enhancing the software defined datacenter2017/02/02 · • scheduled - and manual scanning of all...
TRANSCRIPT
![Page 1: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/1.jpg)
Enhancing the
Software Defined
Datacenter
Danny Claproth
Sr. Sales Engineer
![Page 2: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/2.jpg)
• Bringing Security to virtualisation and cloud
– Responsibilities and Challenges
• Deep Security
– What, How, Why
• Secure Cloud
– What, How, Why
• What about NSX (Deep Security 9.5)?
Agenda
![Page 3: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/3.jpg)
Security in the cloud (and virtualized environments)
Responsibilities and Challenges
![Page 4: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/4.jpg)
Resource Contention 1
Typical AV
Console 3:00am Scan
Automatic antivirus scans
overburden the system
Antivirus Storm
![Page 5: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/5.jpg)
Virtualization & Cloud
Key Security Inhibitors
Resource Contention 1
Instant-on Gaps 2
Dormant
Active
Reactivated with
Out-dated security
Cloned
Reactivated and cloned VMs can have out-of-date security
![Page 6: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/6.jpg)
Resource Contention 1
Inter-VM Attacks / Blind Spots 3
Instant-on Gaps 2
Attacks can spread across VMs
![Page 7: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/7.jpg)
Complexity of Management 4
Resource Contention 1
Inter-VM Attacks / Blind Spots 3
Instant-on Gaps 2
VM sprawl inhibits compliance
Patch
agents
Rollout
patterns
Provisioning
new VMs
Reconfiguring
agents
![Page 8: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/8.jpg)
Cloud Security Challenges
Challenge: Multi-tenancy / Mixed Trust Level VMs
Shared resources creates a mixed trust level environment
![Page 9: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/9.jpg)
Cloud Security Challenges
Challenge: Data Access and Governance
Cloud data can provide less visibility and control
10010011
01101100
![Page 10: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/10.jpg)
10011
01110
00101
Cloud Security Challenges
Challenge: Data Destruction
When data is moved, unsecured data remnants can remain
10011
01110
00101
10011
0
00101
![Page 11: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/11.jpg)
Deep Security Be Smart when changing your datacenters
![Page 12: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/12.jpg)
PHYSICAL VIRTUAL CLOUD
Server Security Platform
Open, Automated, Scalable Platform
Anti-
malware Firewall
Integrity
Monitoring
Intrusion
Prevention
Log
Inspection
Web
Reputation
![Page 13: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/13.jpg)
Anti-
malware • Anti-malware prevent viruses and other malicious code from penetrating your data center
• Real-time – scanning on all your disk activities
• Scheduled - and Manual scanning of all your disks
• Web-Reputation prevent hosts to access web content hosted on malicious
• Web resources are being categorized.
• Dynamic list based on Trend Micro’s Smart Protection Network
Web
Reputation
![Page 14: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/14.jpg)
• IDS/IPS detects and blocks known and zero-day attacks that target vulnerabilities
• Web Application Protection: shields web application vulnerabilities
• Application Control provides increased visibility into or control over applications accessing the network
Intrusion
Prevention
Firewall • Reduces attack surface.
• Prevents DoS and detects reconnaissance scans
![Page 15: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/15.jpg)
• Detects malicious and unauthorised changes to – Files
– Directories
– Registry keys
– …
Integrity
Monitoring
Log
Inspection
• Optimizes the identification of important security events buried in the log entries
![Page 16: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/16.jpg)
Deep Security Architecture
3/11/2014 Copyright 2013 Trend Micro Inc.
DSVA VM VM VM VM
ESX
Hypervisor – Filter Driver
![Page 17: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/17.jpg)
Deep Security Architecture
3/11/2014 Copyright 2013 Trend Micro Inc.
DSVA VM VM VM VM
ESX
Hypervisor – Filter Driver
Disk I/O Network Traffic
Physical Network Physical Disks
![Page 18: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/18.jpg)
Deep Security Architecture
3/11/2014 Copyright 2013 Trend Micro Inc.
DSVA VM VM VM VM
ESX
DSVA VM VM
Hypervisor –
Filter Driver
ESX
Hypervisor – Filter Driver
DSM
![Page 19: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/19.jpg)
Deep Security Architecture
3/11/2014 Copyright 2013 Trend Micro Inc.
DSVA VM VM VM VM
ESX
vCenter
DSVA VM VM
Hypervisor – Filter
Driver
ESX
Hypervisor – Filter Driver
DSM
![Page 20: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/20.jpg)
Improved performance for Malware and Integrity Scans
Up to 20X improvement especially for VDI
Deeper agentless guest context enables software and vulnerability scan for automatic policy management
Deep Security 9
vSphere
VMs
OS
APPs
Deep Security Virtual Appliance Anti-Malware
Web Reputation
Intrusion Prevention
Firewall
Integrity Monitoring VM Tools Thin Driver
![Page 21: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/21.jpg)
Deep Security 9 – Instant on Security
![Page 22: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/22.jpg)
Flexible Deployment in the cloud
3/11/2014 Copyright 2013 Trend Micro Inc.
