New Horizons for End-User Computing Event - Trend
•Télécharger en tant que PPTX, PDF•
0 j'aime•1,145 vues
Slides presented by Trend at our Partner Enablement Event - 'New Horizons for End-User Computing' - 2nd May 2013
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (19)
Similaire à New Horizons for End-User Computing Event - Trend
Similaire à New Horizons for End-User Computing Event - Trend (20)
Plus de Arrow ECS UK
Plus de Arrow ECS UK (20)
Dernier
Dernier (20)
New Horizons for End-User Computing Event - Trend
- 1. Trend Micro Trend Micro 2013 EUC / VDI RoundTable 5/9/2013 1 Confidential | Copyright 2012 Trend Micro Inc. Stephen Porter Alliances & Global SI BDM Stephen_porter@trendmicro.co.uk Tel:07557154436
- 2. Advanced Targeted Threats Empowered Employees De-Perimeterization Virtualization, Cloud Consumerization & Mobility Outside-in Perimeter Defense Isn’t Enough… Source: Forrester
- 3. Challenge: Resource Contention Typical Security Console 09:00am Virus Definition Updates Configuration Storm Automatic security scans overburden the system 3:00am Integrity Scan Destroys the business case for VDI
- 4. Cloned Challenge: Instant-on Gaps DormantActive Reactivated with out dated security Reactivated and cloned VMs can have out-of-date security
- 5. Log Inspection Anti-Virus Detects and blocks known and zero-day attacks that target vulnerabilities Tracks credibility of websites and safeguards users from malicious urls Reduces attack surface. Prevents DoS & detects reconnaissance scans Detects malicious and unauthorized changes to directories, files, registry keys… Optimizes the identification of important security events buried in log entries Detects and blocks malware (web threats, viruses & worms, Trojans) Deep Security Virtual Appliance (or Agent) System, application and data security for servers Protection is delivered via Agent and/or Virtual Appliance 6 protection modules Integrity Monitoring Intrusion Prevention Firewall Web Reputation Physical Servers Virtual Servers Cloud Desktop/Laptop
- 6. Any Hypervisor Agent Based VMware Hypervisor Agent-Less
- 7. 2012 Technology Alliance Partner of the Year Improves Security by providing the most secure virtualization infrastructure, with APIs, and certification programs Improves Virtualization by providing security solutions architected to fully exploit the VMware platform 2008 2009 2011 Feb: Join VMsafe program RSA: Trend Micro VMsafe demo, announces Coordinated approach & Virtual pricing RSA: Trend Micro announces virtual appliance 2010: >100 customers >$1M revenue VMworld: Announce Deep Security 8 w/ Agentless FIM 1000 Agentless customers VMworld: Trend virtsec customer, case study, webinar, video May: Trend acquires Third Brigade July: CPVM GA Nov: Deep Security 7 with virtual appliance RSA: Trend Micro Demos Agentless 2010 Q4: Joined EPSEC vShield Program VMworld: Announce Deep Security 7.5 Sale of DS 7.5 Before GA Dec: Deep Security 7.5 w/ Agentless Antivirus RSA: Other vendors “announce” Agentless
- 8. Deep Security Virtual Appliance • Intrusion prevention • Firewall Virtualization Security with Deep Security Agentless Security Platform for Private Cloud Environments • Anti-malware • Web reputation • Integrity monitoring VM VM VM The Old Way Security Virtual Appliance VM VM VM With Deep Security VM Easier Manageability Higher Density Fewer Resources Stronger Security VM More VMs
- 9. Anti-malware Scan Performance 1st AM scan 2nd AM scan (cached) Scan time ~ 20x faster Significant DSVA CPU Reduction Huge IO Volume Reduction
- 10. Shared Memory: Light and Lean Classification 5/9/2013 11 Keeping a signature file in every virtual desktop is inefficient and unsustainable
- 11. Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations 3X higher VDI VM consolidation ratios Increased ROI with Deep Security Example: Agentless Antivirus VIRTUALIZATION SECURITY 0 10 20 30 40 50 60 70 80 Traditional AV Agentless AV VM servers per host 75 25 3-year Savings on 1000 VDI VMs = $539,600
