Sicurezza Data Center 22 giugno 2015 Fabio Paravani Regional Account Manager
A world safe for exchanging digital information CEO Founded Headquarters Employees Offices 2012 Sales Eva Chen 1988, United States Tokyo, Japan 5,137 36 $1.2B USD New malware every ½ second Global Threat Intelligence - 1,200+ experts worldwide 96% of the top 50 global corporations. 100% of the top 10 automotive companies. 100% of the top 10 telecom companies. 80% of the top 10 banks. 90% of the top 10 oil companies. 2
Gli attacchi mirati & Advanced Malware APT Una serie ripetuta di attacchi che hanno l obiettivo di penetrare all interno di Società, Organizzazioni usando differenti metodologie come Email con codice maligno allegato o utilizzando vulnerabilità presenti nei sistemi per rubare informazioni o compromettere i computer comunicando con l esterno per la compromissione totale della rete Advanced Persistent Attack Cco Utilizzando Vulnerabilità su Server pubblici, per penetrare all interno delle reti target direttamente dall esterno. Utilizzando tecniche di social engineering ed altre tecnologie, per penetrare all interno delle reti manipolando gli utenti stessi delle reti for fun for a justice for money spying agitation terrorism Copyright 2015 2012 Trend Trend Micro Micro Inc. Inc. 3
Evoluzione del Data Center Hybrid Cloud Public Cloud BYOPC Server Virtualization Physical Desktops & Servers Desktop Virtualization BYOD Private Cloud 4
Deep Security 9.5 PHYSICAL VIRTUAL CLOUD Intrusion Prevention Firewall Antimalware Web Reputation Integrity Monitoring Log Inspection 1. Agentless platform for VMware environments goes wider and deeper Latest VMware platform support Hypervisor integrity monitoring Improved performance & tuning 2. Extending datacenter security to public and hybrid clouds vcloud and AWS integration enables single pane of glass and unified policies across all workloads 3. Multi-tenant architecture for software-defined datacenters & providers Delegation and self-service for tenants Automated deployments of components for elastic scaling 5
Deep Security Platform Architecture Single Pane Scalable Redundant Deep Security Manager 1 Reports 5 Threat Intelligence Manager 2 Deep Security Agent 3 4 SecureCloud Deep Security Agent Modules: DPI & FW Anti-malware Integrity Monitoring Log Inspection Deep Security Virtual Appliance Modules: DPI & FW Anti-malware Integrity Monitoring Cloud Integration 6 6
Virtual patching Virtually creates the condition that security patches are applied Protects server from attacks on vulnerabilities Vulnerability discovered! Register public database Deep Security virtual patch release Official patch released from all vendors Time line Work by customer Apply virtual patch Official patch validation No need to panic and you can focus on your verification. Apply official patches Remove virtual patches Pain points this function can solve Virtual patch can be applied without stopping server No worries about impact on other systems (side-effects) Users can control patch schedule flexibly. Copyright 2015 2012 Trend Trend Micro Micro Inc. Inc. 7
Virtual Patching con Deep Security Raw Traffic 1 Stateful Firewall Allow known good Over 100 applications shielded including: Operating Systems Database servers Web app servers Deep packet inspection Filtered Traffic 2 3 4 Exploit Rules Stop known bad Vulnerability Rules Shield known vulnerabilities Smart Rules Shield unknown vulnerabilities and protect specific applications Mail servers FTP servers Backup servers Storage mgt servers DHCP servers Desktop applications Mail clients Web browsers Anti-virus Other applications 8
Agentless Architecture = CAPEX + OPEX Savings VM servers per host Agentless AV 75-100 Traditional AV 25 3-10X higher VDI VM consolidation ratios 0 10 20 30 40 50 60 70 80 3-year Savings on 1000 VDI VMs = $539,600 Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011 Saving estimate based on VMware ROI calculations 9
Deep Security for Defense-in-Depth & Compliance Addressing 7 PCI Regulations and 20+ Sub- Controls Including: Firewall Web Reputation Log Inspection Intrusion Prevention Anti-Virus Integrity Monitoring (1.) Network Segmentation (1.x) Firewall (5.x) Anti-virus (6.1) Virtual Patching* (6.6) Web App. Protection (10.6) Daily Log Review Physical Servers Virtual Servers Cloud Computing Endpoints & Devices (11.4) IDS / IPS (11.5) File Integrity Monitoring * Compensating Control 10
SDDC (Software Defined Datacenter) 11
Q&A GRAZIE!!!