 2013 Trend Micro Inc. 13
Trend Micro Deep Security: A Proven Security Solution History securing end of life platforms (Win XP and 2000) Protection for short (July 14) and longer term (migration) Comprehensive security controls Physical, virtual and cloud environments Copyright 20135Trend Micro Inc. 14
How Deep Security Helps Network security Virtual patching through Intrusion Detection & Protection (IDS/IPS) System security Integrity monitoring, enabling the discovery of unplanned or malicious changes to registry and key system files Anti-malware Protect vulnerable systems from the latest in threats Copyright 2015 Trend Micro Inc. 15
Network security: Virtual Patching of Vulnerabilities Automated recommendation and deployment of rules, based on your specific environment Large set of pre-configured rules, with automatic categorization and ranking Smart filtering using behavioral, statistical, heuristic and protocol enforcement Log for audit and compliance with key regulations Address new vulnerabilities automatically Poodle Heartbleed Shellshock Copyright 2015 Trend Micro Inc. 16
Virtual Patching Reduce risk of exposure to vulnerability exploits especially as you scale Save money avoiding costly emergency patching Patch at your convenience Secure out-of-support platforms (Windows Server 2000, 2003) Virtually patch with Trend Micro Shielding / IPS Patch Available Vulnerability Disclosed or Exploit Available Test Begin Deployment Patched Complete Deployment Copyright 2015 Trend Micro Inc. 17
Automated Vulnerability Shielding Works 5 days after ShellShock: 766 attacks blocked! Deep Security on Sept 30th, at a customer managing 100+ instances Copyright 2015 Trend Micro Inc. 18
System Security Integrity Monitoring: Monitor critical systems, files, keys and users Monitoring for changes across operating systems, application files, registry keys, users, groups, and ports Alerting to identify any changes Custom trusted baseline system and whitelisting to reduce noise Complete logging for audit and compliance, with event forwarding to SIEM Copyright 20135Trend Micro Inc. 19
Anti-malware with Web Reputation Protection from viruses, bots, and bad code Real-time protection, based on global threat intelligence from the Smart Protection Network White or black list domains and URIs Prevent access to known command & control (C&C) sites Event alerting and reporting Ability to forward events to SIEM Copyright 20135Trend Micro Inc. 20
What Deep Security Enables Automated Security Centralized Management Enhanced System Performance Copyright 2013 Trend Micro Inc. 21
Automated security Automatically scale up and down across data center and cloud as required with no security gaps Recommend and apply policies automatically - specific to your data center environment Automatically detect new servers Copyright 2015 Trend Micro Inc. 22
Central management of all security controls Monitor all controls with a comprehensive dashboard and built-in alerting Provide continuous protection for servers no matter what state or location Manage via web console or API Copyright 2015 Trend Micro Inc. 23
Enhanced performance Up to 20X Faster* Full Scans Scan Cache *All results based on internal testing using VMware View simulators Up to 5X Faster Realtime Scans Up to 2X Faster VDI Login Copyright 2015 Trend Micro Inc. 24 24
Trend Micro Deep Security Advantage Securing end-of-life platforms (Windows XP, 2000, 2003) Protect newer platforms after migration (Windows 2012, Azure and AWS) Protecting vulnerable Windows & Linux servers with virtual patching Automation of security across virtualization & cloud environments Highly efficient, comprehensive set of security controls Copyright 20135Trend Micro Inc. 25
Proven Protection http://cloudsecurity.trendmicro.com/us/technology-innovation/customers-partners/index.html Copyright 2015 Trend Micro Inc. 26
#1 Corporate Server Security Market Share 1 27.5% Source: IDC Worldwide Endpoint Security 2014-2018 Forecast and 2013 Vendor Shares, Figure 2, doc #250210, August 2014 Copyright 2015 Trend Micro Inc. 27
Recommended Next Steps Learn more & connect with our security experts: www.trendmicro.com/server2003
Pawn a 2K3 Copyright 2013 Trend Micro Inc. 29
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life