• Agent based deployment mode
• Agent installation can be scripted
![Page 23: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/23.jpg)
Secure Cloud Be Smart when changing your datacenters
![Page 24: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/24.jpg)
Patient Medical Records Credit Card Payment
Information Sensitive Research
Results Social Security Numbers
Encryption with Policy-based
Key Management
What is Secure Cloud
• Compliance support
• Custody of keys
• No vendor lock-in
• Trusted server access
• Control for when and where
data is accessed
AES Encryption
128, 192, & 256 bit
Policy-based
Key Management
Auditing, Reporting,
& Mobility
• Unreadable to outsiders
• Obscured data on recycled
devices
![Page 25: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/25.jpg)
Platform Support
3/11/2014
Copyright 2013 Trend Micro Inc.
Trend Micro
SaaS Solution
Key Management
Deployment Options
Encryption Support
Or
Data Center
Software Application
VM VM VM VM
VM VM VM VM
SecureCloud
Console
Private
Clouds
Public
Clouds
vSphere
Virtual
Machines
VM VM VM VM
2
5
Physical
Machines
![Page 26: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/26.jpg)
How SecureCloud works
Storage:
- Encrypted
Server
SecureCloud
Key Management
- With SC agent
Random session
key over SSL
• Server that needs access to storage – SC agent opens session with SC key
management server
– Policy check
• SC key management releases key
• Server uses key to access storage
Cloud Service
Provider Enterprise
Datacenter or
SaaS Offering
![Page 27: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/27.jpg)
• Full volume Encryption
• SecureCloud Agents sits in OS stack between Disk driver and File System driver
• Encryption transparent to the OS and applications
• Encryption persists even after the instance is stopped
• FIPS 140-2 certified AES encryption
Why Secure Cloud
3/11/2014 Copyright 2013 Trend Micro Inc.
![Page 28: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/28.jpg)
Deep Security + Secure Cloud = A Perfect Match
![Page 29: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/29.jpg)
Trend Micro Cloud Protection
3/11/2014 Copyright 2013 Trend Micro Inc.
Patient Medical Records Credit Card Payment Information Sensitive Research Results Social Security Numbers
SecureCloud
Encryption with Policy-
based Key Management
Deep Security
Server Security Platform
Physical Virtual Cloud
=
=
System and application
protection for VMs in private,
public, and hybrid clouds
Data protection with
encryption for data stored in
private, public and hybrid
clouds
Trend Micro Deep Security
Cloud Protection Pack
![Page 30: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/30.jpg)
What about NSX? Deep Security 9.5
![Page 31: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/31.jpg)
Innovating with VMware
Deep Security 7 (2009) – Agentless Intrusion Prevention and Firewall
Deep Security 7.5 (2010) – Agentless Anti-Malware
Deep Security 8 (2012) – Agentless Integrity Monitoring – Agentless Web Reputation
Deep Security 9 (2013) – Agentless Recommendation Scan – Scan Cache
![Page 32: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/32.jpg)
NSX replaces vShield and vCNS
3/11/2014 Copyright 2013 Trend Micro Inc. 32
![Page 33: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/33.jpg)
Service Catalog & Auto Deployment
3/11/2014 Copyright 2013 Trend Micro Inc. 33
![Page 34: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/34.jpg)
Group Management through vSphere
3/11/2014 Copyright 2013 Trend Micro Inc. 34
![Page 35: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/35.jpg)
Partial Policy Management through vSphere
3/11/2014 Copyright 2013 Trend Micro Inc. 35
![Page 36: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/36.jpg)
Tags Enable Automation/Interoperability
3/11/2014 Copyright 2013 Trend Micro Inc. 36
![Page 37: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/37.jpg)
NSX Benefits
Automatic Deployment of DSVA on ESXi 5.5+
Auto Activation of DSVA
No maintenance mode/reboot
Fine-grained packet traffic control
Multi-product interoperability and automation through tagging
3/11/2014 Copyright 2013 Trend Micro Inc. 37
![Page 38: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/38.jpg)
Deep Security 9.5 support all modules (using vShield with VMsafe-NET) on:
• ESXi 5.5
• ESXi 5.1
NSX Alternatives
3/11/2014 Copyright 2013 Trend Micro Inc. 3
8
![Page 39: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/39.jpg)
Deep Security 9.5 Beta: This month! GA: Beginning Q2
![Page 40: Enhancing the Software Defined Datacenter2017/02/02 · • Scheduled - and Manual scanning of all your disks • Web-Reputation prevent hosts to access web content hosted on malicious](https://reader036.vdocuments.us/reader036/viewer/2022090906/613ca73c4c23507cb63585aa/html5/thumbnails/40.jpg)
Questions?