TrendMicro - Security Designed for the Software-Defined Data Center
1. Security Designed for the Software-
Defined Data Center
PatrickGada
Senior Sales Engineer - Trend Micro
7 May2014
2. Are you still
using your
physical server
security in your
virtualized data
center?
2Copyright 2014 Trend Micro Inc.
The physical approach
3. Are you dealing with?
3Copyright 2014 Trend Micro Inc.
• Minutes to deploy a server…
weeks to secure it
• Servers that share resources…
security that consumes it
• Virtual scale beyond physical
limits… hitting a wall on security
4. Software-defined data center changes the
game
The opportunity:
Automate and
optimize security as
part of your data
center operations
4Copyright 2014 Trend Micro Inc.
5. Security principles remain the same;
APPROACH to security must change
CONTEXT Workload and application-aware
SOFTWARE Optimized for virtualization and cloud infrastructure
PLATFORM
Comprehensive capabilities extended acrossyour
data center and cloud
Many Tools
Generic
Hardware
ADAPTIVE Intelligent, dynamic policy enforcement
Automatedprovisioning specific to platform
Static
5Copyright 2014 Trend Micro Inc.
6. Copyright 2014 Trend Micro Inc. 6
Cloud and Data Center Security
Anti-
Malware
Log
Inspection
Host
Firewall
DeepPacket
Inspection
Data Center
Physical Virtual PrivateCloud
Integrity
Monitoring
Public Cloud
Trend Micro Deep Security
7. How Deep Security works
7Copyright 2014 Trend Micro Inc.
Manage global
deployments using Relays
Integrates with VMware
via vSphere, vCenter,
vCloud Director
Integrates
with LDAP
Oracle
or SQL
Integrates with SIEM
8. New approach can improve data center
operations
Provision security automatically in your data center
Manage security efficiently as you scale
Optimize data center environment resources
8Copyright 2014 Trend Micro Inc.
9. Provision security automatically in your data
center
How do you:
• Secure the VM the moment it is provisioned?
• Apply the right policies to that VM?
• Reduce the time to provision without compromising on security?
• Securely bring up/down/moveyour VMs?
9Copyright 2014 Trend Micro Inc.
10. Provisioning
Infrastructure
vCenter, AD,
vCloud and AWS
SAP
Exchange
Servers
Oracle
Web
Servers
Web
Server
Automate security specific to your data
center
• Gain visibilityinto environmentusing
vCenter and vCloud Director integration
• Recommend and apply policies
automatically - specific to your data
center
• Automatically scale up and down
as required—with no security gaps
19
Rules
15
Rules
73
Rules
8
Rules
28
Rules
VM VM VM VM VM
VM VM VM
10Copyright 2014 Trend Micro Inc.
11. New approach provides new opportunities
within data center operations
Provision security automatically in your data center
Manage security efficiently as you scale
Optimize data center environment resources
11Copyright 2014 Trend Micro Inc.
12. Manage security efficiently as you scale
How do you:
• Quickly and easily identify and remediate a security issue?
• Address environment vulnerabilities in a dynamic and
growing environment?
• Manage all security requirements consistentlyacross your
evolving data center environments?
12Copyright 2014 Trend Micro Inc.
13. Manage all controls across all environments
13Copyright 2014 Trend Micro Inc.
• Eliminate need to manage
agents on VMs
• Manage all controlson a
single virtual appliance
• Easily apply consistent
policy across environments
Integrates with VMware via
vSphere, vCenter, vCloud
Director
ESX
Integrates with LDAP
Oracle
or SQL
Integrates
with SIEM
14. Virtualization Demo
14Copyright 2014 Trend Micro Inc.
Automatically add a
new VM with the
appropriate policy
Manage all controls
across all
environments
15. New approach provides new opportunities
within data center operations
Provision security automatically in your data center
Manage security efficiently as you scale
Optimize data center environment resources
15Copyright 2014 Trend Micro Inc.
16. Optimize data center environment
resources
How do you address the
bottlenecks created by
traditional security
capabilities?
16Copyright 2014 Trend Micro Inc.
17. Use agentless security to reduce system load
Network Usage
Scan Speed
CPU/Memory Usage
IOPS
Storage
ESXi
SAN
Disk Disk Disk Disk Disk
17Copyright 2014 Trend Micro Inc.
