Protecting the un-protectable Addressing Virtualisation Security Challenges

Similar documents
Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Unprecedented Malware Growth

McAfee MOVE / VMware Collaboration Best Practices

Modular Network Security. Tyler Carter, McAfee Network Security

McAfee - Overview. Anthony Albisser

Security Information & Event Management (SIEM)

McAfee Deep Safe. Security beyond the OS. Kai-Ping Seidenschnur Senior Security Engineer. October 16, 2012

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Data Center Connector for vsphere 3.0.0

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

McAfee Server Security

Secure Cloud Computing

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

Integrated Protection for Systems. João Batista Territory Manager

McAfee Network Security Platform

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

End to End Security do Endpoint ao Datacenter

How To Protect Your Cloud From Attack

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

McAfee Optimized Virtual Environments for Servers. Installation Guide

McAfee MOVE AntiVirus Multi-Platform 3.5.0

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Cloud and Data Center Security

McAfee Endpoint Protection Products

McAfee MOVE AntiVirus (Agentless) 3.6.0

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

On and off premises technologies Which is best for you?

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

How To Buy Nitro Security

How To Protect A Virtual Desktop From Attack

VIRTUALIZATION SECURITY IN THE REAL WORLD

Data Center Connector for OpenStack

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

End-user Security Analytics Strengthens Protection with ArcSight

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version and earlier

Automated Protection on UCS with Trend Micro Deep Security

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

The Hillstone and Trend Micro Joint Solution

Cybersecurity: An Innovative Approach to Advanced Persistent Threats

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Top tips for improved network security

Required Software Product List

SourceFireNext-Generation IPS

McAfee Public Cloud Server Security Suite

PART D NETWORK SERVICES

McAfee MOVE AntiVirus 2.6.0

Securing Data Center Servers: A Review of McAfee Data Center Security Suite Products

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

OUR MISSION IS TO PROTECT EVERYONE FROM CYBERCRIME

Kaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

The User is Evolving. July 12, 2011

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Data Protection McAfee s Endpoint and Network Data Loss Prevention

Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.

McAfee Threat Intelligence Exchange Software

Technology Blueprint. Protect Your Servers. Preserve uptime by blocking attacks and unauthorized changes

Netzwerkvirtualisierung? Aber mit Sicherheit!

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

McAfee Data Loss Prevention Endpoint 9.4.0

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Leading by Innovation McAfee Endpoint Security The Future of Malware-Detection: Activate protection on all Layers outside the Operating System

Technology Blueprint. Protect Your . Get strong security despite increasing volumes, threats, and green requirements

Total Cloud Protection

Product Guide. McAfee Endpoint Security 10

Symantec Endpoint Protection Datasheet

Does your Citrix or Terminal Server environment have an Achilles heel?

VMware Integrated Partner Solutions for Networking and Security

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY

Required Software Product List

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

Managed Security Services for Data

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

Jort Kollerie SonicWALL

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Unified Threat Management, Managed Security, and the Cloud Services Model

Transcription:

Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010

Top Cloud Security Challenges Secure Virtualisation Need secure virtualisation as virtualization vulnerabilities grow Threats / vulnerabilities / configurations Every new virtual machine is: a new hacking target a new source of infection across a network. Out-of-date security makes offline images more vulnerable. It is more cost-effective to include security in an initial vm deployment than to add it later. Virtualisation changes the definition of an endpoint No longer system now data Virtual images built of fly redefine the notion of an asset Virus Spam Trojan Worms DDoS Vulnerabilities Virtual Machine Apps Virtual Machine Apps Hypervisor Out-of-date offline images Offline Virtual Image Apps

Through 2012, 60% of virtualized servers will be less secure than the physical servers they replace, dropping to 30% by 2015 And Survey data in late 2009 indicated that about 40% of virtualization deployment projects were undertaken without involving the information security team in the initial architecture and planning (Gartner 2009)

Virtualisation Security What to consider 1) Hypervisor Security Hardening hypervisors Securing Virtual Infrastructure consoles 2) Offline virtual images Virtual Machine Virtual Machine Offline Virtual Image Rogue VMs, Stale VMs Apps Apps Apps Patching and keeping up to date 3) Intra VM traffic Multi Tenancy in the Cloud 4) Storage Security Authentication Hypervisor Audit logging Encryption

Thus, the task is not so much to see what no one yet has seen, but to think what nobody yet has thought about that which everybody sees (Arthur Schopenhauer (19th Century Philosopher)

McAfee Approach Broad Secure Virtualisation Support ToPS for Virtualization VirusScan Enterprise (VSE) VirusScan Enterprise for Offline Virtual Images Host Intrusion Prevention Network Access Control epolicy Orchestrator Network Security Platform Firewall Enterprise/Virtual Appliance Vulnerability Manager Policy Auditor Remediation Manager Email and Web Security Appliance McAfee meets your secure virtualization needs

And now a warning (Isabella Rossellini, Death Becomes Her )

The Virtualisation Security Challenge How to strike the right balance KEY CHALLENGE How to provide operationally-friendly security that does not hinder server performance or VDI deployment THE PAIN For Servers, performance is crucial. Classic AV is seen as sub-optimal, and therefore sparingly deployed Leaving servers susceptible to Malware Insider attacks Data breaches - For VDI deployment, classic AV processes will reduce device density below planned levels Confidential McAfee

I love it when a plan comes together (Hannibal, The A Team )

McAfee MOVE enables Security for Virtualization VM Applications MOVE VM Applications MOVE MOVE Service VM Off-load Processing Hypervisor epo McAfee epo Client Virtual Desktop Client McAfee MOVE Provides off-loading of security processing Allows for context aware security regardless of where provisioned in the environment Consistent security management from physical to virtual system with e-policy Orchestrator Virtual Desktop Testing with Citrix has shown 3x improvement in virtual machine density achieved when using MOVE AV for VDI MOVE AV for Virtual Servers Scan based on load of hypervisor VM-tagging for security mgmt. Offline Scanning (OVI)

We're gonna need a bigger boat (Chief Brody, Jaws )

Using the Cloud - Global Threat Intelligence Delivering the Most Comprehensive Intelligence in the Market Threat Intelligence Feeds Endpoints Appliances Servers Firewalls Other feeds & analysis McAfee Labs File Reputation Engine Email Reputation Engine Web Reputation Engine Network Reputation Engine Vulnerability Information epo IPS Firewall Email Web AV AWL DLP Mobile

How does GTI work? Internet 1 User receives new file via email or web 2 No detection with existing DATs, but the file is suspicious 6 VirusScan processes information and removes threat Artemis 3 4 Fingerprint of file is created and sent using GTI GTI reviews this fingerprint and other inputs statistically across threat landscape 5 GTI identifies threat and notifies client Collective Threat Intelligence 13 November 19, 2010

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information