- 12. CBRE UK – VDI Success • 2000 Seats of VDI • 15,000 global rollout • Mobile Device Enabled • Operational Benefits • Single Image • Easier Support • Reduced Capex • Improved User Productivity • EMEA rollout planned
- 13. Integrated Management Deep Security 8.0 VM Lifecycle • Creation • Configuration • Deployment • Dynamic update • V-Motion • Restart vCenter….. Cloud Management
- 14. Secure the lifecycle of the VM VIRTUALIZATION SECURITY Moving VM’s Restarted VM Self Service new VMs Reconfiguring VM - Clones Relevant Deep Security ControlsFIM DPI Firewall AV FIM DPI Firewall AV FIM DPI Firewall AV FIM DPI Firewall AV FIM DPI Firewall AV Recommendation Scan vCenter
- 15. Profile Management Deep Security Manager Agentless Protection with Virtual Appliance Agent based Protection
- 16. Manual Updates As Required Pattern #file distribution Vulnerability Identified Rule defined and Incorporated in Pattern File
- 17. THREAT DATA CUSTOMERS THREAT INTELLIGENCE Global Threat Intelligence with the Smart Protection Network Identifies Global We look in more places Broad We look at more threat vectors Correlated We identify all components of an attack Proactive We block threats at their source 1.15B Threat Samples Daily 90K malicious threats daily 200M Threats blocked daily
- 18. Automatic updates Automatic or Customer Controlled Deployment Vulnerability Identified Rule defined and Vulnerability shielded
- 19. Virtual Patching VM VM VM VM 50-60 VMs per server vShield VA Microsoft Patch Tuesday Business Critical AppsOther Vendors Regular Process Time Consuming Expansive Un Supported OS Intermittent notification Change Freeze Zero Down time No Regular notification Collaborative process
- 20. Virtual Patching Savings 5/9/2013 21Confidential | Copyright 2012 Trend Micro Inc.
- 21. VDI Example – Cost Breakdown per desktop; 4 year model £1000 £1250 £875 £2480 £1160 £928 £1360 £440 £396 £4840 £2850 £2199 STD VDI VDI + Security
- 22. End to End Security Solution for EUC • Adds protection technology – Virtual Patching – VDI Intelligence – DLP Lite – Encryption • Adds management capabilities – Smartphones – Tablets – Mac OfficeScan Console
- 23. Trend Micro Mobile Security 8.0 Mobile Device Management • Device Discovery • Device Enrollment • Device Provisioning • S/W Management • Remote Control • Reporting • Inventory Man. • Remote Locate • Summary Views • Summery Reports Mobile Device Security • Anti-Malware • Firewall • Web Threat Protection • Call Filtering • SMS/WAP Anti-Spam • Jail break detection Data Protection • Encryption Enforcement • Remote Wipe • Selective Wipe • Remote Lock • SIM Change/ Watch • Feature Control / Lock • Password Policy Application Management • App Black Listing • App White Listing • App Push • Required • Optional • App Inventory Centralised Policy Management – Single Platform Integrates directly into OfficeScan as a Plug in
- 24. Customer Benefits – Cost / Operations • Capex – Reduced Hardware investment – Reduced software licensing – Software Product Consolidation • Simplification – Software Consolidation – Reduction in Managed Elements – Heterogeneous Physical, Virtual or Cloud Management • Operation Benefits – Standardised Profiles – Automated Updates – Virtual Patching
Notes de l'éditeur
- The outside-in approach is still important, but, alone, is not sufficient in today’s evolving data center. Disgruntled employees are already within the perimeter. Advanced Persistent Threats are unique attacks that will not be stopped by many traditional perimeter defenses. And the changing nature of IT is causing deperimeterization with new technologies like virtualization, cloud computing, and consumerization. New security approaches must be added to the traditional outside-in protection.
