Data Center and Cloud Defense Protecting your hybrid cloud

Similar documents
McAfee Server Security

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Cloud and Data Center Security

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

Cisco Advanced Malware Protection for Endpoints

McAfee Network Security Platform Services solutions for Managed Service Providers (MSPs)

Secure Virtualization in the Federal Government

How To Buy Nitro Security

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Endpoint Security for DeltaV Systems

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

McAfee Security Architectures for the Public Sector

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

MEETING CSIP OBJECTIVES WITH AN AUTOMATED AND PREVENTIVE SECURITY APPROACH

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Securing the Internet of Things

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

Data Sheet: Messaging Security Symantec Brightmail Gateway Award-winning messaging security for inbound protection and outbound control

Total Protection for Compliance: Unified IT Policy Auditing

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

OVERVIEW. Enterprise Security Solutions

McAfee Public Cloud Server Security Suite

White Paper. Time for Integrated vs. Bolted-on IT Security. Cyphort Platform Architecture: Modular, Open and Flexible

IBM Security IBM Corporation IBM Corporation

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Data Loss Prevention Best Practices for Healthcare

McAfee Next Generation Firewall

Safeguarding the cloud with IBM Dynamic Cloud Security

How To Protect A Virtual Desktop From Attack

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Symantec Endpoint Protection

McAfee Network Security Platform

Tufin Orchestration Suite

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

IT Security at the Speed of Business: Security Provisioning with Symantec Data Center Security

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Requirements When Considering a Next- Generation Firewall

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Teradata and Protegrity High-Value Protection for High-Value Data

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Solutions Brochure. Security that. Security Connected for Financial Services

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

How To Protect Your Cloud From Attack

I D C A N A L Y S T C O N N E C T I O N

INFORMATION PROTECTED

Continuous Network Monitoring

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

Symantec Enterprise Security: Strategy and Roadmap Galin Grozev

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Symantec Client Management Suite 8.0

Datasheet FUJITSU Cloud Monitoring Service

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Network Security and Vulnerability Assessment Solutions

McAfee Endpoint Protection Products

Optimizing Service Levels in Public Cloud Deployments

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

IT Security & Compliance. On Time. On Budget. On Demand.

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

Vulnerability Management

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IBM QRadar Security Intelligence April 2013

1518 Best Practices in Virtualization & Cloud Security with Symantec

I D C T E C H N O L O G Y S P O T L I G H T

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Secure Cloud Computing

How To Build Security By Silo

Trend Micro Cloud Security for Citrix CloudPlatform

Extreme Networks Security Analytics G2 Vulnerability Manager

NEC Managed Security Services

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

Software defined networking. Your path to an agile hybrid cloud network

Symantec Advanced Threat Protection: Network

Symantec Endpoint Protection

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Network Intrusion Prevention Systems Justification and ROI

SECURITY ANALYTICS AND MORE Putting together an effective Incident Response plan

White Paper. Scalable Network Security for the Virtualized Data Center

Boosting enterprise security with integrated log management

Protecting Virtual Endpoints with McAfee Server Security Suite Essentials

Trend Micro. Advanced Security Built for the Cloud

The SIEM Evaluator s Guide

Database Security in Virtualization and Cloud Computing Environments

are you helping your customers achieve their expectations for IT based service quality and availability?

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Moving Beyond Proxies

WildFire. Preparing for Modern Network Attacks

Master Hybrid Cloud Management with VMware vrealize Suite. Increase Business Agility, Efficiency, and Choice While Keeping IT in Control

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Unified Security, ATP and more

Transcription:

