Upload
digicomp-academy-ag
View
997
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Copyright 2009 – Trend Micro Inc.
Richard Javet • Channel Account Manager Schweiz
Gabriel Kälin • Sales Engineer Schweiz
Wie Trend Micro virtuelle Umgebungen zukunftsweisend schützt
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 2
Trend Micro
A global leader in Internet content security advancing threat management technology to secure data against a wide range of threats
EVA CHENCEO and Co-Founder
1000+ Threat Experts
FoundedUnited States in 1988
HeadquartersTokyo, Japan
Employees4,850
Market Content Security
Locations Operations in 23 Countries
MISSION
Innovate to provide the best content security that fits into the IT infrastructure
VISION
A world safe for exchanging digital information
$1 Billion Annual Revenue
Largest Security Company Headquartered Outside US
Top 3 in Messaging, Web and Endpoint Security
A Leader in Virtualization and Cloud Computing Security
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 3
Security That Fits: IT Infrastructure
Trend Micro innovation enables benefits of next-generation IT platforms
1st LANServerSecurity
1st GatewaySecurity
1st ThreatManagementSolution(Network)
1st in NetbooksSecurity
1st IntegratedVirtualizationSecurity
1st CloudComputingSecurity
(Coming)
Back to Security that Fits
Copyright 2009 Trend Micro Inc.04/08/2023 6Classification
Smart Protection Network Correlation
TROJ_CHOST.E
A lot can
happen in a
minute
EMAILREPUTATION
WEBREPUTATION
FILEREPUTATION
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 10
Security That Fits: Customer Environment
Trend Micro’s ubiquitous protection secures your data wherever it resides
Hosted SecuritySmart
Phones
Servers
Netbooks
PSP/PS3
Routers
Cloud Computing
Virtual Servers
Security Appliances
Networks
Windows/OSX
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 11
Agentenloser Schutz mit Deep SecurityAn die Virtualisierung angepasste Sicherheit
Copyright 2009 Trend Micro Inc.
Angriffe unter virtuellen Maschinen1
Herausforderung der virtuellen Sicherheit
Copyright 2009 Trend Micro Inc.
Aktiv
Ruhend
Reaktiviert mitveralteter Security
Instant-on Lücken2
Herausforderung der virtuellen Sicherheit
Neue VMs
Copyright 2009 Trend Micro Inc.
Resourcen Engpässe
Standard AV Konsole
3:00 Uhr Scan
3
Herausforderung der virtuellen Sicherheit
Copyright 2009 Trend Micro Inc.
Patchen der
Clients
Patternverteilen
Provisionierung neuer VMs
Komplexes Management4
Herausforderung der virtuellen Sicherheit
Neukonfigurationder Agenten
Copyright 2009 Trend Micro Inc.19
Tage bis zur ersten Ausnutzung der Sicherheitslücke
2003MS- Blast
28 Tage
2004Sasser
18 Tage
2005Zotob
10 Tage
2006 … WMF
Zero-day Zero-day
Ausnutzen der Sicherheitslücken bevor ein Patch zur Verfügung steht
2010IE zero-day
“Microsoft today admitted it knew of
the Internet Explorer flaw used in the
attacks against Google and Adobe
since September last year.”
-- ZDNet, January 21, 2010
Copyright 2009 Trend Micro Inc.
Selbstschützende Anwendung
Firewall, IPS, Virenschutz...
Vision eines neuen Sicherheitsmodells für Datenzentren
Anw1
BS1
VM1
Hypervisor
„Der virtuelle Host muss sich selbst schützen“
!
Integration von VM- und Netzwerk-Sicherheit
Anw3
BS3
VM3
!
! !
! !!
Copyright 2009 Trend Micro Inc.
Deep SecurityServer & Application Protection
22
PHYSICAL VIRTUAL CLOUD
Deep Packet Inspection
IDS / IPSWeb App.Protection
ApplicationControl
FirewallIntegrity
MonitoringLog
InspectionAnti-
Malware
Copyright 2009 Trend Micro Inc.
