Deep Security. Προστατεύοντας Server Farm. Σωτήρης Δ. Σαράντος. Available Aug 30, 2011. Σύμβουλος Δικτυακών Λύσεων. Copyright 2011 Trend Micro Inc.



Similar documents
Trend Micro Sicherheit in den Tiefen des Hypervisors. Richard Javet und Gabriel Kälin Trend Micro (Schweiz)

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Virtualization Journey Stages

Comprehensive security platform for physical, virtual, and cloud servers

How To Protect Your Cloud From Attack

Sicurezza Data Center 22 giugno Fabio Paravani Regional Account Manager

Cloud and Data Center Security

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Netzwerkvirtualisierung? Aber mit Sicherheit!

Trend Micro. Advanced Security Built for the Cloud

Total Cloud Protection

Trend Micro deep security 9.6

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

PCI DSS 3.0 Compliance

Automated Protection on UCS with Trend Micro Deep Security

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Next Generation Datacenters & the Realities of Virtualisation Security

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Securing Your Journey to the Cloud. Thomas J. Miller Executive Vice President

Architecting Security for the Private Cloud. Todd Thiemann

Trend Micro Cloud Security for Citrix CloudPlatform

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro

Secure Virtualization in the Federal Government

How To Protect A Virtual Desktop From Attack

Trend Micro MAS TRM Guidelines Compliance Solutions

APAC OF POSSIBILITIES: TIPS FOR INCREASING CLOUD SECURITY AND ADOPTION

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

How to survive in a world of Virtualization and Cloud Computing, where you even can t trust your own environment anymore. Raimund Genes, CTO

The first agentless Security, Virtual Firewall, Anti- Malware and Compliance Solution built for Windows Server 2012 Hyper-V

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Meeting the Challenges of Virtualization Security

Agentless Security for VMware Virtual Data Centers and Cloud

Don t Forget Your Security Umbrella in the Cloud

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

The Clock is Ticking on Windows Server 2003 Support

VMware Integrated Partner Solutions for Networking and Security

OVERVIEW. Enterprise Security Solutions

Secure Cloud Computing

Trend Micro Deep Security

in Cloud and Data Center Security for a Reason

Cloud Computing Security

Deep Security Vulnerability Protection Summary

Trend Micro Enterprise Security

Symantec Endpoint Protection

Effective End-to-End Cloud Security

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Securing Virtual Applications and Servers

Symantec Endpoint Protection

Endpoint protection for physical and virtual desktops

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

McAfee Server Security

Did you know your security solution can help with PCI compliance too?

Security in the Software Defined Data Center

Virtual Patching: a Proven Cost Savings Strategy

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

FISMA / NIST REVISION 3 COMPLIANCE

Ovation Security Center Data Sheet

Security Solution Architecture for VDI

Vulnerability Management

Windows Server 2003 End of Support. What does it mean? What are my options?

Virtualization Impact on Compliance and Audit

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Business Values of Network and Security Virtualization

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments

OVERVIEW. Enterprise Security Solutions

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

Deploying Firewalls Throughout Your Organization

Cloud IaaS: Security Considerations

Trend Micro Solutions for PCI DSS Compliance

for businesses with more than 25 seats

Cloud and VM Based Security

Bitdefender GravityZone Sales Presentation

PICO Compliance Audit - A Quick Guide to Virtualization

VDI Security for Better Protection and Performance

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Virtual Patching: a Compelling Cost Savings Strategy

Sichere Virtualisierung mit VMware

INTRODUCING isheriff CLOUD SECURITY

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

End to End Security do Endpoint ao Datacenter

Symantec Endpoint Protection

VMware vcloud Architecture Toolkit Public VMware vcloud Service Definition

Cloud Security. DLT Solutions LLC June #DLTCloud

Protecting the un-protectable Addressing Virtualisation Security Challenges

DETECTING THE ENEMY INSIDE THE NETWORK. How Tough Is It to Deal with APTs?

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

PROTECTING DATA IN MULTI-TENANT CLOUDS

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

74% 96 Action Items. Compliance

Protect Root Abuse privilege on Hypervisor (Cloud Security)

VMware vcloud Service Definition for a Public Cloud. Version 1.6

Industrial Security for Process Automation

How To Protect Your Cloud Computing Servers From Attack

Transcription:

Deep Security Προστατεύοντας Server Farm Available Aug 30, 2011 Σωτήρης Δ. Σαράντος Σύμβουλος Δικτυακών Λύσεων Copyright 2011 Trend Micro Inc.

Legacy Security Hinders Datacenter Consolidation Physical Virtual Cloud Physical Servers Virtual Servers Virtual Desktops Private & Public Cloud Servers Reduced Cloud Adoption Reduced Virtualization Density & ROI SECURITY INHIBITORS

Advanced threats are breaching existing defenses More Sophisticated More Targeted More Frequent More Profitable Advanced Persistent Threats Basic perimeter and host defenses not adequate anymore De-Perimeterization

Organizations Struggle With Keeping Servers Patched 2095 2095 per year = Critical Software Flaw Vulnerabilities in 2010 Common Vulnerabilities & Exposures ( CVE ): Score 7-10 8 critical alerts everyday! NVD Statistical Data Year # Vulns % Total 1997 145 57.54 1998 134 54.47 1999 424 47.43 2000 452 44.31 2001 773 46.09 2002 1,004 46.57 2003 678 44.40 2004 969 39.53 2005 2,038 41.32 2006 2,760 41.77 2007 3,159 48.50 2008 2,841 50.44 2009 2,722 47.48 2010 2,095 45.16 2011* 1,658 43.87