- Next we’ll cover instant-on gaps. [click]Unlike a physical machine, when a virtual machine is offline, it is still available to any application that can access the virtual machine storage over the network, and is therefore susceptible to malware infection. However, dormant or offline VMs do not have the ability to run an antimalware scan agent. [click]Also when dormant VMs are reactivated, they may have out-of-date security. [click]One of the benefits of virtualization is the ease at which VMs can be cloned. However, if a VM with out-of-date security is cloned the new VM will have out-of-date security as well. New VMs must have a configured security agent and updated pattern files to be effectively protected. [click]Again the solution is a dedicated security virtual appliance that can ensure that guest VMs on the same host have up-to-date security if accessed or reactivated, and can make sure that newly provisioned VMs also have current security. This security virtual appliance should include layered protection that integrates multiple technologies such as antivirus, integrity monitoring, intrusion detection and prevention, virtual patching, and more. .
- Trend Micro was VMware’s 2011 Technology Alliance Partner of the Year. This timeline helps highlight some of our achievements in our partnership with VMware, starting back in 2008. [Highlight a couple of key points from the timeline—do not cover it all.]
- VMware controls more than half of the virtualization market. Virtualization security must fit into the VMware ecosystem to effectively support enterprise virtualization efforts. Here we demonstrate the different VM-security aspects and how they can fit into a VMware infrastructure.[click]The pairing of agent-less antivirus and agentless integrity monitoring with vShield Endpoint enables massive reduction in memory footprint for security on virtual hosts by eliminating security agents from the guest virtual machines and centralizing those functions on a dedicated security virtual machine. [click]Protection such as intrusion detection and prevention, web application protection, application control, and firewall can be integrated with VMware using VMsafe APIs, integrating security with VMware vSphere environments. Again this can be an agent-less option.[click]And finally, log inspection which optimizes the identification of important security events buried in log entries, can be applied through agent-based protection on each VM. [click]These elements can be integrated and centrally managed with VMware vCenter Server. Together, these provide comprehensive, integrated virtual server and desktop security.
- Everybody knows about the explosive growth of malwareThis graph shows the growth in the size of the pattern file alone over the last 4 years. This is industry average, not individual vendor.Size grows faster for vendors who rely strictly on pattern files, rather than taking advantage of new protection mechanisms=> Keeping a pattern file on every client is impractical and unsustainable.
- I mentioned that the agentless approach began with agentless antivirus. Trend Micro’s agentless antivirus solution was available starting in 2010, so there’s been an opportunity to test its success. In an independent study by Tolly Enterprises, Trend Micro agentless antivirus was tested against leading traditional antivirus solutions that do not use a dedicated security virtual appliance and agentless antivirus, and the results were striking. Trend Micro’s agentless antivirus achieved 3 times higher VDI VM consolidation ratios—and similar results also extended to server virtualization as well. The VDI results translate into saving almost $540,000 every 3 years for each 1000 virtual desktops.
- The final virtualization challenge we’ll discuss is the complexity of management. Virtual machines are dynamic. They can quickly be reverted to previous instances, paused, and restarted, all relatively easily. They can also be readily cloned and seamlessly moved between physical servers. Vulnerabilities or configuration errors may be unknowingly propagated. Also, it is difficult to maintain an auditable record of the security state of a virtual machine at any given point in time.[click]This dynamic nature and potential for VM sprawl makes it difficult to achieve and maintain consistent security. Hypervisor introspection is needed for visibility and control. Security that leverages the hypervisor APIs can ensure that each guest VM on the host remains secure and that this security coordinates with the virtualization platform.
- We continue to invest in threat research and innovate our core technologies, products and services to ensure we stay one step ahead of the bad guys, to stop threats faster, and give you the actionable threat intelligence you need to make more informed choices about how best to protect your data.As the source of global threat intelligence forTrend Micro’s cloud-era security, the Trend Micro™ Smart Protection Network™ has expanded to look in more places and correlate more threat intelligence, to identify threats, deliver proactive protection, and secure data faster than any other security vendor. This expansion includes global intelligence about mobile apps, vulnerabilities/exploits, APTs and goodware.And our global threat intelligence is integrated into all our solutions, across consumer to enterprise customers, including mobile, endpoint, server, network, messaging, gateway, and SaaS solutions.