Deep Security Product Components
Deep SecurityManager
Security Center
Alerts
SecurityProfiles
SecurityUpdates
Reports
IT InfrastructureIntegration• vCenter• SIEM• Active Directory• Log correlation• Web services
23
Deep Security Agent
Deep Security Virtual Appliance
PHYSICAL VIRTUAL CLOUD
Copyright 2009 Trend Micro Inc.
25
VMware vSphere 4.1
VMwarevCenter
Deep SecurityVirtual Appliance
Deep Security Coordinated Approach
FirewallDPI, AV Protection
Copyright 2009 Trend Micro Inc.
Security Virtual Appliance
VM
APP
OS
Kernel
BIOS
ESX 4.1
vSphere Platform
VM
APP
OS
Kernel
BIOS
Guest VM
OS
DeepSecurityManager
vShield Endpoint Library
Architektur: Agentenloser Malwareschutz
Anti-malware Scanning Module
vShield Endpoint ESX Module
vCenter
On Access Scans
On Demand Scans
Vshield Guest Driver
vShield Manager 4.1
EPsec Interface
VI Admin
Security Admin
Remediation
Caching & Filtering
APPsAPPs
APPs
RE
ST
StatusMonitor
Copyright 2009 Trend Micro Inc.
Real-Time Scan
Demo: Deep Security 7.5 Viren über Hypervisor erkennen
Classification 04/08/2023 28
VMware vSphere 4 mit vShield Endpoint
Deep Security Virtual Appliance
Scheduled Scan
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 29
Secure CloudWie kann ich in der Cloud Kontrolle über meine Daten behalten?
Copyright 2009 Trend Micro Inc.
Who Has Control?
Servers Virtualization & Private Cloud
Public CloudPaaS
Public CloudIaaS
End-User (Enterprise) Service Provider
Public CloudSaaS
30Trend Micro Confidential 04/08/2023
Copyright 2009 Trend Micro Inc.
SecureCloud: Enterprise Controlled Data Protection for the Cloud
31
Enterprise Key
Hypervisor
VM
SharedStorage
Cloud Service ProviderEnterprise Datacenter or SaaS Offering
Trend MicroCloud Security
Console
CorporateApp
My Data
Copyright 2009 Trend Micro Inc.
A New Security Architecture For A New EraAll environments should be considered un-trusted
Users access app
Data encrypted within the server
Host defends itself from attack
Encrypted Data
Encryption keys controlled by you
DataData
Public CloudDatacenter
Data
Trend Micro Confidential04/08/2023 32
Deep Security
SecureCloud
SecureCloud:• Facilitates movement between
datacenter & cloud• Delivers control, security and
compliance through encryption• Avoids service provider lock-in• Enables secure storage recycling
Copyright 2009 Trend Micro Inc.Classification 04/08/2023 33
VDI Schutz mit OfficeScanWie kann der Desktop effizient geschützt werden?
Copyright 2009 Trend Micro Inc.
OfficeScan 10.5: Optimiert für VDI
• Unterscheidet virtuelle und physikalische Endgeräte– Mit VMware View– Mit Citrix XenDesktop
• Serialisiert Updates und Scans – Kontrolliert die Anzahl gleichzeitiger Scans und Updates– Erhält die Verfügbarkeit und Performance der VDI Hosts– Schneller als gleichzeitiger Ansatz
• Nutzt VDI Provisionierung für kürzere Scan-Dauer– Base-Images können vorab gescannt und Whitelist erstellt werden– Verhindert mehrfach-Scans gleicher Dateien– Nochmalige Senkung der benötigten Ressourcen
Copyright 2009 Trend Micro Inc.
Demo: OfficeScan 10.5 Uneingeschränkte VDI Performance
Classification 04/08/2023 37
Citrix oder Vmware Hypervisor
Scheduled Scan
Copyright 2009 Trend Micro Inc.
Vielen Dank!
Classification 04/08/2023 38