18. Avoid duplication of effort to impact
performance
18
Scan
Cache
*All results based on internal testingusingVMware View simulators
Up to 20X Faster*
Full Scans
Up to 5X Faster
Realtime Scans
Up to 2X Faster VDI
Login
Copyright 2014 Trend Micro Inc. 18
19. SIGNATURE BASED
ANTI-MALWARE
1988 - 2007
Smart protection
begins with global
threat
intelligence…
CLOUD BASED
GLOBAL THREAT
INTELLIGENCE
2008
BIG DATA
ANALYTICS-DRIVEN
GLOBAL THREAT
INTELLIGENCE
2012+
• Email reputation
• File reputation
• Web reputation
• Whitelisting
• Network traffic rules
• Mobile app reputation
• Vulnerabilities/Exploits
• Threat Actor Research
• Enhanced File Reputation
• Enhanced Web Reputation
• Command & Control
Smart Protection Network
Copyright 2014 Trend Micro Inc.
21. Smart Protection Network
… receives 16B
reputation queries from
customers
… analyses & correlates
100TB of data
… identifies 300,000
new, unique threats
… blocks 250M threats
within our customer
networks
Copyright 2014 TrendMicro Inc.
22. 03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2
Protect against vulnerabilities – before
you patch
• Number of vulnerabilities on the rise
– Over 13,000 vulnerabilities reported in 2013, 32% increase
from 2012
– 73.5% of them are remotely exploitable over the network
– In July 2013, The New York Times reported that the average
vulnerability sells from around $35,000 to $160,000
• Exploits become available shortly after disclosure
– 74% on the same day
– 8% more than one day later
2Copyright 2014 Trend Micro Inc.
23. 03/29/12 Confidential | Copyright2012 TrendMicro Inc. 2
Protect against vulnerabilities – before
you patch
• Roaming endpoints are directly exposed to threats
– Connecting to the Internet from home, hotels, Wifi-Hotspots
• Unauthorized network access within company parameters
– Employee can access unauthorized network using personal owned
devices
2Copyright 2014 Trend Micro Inc.
24. Patching All Vulnerabilties in Time – Not Realistic
• Some vulnerabilities cannot be patched
– Systemsneed to be up 24/7 and cannot be rebooted
• Patches often do not exist
– for 52% of known vulnerabilites, no patch exists
– Average of 151 days for vendors to release patch (NSS
Labs 2013)
• Patches – if available – are not deployed immediately
– Average time to patch in enterprises in 2013: 59 days!
– Endpoints remain vulnerable
Copyright 2014 Trend Micro Inc.
25. Protect against vulnerabilities - before you
patch
• Reduce risk of exposure to
vulnerability exploits –
especially as you scale
• Save money avoiding
costly emergency patching
• Patch at your convenience
Vulnerability Disclosed or
Exploit Available
Patch
Available
Complete
Deployment
Test
Soak
Exposure
Begin
Deployment
Patc
hed
Virtually patch with Trend Micro Intrusion
Prevention
25Copyright 2014 Trend Micro Inc.
26. Trend Micro’s Intrusion
Prevention rules were
released more than a month
before this vulnerability was
addressed!
Copyright 2014 Trend Micro Inc.
(CVE-2013-5065)
26Copyright 2014 Trend Micro Inc.
Protect against vulnerabilities - before you
patch
27. A new approach to security has impact
CONTEXT
SOFTWARE
PLATFORM
ADAPTIVE
Reduce time to provision
Reduce effort to manage
Optimize data center
resources
27Copyright 2014 Trend Micro Inc.
28. A new approach to security has impact
✓ Reduce the need for patching (down-time, reboot)
✓ Extend the life of XP / Windows 2000 systems
✓ Protection against exploits
✓ Enable compliance with PCI 6.6
✓ Control unauthorized network access
28Copyright 2014 Trend Micro Inc.
29. Thousands of customers….millions of
servers protected
29
Automatedsecurity
Secured > 3,000
virtual desktops
Addressed
compliance
Centralized security
Deployed virtual
patching
Reduced impact
on performance
Deployed multiple
controlsto protectdata
Copyright 2014 Trend Micro Inc.
30. #1 Corporate Server Security Market Share
30
30
31%
Source: IDC Worldw ide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares, Figure 2, doc #242618, August 2013
Copyright 2014 Trend Micro Inc.
31. Success Story
31
• Protects over 30,000 VDI users and 300
servers with agentless security
• Tight integration with VMware reduced
management complexity
• Workload on storage reduced by 70%
RESULTS:
“ ...Logging-in
process and
application
performance are
fast and USERS
HAVE BEEN
HAPPY…”
Virtual Technology Center
NTT-Neomeit
Source: 2013 Success Story with NTT
Needed to secure a large VDI
deployment
RESULTS:
Copyright 2014 Trend Micro Inc.
32. Fact about Trend Micro
Founded in 1988, $1.2B Revenue (2012)
Headquartered in Japan, Tokyo Exchange
Nikkei Index, Symbol 4704
Largest Security focused company world wide
Over 5200 Employees, 38 Business Units
37%Consumer
12%Small Business
13%
Midsize
Business
38%Enterprise & VLE
Copyright 2014 Trend Micro Inc.