deep scurity

7/28/2019 Deep Scurity

1/20

Copyright 2011 Trend Micro Inc.

Virtuali

zation and Cloud Computing

How to manage the risk?Available Aug 30, 2011

Raimund Genes

CTO Trend Micro


2/20



3/20



4/20



5/20



6/20



7/20



8/20



9/20



10/20


Infection Exfiltration(Sendspace)

Informationto C&C

http://blog.trendmicro.com/trojan-abuses-sendspace-a-closer-look/


11/20


Outside-in Model of Perimeter Defense

Layer protection from outside in

Keeps threats as far away as

possible!

Outside-In Security


12/20


Data Protection

Data

Self-Secured Workload

Local Threat Intelligence

When-Timeline Aware

Who-Identity Aware Where-Location Aware

What-Content Aware

User-defined Access Policies

Encryption

Inside-out Security

Inside-

Out

Security

Endpoints Datacenters


13/20


Security Challenges Across theDynamic Datacenter

Less visibility

More external risks

Security reduces

performance

Mixed workloads

Glut of security

products

Less security

Higher TCO

VirtualPerformance & Threats

CloudVisibility and Threats

PhysicalManageability


14/20


IDS / IPS

Web Application Protection

Application Control

Firewall

Deep Packet Inspection

Log

Inspection

Anti-Virus

Detects and blocks known and

zero-day attacks that target

vulnerabilitiesShields web application

vulnerabilities Provides increased visibility into,

or control over, applications

accessing the network

Reduces attack surface.

Prevents DoS & detects

reconnaissance scans

Detects malicious and

unauthorized changes to

directories, files, registry keys

Optimizes the

identification of important

security events buried inlog entries

Detects and blocks malware

(web threats, viruses &

worms, Trojans)

Trend Micro Deep SecuritySystem, application and data security across:

Protection is delivered via Agent and/or Virtual Appliance

5 protection modules

Integrity

Monitoring


15/20


Key Challenge: Too many consoles, isolated

policies

Need: Consolidate disparate security

products in 1 integrated agent & console

Deep Security 7.5

Firewall, IDS/IPS, File integrity

monitoring and log inspection agent

Deep Security 8 Added antivirus agent supporting both

Windows and Linux environments

Easy to use FIM with golden hosts &

cloud-based event whitelisting

Physical

Windows, Linux,

AIX, UNIX,

Solaris

Security for Physical ServersReduce Complexity

Deep Security 8 is

the server security

platform that

protects servers

with ONE integrated

agent & console


16/20


Security for Virtual ServersIncrease Efficiency

Key Challenge: Consolidation limits due to

performance & resource inefficiencyNeed: Integrate security at the hypervisor

level via a virtual appliance

Deep Security 7.5 Agentless firewall, IDS/IPS

Agentless antivirus

Deep Security 8 Agentless file integrity monitoring

Hypervisor integrity via Intel TPM/TXT

Web reputation services integration for

improved VDI protection

Virtual

VMware vSphere

vCenter, vDirector

Deep Security 8 will

lower barriers to

adoption for FIM

and enable greater

security with zero

added footprint


17/20


Key Challenge: Data security in the cloud

Need: Enable path to private, public or

hybrid cloud with added data security,

management APIs and multi-tenancy

support

Deep Security 8 with SecureCloud 1.2

Support for bare metal and virtual

infrastructure without cloud API

Deep Security 8.0 with SecureCloud 2

Deep Security Manager integration

FIPS 140-2 certification

Key revocation, rotation & lifecycle mgmt

Cloud

Amazon, vCloud

Security for Cloud ServersDeliver Agility

Deep Security 8with SecureCloud 2

will provide context-

aware data security

necessary for ALL

cloud environments


18/20


Patient Medical RecordsCredit Card Payment

InformationSensitive Research ResultsSocial Security Numbers

Encryption with Policy-based

Key Management

Data is unreadable

to unauthorized users

Policy-based key management

controls and automates key

delivery

Server validation authenticates

servers requesting keys

SecureCloud 2

Total Cloud Protection withDeep Security 8 and SecureCloud 2System, application and data security in the cloud

Deep Security 8

Modular protection for

servers and applications

Self-Defending VM Security

in the Cloud

Agent on VM allows travel

between cloud solutions

One management portal for

all modules

Context

Aware


19/20



20/20


[email protected]

deep scurity

Documents