Despite cloud computing’s maturation as an enterprise IT application or infrastructure option, IT management concerns persist, notably in the areas of security, IT governance, and business continuity. The speaker will focus on security and data governance issues regarding deployment of private, hybrid and public clouds, and offer a pragmatic plan for resolving these concerns. This plan navigates the tangle of security responsibilities between enterprises and cloud service providers to enable IT managers to leverage the economics and flexibility provided by cloud-based applications. The plan focuses on how companies can create secure spaces in the cloud and both protect and control data in those spaces.
Todd Thiemann ,. Senior Director, Datacenter Products, Trend Micro, Inc.
Todd Thiemann has been with Trend Micro for over eight years and is currently responsible for planning Trend Micro’s products and technologies designed to secure datacenter information including virtualization and cloud security, DLP, and encryption. Todd is also co-chair of the Cloud Security Alliance Solution Provider Forum.
Todd holds a BS degree from Georgetown University and an MBA from the Anderson School of Business at the University of California, Los Angeles.
A Plan to Control and Protect Data in the Private and Public Cloud
1. Copyright 2009 Trend Micro Inc. 0
A Plan To Control and Protect Data in
the Private and Public Cloud
Todd Thiemann • Senior Director, Datacenter Security
Trend Micro
2. Copyright 2009 Trend Micro Inc.
Why virtualization & cloud matters
Speed and Business Impact
Expertise and Performance
Cost Reduction
1) The Cloud Imperative… If by mid-year you have not developed and begun to execute upon
an ambitious and enterprise-wide cloud strategy, then by year-end the odds are good
you'll no longer be a CIO.
“Global CIO: The Top 10 CIO Issues For 2010” InformationWeek, 21 December 2009
3. Copyright 2009 Trend Micro Inc.
Virtualization & Cloud Have
Management Attention
Trend Micro Confidential10/12/2010 2
Source: “The 2010 Gartner Scenario: The Current State and Future Directions of the
IT Industry”, Gartner 14 June 2010
4. Copyright 2009 Trend Micro Inc.
Realized Benefits of Cloud Computing
Enterprises Reducing Costs, Increases Agility
Pharmaceutical R&D and The Cloud
“Drug behemoth Eli Lilly and Co. …uses Amazon's Elastic Compute Cloud (EC2) for scientific
collaboration and computations … because they empower many subsets of users.”
SearchCIO.com, 30 July 2009
Public Cloud for Backup & Storage
Using public cloud services, GE reduced backup costs by 40% to 60%,
created reusable processes in a rapidly deployable model.
Matt Merchant, General Electric (December 2009)
Gartner Top 10 Strategic Technologies in 2010
“Cloud Computing. Organizations should think about how to approach the cloud in terms of
using cloud services, developing cloud-based applications and implementing private
cloud environments.” SearchCIO.com, 22 October 2009
Cloud Computing & Security
“CISOs and Security Architects: Don't let operations-led projects lower your security profile.
Engage in a discussion of the issues now, not after the fact.”
Neil MacDonald, Gartner (Gartner Data Center Conference, December 2009)
5. Copyright 2009 Trend Micro Inc. 4
Security and privacy were the foremost concerns by far,
with a weighted score higher than the next three (performance,
immaturity and regulatory compliance) combined.
Gartner (April 2010)
Security: the #1 Cloud Challenge
Classification 10/12/2010
6. Copyright 2009 Trend Micro Inc.
15% 30% 70%
85%
Phase 1
Consolidation
DC Consolidation
- Non-mission critical
base applications
- Standardized hypervisor
- Simple VM Management
Public and private cloud
- Multi-hypervisor
-Virtualized storage
-Multi-tenancy
-Workload Management
-Dedicate or Burst to public
Phase 3
Private > Public Cloud
Mission critical applications
&
Endpoint Control
- Performance becomes critical
-API and advanced
management use
VDI sampling
-Enhanced Compliance controls
Servers
Desktops
Phase 2
Expansion & Desktop
“Typical” Customer Virtualization Evolution
7. Copyright 2009 Trend Micro Inc.
The Evolving Datacenter
Lowering Costs, Increasing Flexibility
Classification 10/12/2010 6
Physical
Private Cloud
Public Cloud
Virtual
Outsourced
•Metered
•Shared Resources
•Data Mobility
Consolidation
•Cost Center
•Single Hypervisor
•Data per AppTraditional
Datacenter
Multi-Tennant
•Charge Back
•Multi-Hypervisor
•Data Sharing
Infrastructure Security and Data Protection must keep up
with Cloud Evolution
8. Copyright 2009 Trend Micro Inc. 7
Phase 1 Security Challenge
Perimeter-only (“Outside-in”) approach together
with rapid virtualization have created less secure
application environments
Through 2012, 60% of virtualized servers will be less secure than
the physical servers they replace.