Compliance Mandates Driving Costs Up Solutions Need to Achieve Broader Coverage with Lower TCO More standards: PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS More specific security requirements Virtualization, Web applications, EHR, PII More penalties & fines HITECH, Breach notifications, civil litigation DMZ consolidation using virtualization will be a "hot spot for auditors, given the greater risk of mis-configuration and lower visibility of DMZ policy violation. Through year-end 2011, auditors will challenge virtualized deployments in the DMZ more than non-virtualized DMZ solutions. -- Neil MacDonald, Gartner

Trend Micro Deep Security A server security platform for: PHYSICAL VIRTUAL CLOUD Intrusion Prevention Firewall Anti Malware Web Reputation Integrity Monitoring Log Inspection VMware vshield enabled Agent-less

Deep Security Agent/Virtual Appliance System, application and data security for servers 6 protection modules Reduces attack surface. Prevents DoS & detects reconnaissance scans Firewall Intrusion Prevention Detects and blocks known and zero-day attacks that target vulnerabilities Tracks credibility of websites and safeguards users from malicious urls Web Reputation Anti-Virus Detects and blocks malware (web threats, viruses & worms, Trojans) Optimizes the identification of important security events buried in log entries Log Inspection Integrity Monitoring Detects malicious and unauthorized changes to directories, files, registry keys Protection is delivered via Agent and/or Virtual Appliance * Log Inspection is only available in agent form today

Deep packet inspection Virtual Patching with Deep Security Raw Traffic Over 100 applications shielded including: Operating Systems 1 2 Stateful Firewall Allow known good Exploit Rules Stop known bad Database servers Web app servers Mail servers FTP servers Backup servers 3 Vulnerability Rules Shield known vulnerabilities Storage mgt servers DHCP servers Desktop applications Filtered Traffic 4 Smart Rules Shield unknown vulnerabilities and protect specific applications Mail clients Web browsers Anti-virus Other applications

Deep Security for Defense-in-Depth & Compliance Addressing 7 PCI Regulations and 20+ Sub-Controls Including: Firewall Intrusion Prevention (1.) (1.x) Network Segmentation Firewall Web Reputation Anti-Virus (5.x) (6.1) Anti-virus Virtual Patching* Log Inspection Integrity Monitoring (6.6) Web App. Protection (10.6) Daily Log Review Physical Servers Virtual Servers Cloud Computing Endpoints & Devices (11.4) IDS / IPS (11.5) File Integrity Monitoring * Compensating Control

Virtualization Security with Deep Security Agentless Security Platform for Virtual Environments Deep Security Virtual Appliance Intrusion prevention Firewall Anti-malware Web reputation Integrity monitoring The Old Way VM VM VM With Deep Security Security Virtual Appliance VM VM VM VM More VMs VM Higher Density Fewer Resources Easier Manageability Stronger Security

Extending Datacenter Security to Hybrid Cloud AWS and vcloud API integration Single management pane-of-glass between VM s in internal VMware datacenters, VPC s, and public clouds Hierarchical policy management Inheritance enables customized policies for different VM s or datacenters, while central IT can mandate compliant baseline settings Trend Micro Confidential-NDA Required

Agile Security Management for the Cloud Multi-tenant Deep Security Manager architected for key attributes of cloud computing*: Resource-pooling independent tenant policies/data for shared, multi-tenant clouds Elasticity - Automated deployment of components to cloud scale Self-service Policies can be delegated by cloud admin to tenants through selfservice GUI Broad network access Web-based console built on RESTful APIs for extensibility and integration with broader cloud management frameworks Same architecture can be deployed as security-as-a-service by IaaS public cloud providers, or within enterprise ITaaS for private clouds *e.g. NIST definition of Cloud Computing Extending to cloud scale Trend Micro Confidential-NDA Required

Deep Security: Overall benefits Agentless security platform increases resource efficiency & VM density with zero guest footprint Scanning de-duplication for increases scan performance NEW and resource efficiency vcloud Director & Amazon Web Services integration automatically secures public/hybrid clouds Multi-tenancy support enables providers NEW to offer secure clouds NEW Integrated security managed by single pane of glass Supports task automation with recommendation scans, trusted sources and event whitelisting Maximizes Virtualization and Cloud ROI Supports Operational Cost Reductions Virtual patching reduces need for emergency patching enables prioritization of secure coding efforts Prevents Data Breach & Business Disruptions Enables Cost-effective Compliance Provides layered defense against advanced attacks Shields against known & unknown vulnerabilities Monitors integrity of NEW VMware hypervisor Web reputation prevents malicious website access Supports PCI DSS 2.0, NIST, HIPAA & other regulations Detailed reports document prevented attacks & compliance status

Deep Security Summary of highlights A fully integrated server security platform Only solution to offer specialized protection for physical virtual and cloud First and only agentless security platform (anti-malware, web reputation, firewall, intrusion prevention, VM & hypervisor integrity monitoring) for VMware environment First and only datacenter security solution that extends to public/hybrid cloud Only solution in its category to be certified EAL 4+ Trend Micro 22.9% Trend Micro 13% Trend Micro All Others 77.1% All Others Combined 87%

1988 Ίδρυση της Digital SIMA 1990 Προώθηση κι εξειδίκευση σε λύσεις δικτύωσης WAN / LAN / Voice Data 2000 Νέο τμήμα Ασφάλειας Δικτύων 2010 Διανομή και μεταπώληση προϊόντων LAN / WAN και Ασφάλειας Δικτύων Τεχνογνωσία και Υποστήριξη Ποιοτική Επιλογή Προϊόντων Εξειδίκευση

Networking Security Storage

Σας Ευχαριστώ! Copyright 2011 Trend Micro Inc.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information