Data Center and Cloud Defense Protecting your hybrid cloud Today s compute environment continues to evolve rapidly. Instantaneous cloud-based access means that vital intellectual property and enterprise and customer data are scattered across myriad infrastructures. Most data centers today have a hybrid infrastructure that spans physical, virtualized, and cloud deployments, both on premises and off premises. The key driver for this massive data center transformation is a need to keep up with the changing compute landscape and, more importantly, a need to provide an agile IT infrastructure services to help meet business expansion goals. A highly distributed compute environment brings with it an exponential growth of the attack surface, which presents big security challenges. Simultaneously, the threat landscape continues to evolve both the frequency and sophistication of targeted attacks are growing at an alarming rate. Organizations need to improve their ability to detect breaches quickly and to adopt continuous incident response. This is especially important as the costs associated with attacks are increasing. Unfortunately, most current security tools are challenged to deliver the efficiencies and scalability required which are particularly crucial when there is an acute shortage of qualified security talent able to respond. Security technologies need to support a strong security posture with common policies across the hybrid infrastructure without adding operational costs or reducing business agility. In this new world order, securing hybrid infrastructures requires an understanding of these key elements: Visibility is paramount: It is essential to have visibility into the entire environment, both private and public clouds. Shadow IT is posing an enormous risk for enterprises because of the lack of visibility, which makes it untenable to ensure strong security policy. The perimeter is shifting: Gone are the days of relying entirely on the traditional perimeter. With workloads shifting to Infrastructure-as-a-Service (IaaS), host-based security technologies are a critical perimeter defense. Security controls must align with the dynamic hybrid infrastructure: It is essential for security technologies to be agile and offer simplified operations and reduced operating expense. Advanced threats: Fast, accurate, and automated containment and remediation of sophisticated threats is essential. Security capabilities must extend across multiple architectures. Having access to strong local and global threat intelligence is also increasingly important for enhanced and timely threat detection and remediation.

Optimized security for new deployment architectures, such as the software-defined data center (SDDC): As virtualized private cloud environments are transitioned into SDDCs, learnings from the traditional virtualized private cloud environment can be applied, such as implementing an optimized antivirus solution for virtual machines that delivers robust protection and simplified management with a low-performance footprint. Additionally, in SDDCs, the network is virtualized as well, so east-west traffic inspection is required. The implementation of software-based network protection, such as a virtual intrusion prevention system (IPS) is essential. It is also important to assess overall orchestration technologies and ensure that rules can be easily deployed and updated. Enterprise IT Challenges Many considerations need to be taken into account when securing hybrid infrastructures. Most enterprises face three main challenges: Visibility across multiple cloud architectures: The data center is moving to a servicesoriented architecture to meet the needs of lines of business, and the hybrid infrastructure has emerged, where data and applications reside on premises and off premises. The big challenge is lack of full visibility into the data and applications. Without visibility, enterprises cannot sufficiently secure this infrastructure, and this can result in serious breaches that may have significant reputational, legal, and financial consequences. Efficient deployment of security controls: Workloads need to be secure wherever they reside or move. Consistent security controls need to extend easily from traditional onpremises deployments into public cloud environments. Security protection needs to be elastic so as not to hinder business agility and add to operational costs. Uniform management of security posture: Security policies also need to be managed centrally to facilitate centralized policy definition, monitoring, and response and to enforce compliance and risk posture across the hybrid infrastructure. Detection capabilities must traverse a heterogeneous compute environment without significant delays. Network Protection: McAfee Network Security Platform (available as physical or virtual IPS appliances) Server Protection: McAfee Server Security Suite Essentials McAfee Server Security Suite Advanced McAfee Public Cloud Server Security Suite Database Protection: McAfee Data Center Security Suite for Databases Threat Intelligence: McAfee Threat Intelligence Exchange Figure 1. The Intel Security product portfolio for the hybrid cloud. The Intel Security Solution Intel Security enables enterprises to extend security across the data center, whether on premises, in the cloud, or in a hybrid environment. We provide protection that can be deployed across physical, virtual, and cloud infrastructures; has the ability to detect and correct breaches; and provides professional services that deliver expert knowledge and 24/7 care and monitoring to tackle complex security requirements. Data Center and Cloud Defense 2

