1. Deep Security 8
A Server Security Platform for Physical Virtual Cloud
Siupan Chan – Principal Consultant, Trend Micro Hong Kong
Copyright 2009 Trend Micro Inc.
2. Key Trends: Datacenter Consolidation
• Traditional security adds operational challenges and security risks
• Increases Security TCO and limits virtualization/cloud adoption
Physical
y Virtual Cloud
servers servers servers
• Glut of security • Security reduces • Less visibility
products performance • More external risks
• Higher TCO • Mixed workloads
Copyright 2009 Trend Micro Inc.
3. 2009: A Historic Year for Servers
16
Virtual machine shipments surpassed physical server shipped
14
12
10
百萬
萬
8
6
4
2
0
2005 2006 2007 2008 2009 2010 2011 2012 2013
Physical Hosts Virtual Machines
Virtualization changed and simplified how IT
manages servers and datacenters
Copyright 2009 Trend Micro Inc.
4. Key Trends: Sophisticated data-stealing threats
Data security is more challenging than ever before
• More Profitable
• More Sophisticated
• More Frequent Advanced
Persistent
Threats
De-Perimeterization
• More Targeted
Perimeter defenses are not adequate anymore
4
Copyright 2009 Trend Micro Inc.
5. Key Trends: Regulatory Compliance
Solutions Need to Achieve Broader Coverage with Lower TCO
More standards:
• PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS…
, , , , ,
More specific security requirements
Virtualization, Web applications, EHR, PII…
• Vi t li ti W b li ti EHR
More penalties & fines
• HITECH, Breach notifications, civil litigation
“ DMZ consolidation using virtualization will be a "hot spot” for
auditors, given the greater risk of mis-configuration and
lower visibility of DMZ policy violation. Through year end
violation year-end
2011, auditors will challenge virtualized deployments in the
DMZ more than non-virtualized DMZ solutions.
-- Neil MacDonald, Gartner
Copyright 2009 Trend Micro Inc. 5
”
7. Deep Security 8
Agentless Security for VMware
Trend Micro Deep Security
Integrates Agentless
with 1
IDS / IPS VMsafe
VM f
vCenter
APIs
Web Application Protection
Application Control
pp Security
Virtual
Firewall
Machine
g
Agentless
v
2 S
vShield
Antivirus p
Endpoint
Agentless h
3 e
Integrity Monitoring vShield
Endpoint r
e
Agent-based
4
Log Inspection
Security agent
on individual VMs
Copyright 2009 Trend Micro Inc.
8. Deep Security 8 Integrity Monitoring
Agentless Integrity Monitoring
The Old Way With Agent-less Integrity Monitoring
Security
VM VM VM Virtual
Appliance
VM VM VM VM
Zero Added Faster Better Stronger
Footprint
F t i t Performance
P f Manageability
M bilit Security
S it
• Zero added footprint: Integrity monitoring in the same virtual appliance that also
provides agentless AV and Deep Packet Inspection
• Stronger Security: Expands security footprint on VMs, built in tamperproofing
• Order of Magnitude savings in manageability
• Virtual Appliance avoids performance degradation from FIM storms
Copyright 2009 Trend Micro Inc.
8
8
9. Deep Security 8
Agent-based Anti-malware
Deep Packet
Firewall
Inspection
Anti-malware
A ti l
WEB REPUTATION
VDI Local Mode
SERVICES Hyper-V & Xen-based
Integrity Log Virtual Servers
Monitoring Inspection
• New Agent-based AV for physical Windows and Linux* systems, Hyper-V
& Xen based virtual servers, and virtual desktops in local mode
Xen-based
*Linux AV = scheduled scan, agent only,
coming Q1 2012
• Web reputation services through integration with Smart Protection
Network protects systems/users from access to malicious websites
Copyright 2009 Trend Micro Inc. 9
10. Deep Security 8
Integrity Monitoring Ease of Use Enhancements (Agent + Agentless)
Destination
Certified Safe
Software
Service
• Good Events (eg. Windows
Source Destination
Destination SP Roll out) typically add
operational complexity
• Nominating system as
Golden Host creates
template for good events for
remaining systems
Destination
• Cloud-based event
whitelisting further reduces
IT burden
Copyright 2009 Trend Micro Inc.
10
11. Summary / Key Messages
Deep Security 8 extends its leadership in server and virtualization security
• A fully integrated server security platform built for physical virtual and
cloud
• Agentless integrity monitoring adds to other agentless modules, enables
better security and compliance without added cost or complexity
• Agent-based AV extends common protection across all aspects of PVC
• Integration with SecureCloud 2 adds context-aware data protection in
cloud environments
Trend
Micro Trend Micro
22.9% 13%
All All Others Top ratings for
Others Virtualization
Combined Security
77.1%
87%
Source: Worldwide Endpoint Source: 2011 Technavio –
Security 2010-2014 Forecast Global Virtualization Security
and 2009 Vendor Shares, IDC Management Solutions
Copyright 2009 Trend Micro Inc.
11
12. Trend Micro: VMware #1 Security Partner and
2011 Technology Alliance Partner of the Year
Improves Security Improves Virtualization
by
b providing the most
idi th t by
b providing security solutions
idi it l ti
secure virtualization infrastructure, architected to fully exploit
with APIs, and certification programs the VMware platform
VMworld: Trend Micro Dec: Deep Security 7.5
virtsec customer Nov: Deep Security 7 w/ Agentless AntiVirus
with virtual appliance Vmworld: Announce
May: Trend
acquires
i RSA: Trend Micro
RSA T d Mi Deep Security 8
Feb: Join Third Brigade Demos Agentless & vShield OEM
VMsafe RSA: Other vendors
program Sale of DS 7.5 “announce” Agentless
Before GA
2008 2009 2010 2011
July: VMworld: Announce Q1: VMware buys
RSA: Trend Micro
CPVM Deep Security 7.5 Deep Security for
announces Coordinated
GA Internal VDI Use
approach & Virtual pricing
And shows Vmsafe demo Q4: Joined EPSEC 2010:
RSA: Trend Micro
vShield Program >100 customers
announces virtual
Copyright 2009 Trend Micro Inc.
>$1M revenue
appliance