“Addressing the Most Common Security Risks in Data Center Virtualization Projects” Gartner, 25 January 2010
9. Copyright 2009 Trend Micro Inc.
Phase I: The virtual datacenter is very
dynamic !
8
Hypervisor
Inter-VM
attacks PCI Mobility Cloud Computing
New Challenges Require a New Security Architecture
10. Copyright 2009 Trend Micro Inc.
Virtual Machines Need Specialized Protection
Same threats in virtualized servers
as physical.
New challenges:
1. Instand-on/Dormant VMs
2. Resource contention
3. VM Sprawl
4. Inter-VM traffic
5. vMotion
9
11. Copyright 2009 Trend Micro Inc.
Virtualization Security Foundation
“Secure the workload”
App3
OS3
VM3
App1
OS1
VM1
Hypervisor
VM & Network
Security Integration
Self-secured workload
App FW, IPS, AV…
12. Copyright 2009 Trend Micro Inc.
Customers most common Phase I concern:
Instant-on or unmanged VMs & Patching
• Determines missing patches and existing vulnerabilities
– Operating System
– Common desktop applications
• Recommends set of lightweight, fast-to-deploy filters
– Virtually patches the vulnerabilities
– Zero-Day protection
– Reports on attempts to exploit vulnerabilities
• Removes filters as soon as the patch is deployed
Virtual patch endpoints until patch is ready
Without exposing them to exploits
13. Copyright 2009 Trend Micro Inc.
“Inside-out” Protection Model for Physical,
Virtual and Cloud Computing
“De-Militarized Zone” (DMZ)
Mission Critical Servers
Business Servers
FirewallIPS Firewall
NIPSIPS
Firewall
File Integrity
Monitoring
Log Inspection
IDS / IPS
Trend Micro Deep Security Provides A Secure
Container for Applications and Data
14. Copyright 2009 Trend Micro Inc.
15% 30% 70%
85%
Stage 1
Consolidation
DC Consolidation
- Non-mission critical
base applications
- Standardized hypervisor
- Simple VM Management
Stage 2
Expansion & Desktop
Mission critical applications
&
Endpoint Control
- Performance becomes critical
-API and advanced
management use
VDI sampling
-Enhanced Compliance controls
Servers
Desktops
Hybrid and
selected public cloud
- Multi-hypervisor
-Virtualized storage
-Workload Management
-Burst to public
Stage 3
Private > Public Cloud
GET TECHIE
“Typical” Customer Virtualization Evolution
15. Copyright 2009 Trend Micro Inc. 14
Phase 2: Security Challenge
”Virtually unaware” traditional security
architectures eliminate the benefits of VDI and
virtualized mission-critical applications
16. Copyright 2009 Trend Micro Inc.
Phase II Server Performance
15
App
OS
ESX Server
App
OS
App
OS
VMsafe APIs
Security VM
Firewall
IDS / IPS
Anti-Virus
Integrity
Monitoring
• Protect the VM by inspection of virtual components
• Unprecedented security for the app & data inside the VM
• Complete integration with, and awareness of, vMotion,
Storage VMotion, HA, etc.
17. Copyright 2009 Trend Micro Inc.
Phase II: Securing virtual desktops (VDI)
• Malware risk potential: Identical to physical desktops
– Same operating systems
– Same software
– Same vulnerabilities
– Same user activities
=> Same risk of exposing corporate and sensitive data
• New challenges, unique to VDI:
– Identify endpoints virtualization status
– Manage resource contention
• CPU
• Storage IOPs
• Network
18. Copyright 2009 Trend Micro Inc.
• The “9-AM problem”