In conjunction with our professional services, our key products for hybrid infrastructures are: Server security and management for physical, virtual and cloud deployments: McAfee Server Security Essentials and McAfee Server Security Advanced Suites, McAfee Public Cloud Server Security Suite Database protection: McAfee Database Security Suite for Databases Network protection: McAfee Network Security Platform and local threat intelligence via McAfee Threat Intelligence Exchange In addition, we offer centralized management that provides full visibility into your IT security posture for faster remediation and reporting to reduce risk and cost. Our products help enterprises secure their hybrid infrastructure in the data center as we provide efficiency and effectiveness with our integrated architecture. Unlike multivendor, best-of-breed environments, which often have serious protection gaps, our products are connected, which greatly reduces the complexity of managing security across hybrid infrastructures. Intel Security Solves Customer Challenges Mitigate the risk of compromised or malicious east/west for virtualized networks. Securing the Hybrid Infrastructure Remotely discover, assess, and fix issues in the cloud from your McAfee epolicy Orchestrator (McAfee epo ) console No need to trade security for performance Intel Security Customer Support At Intel Security, we have a passion for security, and that extends to our Intel Security Support and Customer Service. Regardless of the size of your business, Intel Security Technical Support offers highly trained and certified security professionals who can provide the right information, tools, and programs. Our goal is to address potential issues quickly and efficiently to help you combat today s threats so you can focus on the demands of your business. Secures data "crown jewels" in databases and on servers Reduced data center interruptions by combating threats more efficiently Provides agent-based or agentless deployment Figure 2. How Intel Security products provide protection required by the hybrid infrastructure. Intel Security provides visibility across hybrid infrastructures: Across physical and virtual servers, on premises and off premises, and supports all major cloud platforms: Amazon Web Services (AWS), Microsoft Azure, OpenStack, and VMware. Into your database landscape and security posture to fully align database security policy administration while efficiently maintaining regulatory compliance. From global threat intelligence (McAfee Global Threat Intelligence) and local threat intelligence (McAfee Threat Intelligence Exchange). Intel Security provides consistent deployment of security controls across the hybrid cloud: We provide the most comprehensive server protection across physical, virtual, and cloud deployments, unlike our major competitors who have weaker intrusion prevention, whitelisting, and change control and who provide less flexibility for virtual deployments. In addition, we have higher detection rates than other vendors. We prevent the spread of threats in the data center. Inspection of both north-south and east-west traffic protects network traffic, which is important since 80% of network traffic remains in the virtual network and doesn t leave the data center. Competitive solutions are not inspecting east-west traffic. Data Center and Cloud Defense 3

Intel Security simplifies security management for the hybrid cloud, enabling IT to centrally define security policies, monitor security status, and respond to threats, as well as manage security in an elastic fashion as compute resources are spun up and down. We provide: A single management console for all endpoint security solutions with McAfee epo software. We also offer a network security console that can interface with McAfee epo software. Elastic security, where policy is automatically applied as compute resources scale up and down, enabling IT to keep up with business demands. Network protection that provides cost-efficient management of network security with streamlined administrative workflows and signature-less protection from zeroday attacks and advanced malware. We also deliver the industry s highest real-world throughput of up to 320 Gbps. Rapid deployment and orchestration of security for SDN and SDDC environments with our IPS solution, which integrates with Open Security Controller and VMware NSX. A unique threat intelligence ecosystem where detected threat data can be shared throughout the organization to all connected components for real-time protection. Intel Security Solution View by Deployment Architectures Architecture Intel Security Advantage Private Cloud McAfee Network Security Platform and McAfee Virtual Network Security Platform Actionable workflows out of the box that organize multiple alerts into single events, focusing operators on what matters most in the detection process. By cutting through the noise and working only with relevant data, these solutions correlate multiple intrusion prevention system (IPS) alerts into a single, actionable event. Display security data via an intuitive interface that has preconfigured, guided threat workflows. Traditional intrusion prevention systems dashboards typically arrange alerts by timestamp, placing the newest alerts on top this overloads the operator, creating noise and confusion. Advanced technologies, such as signature-less traffic inspection, that go beyond traditional signaturebased defenses, empower security administrators to block advanced threats and zero-day attacks for which IPS signatures do not exist. Get connected visiblity with McAfee Network Security Platform, the only IPS to integrate across multiple security products, plugging the infrastructure gaps. We provide improved ROI and lower TCO when McAfee Network Security Platform leverages data and workflows from five other security products. Alert relevance and prioritization is improved with endpoint data which closes gaps and raises ROI. Native integration lowers TCO via automatic tuning and plug-and-play deployment. Due to this connected visibility, both ROI and TCO are improved as efficiency increases outside data seamlessly integrates into known workflows. McAfee Server Security Suite Essentials, McAfee Server Security Suite Advanced, McAfee MOVE Antivirus Cloud Workload Discovery for private clouds, including VMware and OpenStack, provides end-to-end visibility into all workloads and their underlying platforms. Insights into weak security controls, unsafe firewall and encryption settings, and indicators of compromise lead to faster detection, while McAfee epo software or DevOps tools enable quick remediation. Superior whitelisting and change control solutions plus user-based policies rather than only machinebased policies. Antivirus for virtualized servers (McAfee MOVE Antivirus) supports agentless and multiplatform deployments for protecting virtualized environments, while some vendors only support agentless deployment. McAfee MOVE Antivirus, with its advanced detection, provides the highest malware detection rates with true offline scanning. McAfee Threat Intelligence Exchange Delivers local threat intelligence that not only detects emerging threats, but also shares this information across the infrastructure in seconds to allow for immediate protection. Built on the McAfee Data Exchange Layer, which allows for ultra-fast, bi-directional communication between connected systems. Our competitors have endpoint systems only, which do not work in conjunction with network, gateway, and third-party solutions. McAfee Data Center Security Suite for Databases A database security solution that is built with a non-intrusive host-based agent (sensor) for speed and scale across virtualized private cloud deployments. Data Center and Cloud Defense 4

