Upload
arrow-ecs-uk
View
766
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Slides presented by Trend at our Partner Enablement Event - 'New Horizons for End-User Computing' - 2nd May 2013
Citation preview
Trend Micro Trend Micro 2013 EUC / VDI RoundTable
04/09/2023 1 Confidential | Copyright 2012 Trend Micro Inc.
Stephen Porter
Alliances & Global SI BDM
Tel:07557154436
AdvancedTargetedThreats
EmpoweredEmployees
De-PerimeterizationVirtualization, Cloud
Consumerization & Mobility
Outside-in Perimeter Defense Isn’t Enough…
Source: Forrester
Challenge: Resource Contention
Typical Security
Console 09:00am Virus Definition Updates
Configuration Storm
Automatic security scans overburden the system
3:00am Integrity Scan
Destroys the business case for VDI
Cloned
Challenge: Instant-on Gaps
Dormant Active Reactivated with
out dated security
Reactivated and cloned VMs can have out-of-date security
Log Inspection
Anti-Virus
Detects and blocks known and zero-day attacks that
target vulnerabilities
Tracks credibility of websites and safeguardsusers from malicious urls
Reduces attack surface. Prevents DoS & detects
reconnaissance scans
Detects malicious and unauthorized changes to
directories, files, registry keys…
Optimizes the identification of important
security events buriedin log entries
Detects and blocks malware (web threats, viruses &
worms, Trojans)
Deep Security Virtual Appliance (or Agent)System, application and data security for servers
Protection is delivered via Agent and/or Virtual Appliance
6 protection modules
IntegrityMonitoring
Intrusion Prevention
Firewall
WebReputation
Physical Servers Virtual Servers Cloud Desktop/Laptop
Any Hypervisor
Agent Based
VMware Hypervisor
Agent-Less
2012 Technology Alliance Partner of the Year
Improves Securityby providing the most secure virtualization infrastructure, with APIs, and certification
programs
Improves Virtualizationby providing security solutions architected to
fully exploit the VMware platform
2008 2009 2011
Feb: Join VMsafe
program
RSA: Trend Micro VMsafe demo, announces
Coordinated approach & Virtual pricing
RSA: Trend Micro announces virtual
appliance
2010:>100 customers
>$1M revenue
VMworld: Announce Deep Security 8
w/ Agentless FIM
1000 Agentless customers
VMworld: Trend virtsec customer, case study,
webinar, video
May: Trend acquires
Third Brigade
July:CPVM
GA
Nov: Deep Security 7with virtual appliance
RSA: Trend Micro Demos Agentless
2010
Q4: Joined EPSEC vShield
Program
VMworld: Announce
Deep Security 7.5
Sale of DS 7.5 Before GA
Dec: Deep Security 7.5w/ Agentless Antivirus
RSA: Other vendors
“announce” Agentless
Deep Security Virtual Appliance• Intrusion prevention• Firewall
Virtualization Security with Deep SecurityAgentless Security Platform for Private Cloud Environments
• Anti-malware• Web reputation• Integrity monitoring
VM VM VM
The Old Way
Security Virtual
ApplianceVM VM VM
With Deep Security
VM
EasierManageability
HigherDensity
FewerResources
StrongerSecurity
VM
More VMs
Anti-malware Scan Performance1st AM scan
2nd AM scan
(cached)
Scan time ~ 20x fasterSignificant DSVA CPU Reduction
Huge IO Volume Reduction
Shared Memory:Light and Lean
Classification 04/09/2023
11
Keeping a signature file inevery virtual desktop is
inefficient and unsustainable
Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations
3X higher VDI VM consolidation ratios
Increased ROI with Deep SecurityExample: Agentless Antivirus
VIRTUALIZATION SECURITY
Traditional AV
Agentless AV
0 10 20 30 40 50 60 70 80
VM servers per host
75
25
3-year Savings on 1000 VDI VMs = $539,600
CBRE UK – VDI Success
• 2000 Seats of VDI• 15,000 global rollout • Mobile Device Enabled• Operational Benefits
• Single Image• Easier Support • Reduced Capex
• Improved User Productivity
• EMEA rollout planned
Integrated Management
Deep Security 8.0VM Lifecycle • Creation
• Configuration• Deployment
• Dynamic update• V-Motion• Restart
vCenter….. Cloud Management
Secure the lifecycle of the VM VIRTUALIZATION SECURITY
Moving VM’s
Restarted VM
Self Service new VMs
Reconfiguring VM - Clones
Relevant Deep Security
Controls FIMDPI
FirewallAV
FIMDPI
FirewallAV
FIMDPI
FirewallAV
FIMDPI
FirewallAV
FIMDPI
FirewallAV
Recommendation Scan
vCenter
Profile Management
Deep SecurityManager
Agentless Protection with Virtual Appliance
Agent based Protection
Manual Updates
As Required
Pattern #file distribution
Vulnerability Identified
Rule defined and Incorporated in Pattern File
THREAT DATA
CUSTOMERS
THREAT INTELLIGENCE
Global Threat Intelligence with the Smart Protection Network
Identifies
Global We look in more
places
Broad We look at more
threat vectors
CorrelatedWe identify all components of
an attack
ProactiveWe block threats
at their source
1.15B Threat Samples Daily
90K malicious threats daily
200M Threats blocked daily
Automatic updates
Automatic or Customer Controlled
Deployment
Vulnerability Identified
Rule defined and Vulnerability shielded
Virtual Patching
VM VM VM VM
50-60 VMs per server
vShield
VA
Microsoft Patch Tuesday Business Critical AppsOther Vendors Regular ProcessTime ConsumingExpansiveUn Supported OS
Intermittent notification Change Freeze Zero Down time
No Regular notification Collaborative process
04/09/2023 21Confidential | Copyright 2012 Trend Micro Inc.
Virtual Patching Savings
VDI Example – Cost Breakdown per desktop; 4 year model
£1000 £1250 £875
£2480 £1160 £928
£1360 £440 £396
£4840 £2850 £2199
STD VDI VDI + Security
End to End Security Solution for EUC • Adds protection technology
– Virtual Patching– VDI Intelligence– DLP Lite– Encryption
• Adds management capabilities– Smartphones– Tablets – Mac
OfficeScan Console
Trend Micro Mobile Security 8.0
Mobile Device Management• Device Discovery• Device Enrollment• Device Provisioning• S/W Management• Remote Control• Reporting• Inventory Man.• Remote Locate• Summary Views
• Summery Reports
Mobile Device Security• Anti-Malware• Firewall • Web Threat Protection • Call Filtering• SMS/WAP Anti-Spam• Jail break detection
Data Protection
• Encryption Enforcement
• Remote Wipe• Selective Wipe• Remote Lock• SIM Change/ Watch• Feature Control / Lock• Password Policy
Application Management• App Black Listing• App White Listing• App Push• Required• Optional
• App Inventory
Centralised Policy Management – Single PlatformIntegrates directly into OfficeScan as a Plug in
Customer Benefits – Cost / Operations
• Capex – Reduced Hardware investment– Reduced software licensing – Software Product Consolidation
• Simplification– Software Consolidation– Reduction in Managed Elements – Heterogeneous Physical, Virtual or Cloud Management
• Operation Benefits – Standardised Profiles – Automated Updates – Virtual Patching