1 / 22

Data Center Evolution: Physical. Virtual. Cloud.

Data Center Evolution: Physical. Virtual. Cloud. Securing Your Journey to the Cloud. Matt Hubbard Regional Product Marketing. The “Spectrum of Computing ”. Endpoints. Devices, Systems, Data, Applications. Cloud. Laptops, Dtops Smart Phones Handhelds Tablets, Social Media….

kaethe
Télécharger la présentation

Data Center Evolution: Physical. Virtual. Cloud.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Center Evolution: Physical. Virtual. Cloud. Securing Your Journey to the Cloud Matt Hubbard Regional Product Marketing

  2. The “Spectrum of Computing” Endpoints Devices, Systems, Data, Applications Cloud Laptops, Dtops Smart Phones Handhelds Tablets, Social Media… Private & Public Cloud SaaS, PaaS, ITaaS . . . Physical &Virtual Servers & Desktops…. Server/Gateway Oriented Products Endpoint Oriented Products Cloud & Virtual Oriented Products OfficeScan, DLP Encryption WorryFree . . . Deep Security Server Protect Portal Protect IMS/IWS…. Deep Security Secure Cloud… Effective Security Must Span From “Endpoint-to-Cloud” Trend Micro Confidential 2012

  3. Overwhelming Volume of New Threats Source: AV-Test.org Trend Micro Confidential 2012 2

  4. Think Your Data is Secure? The Threats are Real … • Criminal Threats: • Come from many sources, spam, spyware, malicious sites and employee downloads • Hackers: • Compromise web-based applications to access databases • Insider Threats: • Malicious and accidental breaches of private data and intellectual property • Lost and stolen laptops External Attacks Organizational Data Internal Threats! 59% of all data loss originates from the inside* * Source: datalossdb.org Trend Micro Confidential 2012 4

  5. Today’s Datacenter is More Dynamic “88% of North American enterprises do not have a specific virtualization security strategy.” Forrester Research/ Info Week Trend Micro Confidential 2012

  6. A Dynamic That Has Risks “By 2012, 60% of virtualized servers will be less secure than the physical servers they replace.” “Addressing the Most Common Security Risks in Data Center Virtualization Projects” Gartner, 25 January 2010 Trend Micro Confidential 2012

  7. The Value of Virtualization Consolidation This is the most common reason – combining multiple workloads on one physical computer saves space, power, costs of hardware, maintenance, etc. Easier to migrate applications to new hardware, even if old software can’t run on newer hardware – virtualization helps solve the issue of legacy software Hardware Isolation Hardware failure, load balancing, upgrades simpler Maintenance is More Flexible Proper configuration and utilization of virtualization aware security software can keep apps secure Security and Performance Trend Micro Confidential 2012 Classification 7/16/2014

  8. Virtual Machines Need Specialized Protection Same threats in virtualized servers as physical( Vulnerabilities in OS, Enterprise Apps, Web Apps ) New challenges: • Dormant VMs • Resource Contention • VM Sprawl • Inter-VM traffic • vMotion +      Trend Micro Confidential 2012

  9. Virtualization Security Challenge: Resource Contention Typical AV Console 3:00am Scan Antivirus Storm Automatic security scans overburden the system Solution: Dedicated scanning VM Agentless security Staggered scans

  10. 1 Cost Reduction & Consolidation Virtualization Security Challenge: Instant-on Gaps Reactivated with out dated security Dormant Cloned Active        Reactivated and cloned VMs can have out-of-date security Solution: Dedicated scanning VM Layered protection

  11. 1 Cost Reduction & Consolidation Virtualization Security Challenge: Inter-VM Attacks / Blind Spots Attacks can spread across VMs Solution: VM-aware security Virtualization platform integration Virtual Patching

  12. Virtualization Security What is the Solution? A Dedicated Security Virtual Appliance With Agentless Security VM Security Virtual Appliance VM VM VM The Old Way VM VM VM VM VM VM VM VM VM AgentlessSecurityforVMware—Beyond Antivirus • Antivirus • Integrity Monitoring • Intrusion Prevention • Virtual Patching • Firewall • Web Application Protection Maximizes Performance and ROI

  13. 1 Cost Reduction & Consolidation Virtualization Security Increased ROI with Agentless Security Example: Agentless Antivirus 3Xhigher VDI VM consolidation ratios 3-year Savings on 1000 VDI VMs = $539,600 Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations

  14. Securing the Cloud is About Securing… Virtualization Cloud Infrastructure Cloud End Devices Data Centric Protection Dynamic Data Center with Shared System, Share Storage Ubiquitous, BorderlessData Access, Data Everywhere Hybrid Cloud Management Security That Fits Cloud Application 3G NetworkNet Devices Cloud Data Cloud Application Ownership of Data vs. ComputingConfidentiality & Access Control New Platform for New Apps. Example, Web Defacing, SQL Injection

  15. 1 Cost Reduction & Consolidation Cloud Security Cloud Models: Who Has Control? Servers Virtualization & Private Cloud Public Cloud IaaS Public Cloud PaaS Public Cloud SaaS Who is responsible for security? • With IaaS the customer is responsible for VM-level security • With SaaS or PaaS the service provider is responsible for security End-User (Enterprise) Service Provider

  16. 1 Cost Reduction & Consolidation Cloud Security Challenge: Multi-tenancy / Mixed Trust Level VMs Shared resources creates a mixed trust level environment Solution: Self-defending VMs Encryption

  17. 1 Cost Reduction & Consolidation Cloud Security Challenge: Data Access and Governance 10010011 01101100 There can be less visibility and control of cloud data Solution: Encryption of data stored in the cloud Policy-based key management Server validation 17

  18. 1 Cost Reduction & Consolidation Cloud Security Challenge: Data Destruction 10011 0 00101 10011 01110 00101 10011 01110 00101 When data is moved, unsecured data remnants can remain Solution: Encryption of data stored in the cloud Policy-based key management Server validation 18

  19. 1 Cost Reduction & Consolidation Cloud Security What is the Solution? Data Protection Cloud Security Modular Protection Context Aware Encryption with Policy-based Key Management Patient Medical Records Credit Card Payment Information Sensitive Research Results Social Security Numbers • Unreadable for unauthorized users • Control of when and where data is accessed • Server validation • Custody of keys • Self-defending VM security • Agentless and agent-based • One management portal for all modules, all deployments Integration ensures servers have up-to-date security before encryption keys are released vSphere & vCloud

  20. 1 Cloud Security Cost Reduction & Consolidation Fitting Encryption into a VMware Ecosystem Encryption Solution VMware vCloud VMware vSphere Data Center Private Cloud Public Cloud Key Service Console VM VM VM VM VM VM VM VM VM VM VM VM Enterprise Key Encryption throughout your cloud journey—data protection for virtual & cloud environments

  21. 1 Cost Reduction & Consolidation Virtualization and Cloud Security One Security Model VMware Virtualization Private Cloud VM VM VM VM Security Virtual Appliance VM VM VM Security Virtual Appliance VM VM VM • Agentless security • Layered server security • Encryption for vSphere • Agentless security • Layered server security • Encryption for vCloud • Compliance support (FIM, Encryption, etc.) Public Cloud • Server security console • Shared policy profile • Vulnerability shielding VM VM VM VM • Agent-based security • Layered server security • Encryption for leading cloud providers • Compliance support (FIM, Encryption, etc.) • Encryption console • Shared policy profile • Key ownership

  22. www.trendmicro.com/jointhejourney Matt Hubbard matt_hubbard@trendmicro.com Trend Micro Confidential 2012

More Related