trend micro - your journey to the cloud, where are you

Copyright 2011 Trend Micro Inc.

www.trendmicro.com

TREND MICRO: SECURING YOUR JOURNEY TO THE CLOUD

04/12/231


Nick Black

Trend Micro

The Journey to Cloud


Cloud Application

Consumerization and Mobility

Cloud Data

The Four Pillars of the Cloud Revolution

Cloud Infrastructure

Hybrid Cloud Management

• Physical • Virtual• Cloud

Unique Set of Security Challenges in Cloud Era

Cloud Infrastructure

Mobile Device Management

Data Protection

Cyber Attacks


Consumerization of IT

• Popular new consumer technology spreads into business organizations

• IT and consumer electronics converge as the same devices are used for work and play

• Power shifts from corporate IT and enterprise vendors (IBM, HP) to end users and innovative consumer vendors (Apple, Google)

“Consumerization will be the most significant trend affecting IT during the next 10 years” Gartner


Consumerization: why now?

• Affordable products and services• Simple, intuitive, easy to use• Pervasive fast network connectivity• Abundance of content & applications

5 Copyright 2011 Trend Micro Inc.


30K Android Malware

• 10K: Middle of 2012!

• 100K: End of 2012!

http://blog.trendmicro.com/how-big-will-the-android-malware-threat-be-in-2012/


Advanced Persistent Threats

EmpoweredEmployees

Elastic Perimeter


Trend Micro evaluations find over 90% of enterprise networks contain active

malicious malware!

Traditional Security


Data Protection

Data

• Self-Secured Workload

• Local Threat Intelligence

• When-Timeline Aware

• Who-Identity Aware

• Where-Location Aware

• What-Content Aware

• User-defined Access Policies

• Encryption

All network-connected data must be able to defend itself from attacks

Integrated Security Across PlatformsInside-out Security : smart context aware security

Inside-Out Security

Endpoints Datacenters

8


Who is responsible for security?

• With IaaS the customer is responsible for VM-level security

• With SaaS or PaaS the service provider is responsible for security

Public CloudPaaS

Public CloudIaaS

Servers Virtualization & Private Cloud

End-User (Enterprise) Service Provider

Public CloudSaaS

Cloud SecurityCloud Security

Cloud Models: Who Has Control?

904/12/23


PhysicalDesktops & Servers

DesktopVirtualization

Server Virtualization

Private Cloud

Hybrid Cloud Public Cloud

Mobile

BYOPC

Journey to the CloudJourney to the Cloud

Where is Your Data?

1004/12/23

Safe Harbour

USA Patriot Act


APTs -- The Challenges

Sophisticated Social Engineering1.People is the weakest link

2.Spear phishing3.Employee training

Stealthy Behavior1.Low profile – may be dormant for months

2.Leverage employee credentials and privileges3.Noise from network IDS/IPS technology

Zero-day Vulnerabilities1.Patch management

2.Thousands of endpoints3.Servers in datacenters can’t be patched…right away

13


Deep Discovery: APT Hunter

Specialized Threat DetectionAcross the Attack Sequence

Malicious Content•Emails containing embedded

document exploits•Drive-by Downloads

•Zero-day and known malware

Suspect Communication•C&C communication for any

type of malware & bots•Backdoor activity by attacker

Attack Behavior•Malware activity: propagation,

downloading, spamming . . .•Attacker activity: scan, brute force, service exploitation . . .

•Data exfiltration communication

14

Network Inspection Platform

Network Visibility, Analysis & Control

Deep Discovery

• Visualization• Analysis• Alarms

• Reporting

Network Inspection Platform

ThreatDetection

Virtual Analyzer

WatchList

Threat Connect

SIEMConnect


GLOBAL SENSORNET(via agents, community, customers, threat

researchers and more)

THREAT-ACTORSFILES

MOBILE/APPS

EXPLOIT KITS

URLS

IP ADDRESSES

NETWORK TRAFFIC

DOMAINS

VULNERABILITIES


GLOBAL THREAT INTELLIGENCE

FILEREPUTATION

WEBREPUTATION

EMAILREPUTATION

WHITELISTING

VULNERABILITIES/ EXPLOITS

MOBILE APPREPUTATION

NETWORK TRAFFIC RULESexpanded

expanded


VM

VMware VirtualizationVMware VirtualizationSecurity

Virtual Appliance

VM VM VM VM

• Agentless security

• Layered server security

• Encryption for vSphere

Private CloudPrivate Cloud

• Agentless security• Layered server security

Security Virtual

ApplianceVM VM VM

Public CloudPublic CloudServer security console

• Shared policy profile

• Virtual patching

VM

VM VM VMVM

• Encryption for vCloud• Compliance support

(FIM, Encryption, etc.)

Encryption console

• Shared policy profile

• Key ownership

• Agent-based security

• Layered server security

• Encryption for leading cloud providers

• Compliance support (FIM, Encryption, etc.)

VM

Virtualization and Cloud SecurityVirtualization and Cloud Security

One Security Model

1704/12/23



Trend Micro

Worldwide Endpoint SecurityRevenue Share by Vendor, 2010

Source: IDC, 2011

Trend Micro

Source: 2011 Technavio – Global Virtualization Security Management Solutions

Source: 2012 Technavio – Global Cloud Security Software Market

Trend Micro is No.1 in Server, Virtualization, & Cloud Security

Why is Trend Micro an Expert? Why is Trend Micro an Expert?

#1 in Cloud Security

#1 in Virtualization Security

#1 in Server Security

Trend Micro

Trend Micro


www.trendmicro.com

TREND MICRO: SECURING YOUR JOURNEY TO THE CLOUD

04/12/2319

trend micro - your journey to the cloud, where are you

Documents

security copyright

cloud security cloud

integrated security

vmlevel security

google copyright

cloud erathe

cloud securitytrendmicro

networkconnected data