SDDC Public Cloud McAfee Virtual Network Security Platform, McAfee MOVE AntiVirus, and Open Security Controller The only vendor to offer both virtual network security and virtual machine-based security. Better management of VMware NSX compared to other vendors. Open Security Controller rapidly deploys and orchestrates security within the SDDC. McAfee Virtual Network Security Platform integrates with Open Security Controller and VMware NSX, enabling IT administrators to rapidly deploy and orchestrate security within the SDDC, protecting VM network traffic by scanning the 80% of data center traffic that typically remains in the virtual network. McAfee Network Security Platform and McAfee Virtual Network Security Platform McAfee Virtual Network Security Platform offers cloud scalability through an innovative approach to virtual network inspection, so administrators can easily scale security into the dynamic nature of cloud platforms. Support for network virtualization enables administrators to quickly deliver east-west network protection to virtual workloads. Support for cloud sharing allows administrators to share their IPS throughput and license across any combination of public and private cloud. With McAfee Virtual Network Security Platform, Intel Security has delivered a simplified solution that easily embraces virtual networks and scales across both public and private clouds. Customers receive the operational efficiency to provide a unified security solution into their private and public clouds at a scale never before possible. McAfee Server Security Suite Advanced, McAfee Public Cloud Server Security Suite Security visibility and control across a wide variety of server instances, residing in the public cloud across AWS, Microsoft Azure, OpenStack, and VMware. Cloud Workload Discovery for public clouds, including Amazon AWS, Microsoft Azure, and OpenStack, provides end-to-end visibility into all workloads and their underlying platforms. Insights into weak security controls, unsafe firewall and encryption settings, and indicators of compromise lead to faster detection while McAfee epo software or DevOps tools enable quick remediation. A single management console (McAfee epo software) for all endpoint and server security solutions. The leading file integrity monitoring and control solution with application control and change control for servers, which is critical when deploying instances in an IaaS environment. Intel Security Professional Services Managing both cloud (public/private) and noncloud assets and the data they contain is a growing and complex problem. Whether using multiple vendor solutions or a complete Intel Security portfolio, companies often require additional services, expert knowledge, and 24/7 care and monitoring to tackle the complex security requirements for the hybrid data center. The Intel Security Professional Services team provides comprehensive services help organizations protect, design, staff, and manage their hybrid infrastructures. Intel and the Intel and McAfee logos, epolicy Orchestrator, and McAfee epo are trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other marks and brands may be claimed as the property of others. Copyright 2016 Intel Corporation. 2052_1216 DECEMBER 2016 McAfee. Part of Intel Security. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.intelsecurity.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information