– Multiple users log in and download updates at the same time
• “AV-Storms”, Scheduled scans
– Adds significant load to the endpoint
– Multiplied by number of VMs
Cumulative
system load
Existing Endpoint Security Induces
Resource Contention and Limits
Desktop Virtualization Benefits
Phase II: IT Environment Changes
Challenge: Resource Contention with VDI
19. Copyright 2009 Trend Micro Inc.
Phase II Security has to have VDI-Intelligence
• Detects whether endpoints are physical or virtual
– With VMware View
– With Citrix XenDesktop
• Serialize updates and scans per VDI-host
– Controls the number of concurrent scans and updates per VDI host
– Maintains availability and performance of the VDI host
– Faster than concurrent approach
• Leverages Base-Images to further shorten scan times
– Pre-scans and white-lists VDI base-images
– Prevents duplicate scanning of unchanged files on a VDI host
– Further reduces impact on the VDI host
• Can be done agentlessly as well
20. Copyright 2009 Trend Micro Inc.
Summary of Phase II Solutions
• Light and lean agents when deep visibility
is required
– Using cloud-client architecture
• Agent-less option for application & server
performance
– Using virtualization APIs
• Architecture optimizes performance across
entire infrastructure
– Processes are “virtually-aware” across CPU, network,
and storage
Trend Micro Confidential10/12/2010 19
21. Copyright 2009 Trend Micro Inc.
15% 30% 70%
85%
Phase 1
Consolidation
DC Consolidation
- Non-mission critical
base applications
- Standardized hypervisor
- Simple VM Management
Phase 2
Expansion & Desktop
Mission critical applications
&
Endpoint Control
- Performance becomes critical
-API and advanced
management use
VDI sampling
-Enhanced Compliance controls
Servers
Desktops
Hybrid and
selected public cloud
- Multi-hypervisor
-Virtualized storage
-Workload Management
-Burst to public
Phase 3
Private > Public Cloud
GET TECHIE
“Typical” Customer Virtualization Evolution
22. Copyright 2009 Trend Micro Inc.
Phase III: Virtualized Storage and Multi-tenancy
Creates Data Protection Nightmares
Classification 10/12/2010 21
Perimeter
Public and
Private
CloudDatacenter
Strong perimeter security
No shared CPU
No shared network
No shared storage
Weak perimeter security
Shared CPU
Shared network
Shared storage
Traditional “outside-in” approach is inadequate in an
“inside-out” cloud world full of strangers
Hypervisor
Company1
App2
App1
App3
App1
App2
App3
App4
App5
Appn
Company2
Company3
Company4
Company5
Companyn
Hypervisor
…
23. Copyright 2009 Trend Micro Inc. 22
Phase 3: Security Challenge
How do I protect data in a virtualized and multi-
tenant storage environment (private, hybrid, or
public cloud) ?
24. Copyright 2009 Trend Micro Inc.
Who Has Control?
Servers Virtualization &
Private Cloud
Public Cloud
PaaS
Public Cloud
IaaS
End-User (Enterprise) Service Provider
Public Cloud
SaaS
23Trend Micro Confidential 10/12/2010
25. Copyright 2009 Trend Micro Inc.
Amazon Web Services™ Customer Agreement
24
7.2. Security. We strive to keep Your Content secure, but cannot guarantee that
we will be successful at doing so, given the nature of the Internet. Accordingly,
without limitation to Section 4.3 above and Section 11.5 below, you
acknowledge that you bear sole responsibility for adequate security,
protection and backup of Your Content and Applications. We strongly
encourage you, where available and appropriate, to (a) use encryption
technology to protect Your Content from unauthorized access, (b) routinely
archive Your Content, and (c) keep your Applications or any software that you
use or run with our Services current with the latest security patches or updates.
We will have no liability to you for any unauthorized access or use, corruption,
deletion, destruction or loss of any of Your Content or Applications.
http://aws.amazon.com/agreement/#7 (3 March 2010)
The cloud customer has responsibility for
security and needs to plan for protection.
Trend Micro Confidential10/12/2010
26. Copyright 2009 Trend Micro Inc.
SecureCloud: Enterprise Controlled
Data Protection for the Cloud
25
Patent pending Trend Micro technology enables
enterprises to retain control of data in the cloud
Trend Micro Confidential10/12/2010 25
27. Copyright 2009 Trend Micro Inc. 26
All Phases: Architecture Security Challenge
How do I bring it all together in a manageable way
across virtualized, private and public cloud
environments?
28. Copyright 2009 Trend Micro Inc.
A New Security Architecture For A New Era
All environments should be considered un-trusted
Users
access app
Image ensures data
is always encrypted
and managed
Host defends
itself from attack
Encrypted
Data
Encryption keys
controlled by you
DC1, LAN 1
Cloud 2, LAN 1
Data
Cloud 1, LAN 2
DC2, LAN 2
Data
Public CloudDatacenter
Data
Trend Micro Confidential10/12/2010 27
Benefits
•Facilitates movement between
datacenter & cloud
•Delivers security compliance
through encryption
•Enables portability between service
providers
•Ensures private data in public cloud
29. Copyright 2009 Trend Micro Inc.
Your data center is changing, have your security
strategies changed accordingly?
1. Improve Server Defenses (supplement with IDS/IPS,
FW, Application security)
- Implement full audit and monitoring of virtualized environments
2. Leverage Vmware VMsafe-based and vShield Endpoint-
based solutions for higher levels of security with simpler
operations
3. Add virtualization-aware agents where needed
4. Ensure security solution is future-proofed for the private,
public and hybrid cloud
Classification 10/12/2010 28
Security Best Practices Recap
31. Copyright 2009 Trend Micro Inc.
Cloud Computing Compromises
Salesforce.com security breached.
Repeatedly hacked (Washington Post)
Amazon EC2 customer Bitbucket taken
offline by Distributed Denial of Service
attack (The Register)
Oct 2009:
Google Gmail hacked by attacks
originating in China (Financial Times)
Jan 2010:
Oct 2007:
30
Enterprise security challenges continue in the cloud