Datacenter 2014: Trend Micro - Bill MCGee

Security Designed for the Software-Defined Data Center

04/10/2023 Confidential | Copyright 2013 Trend Micro Inc.

Bill McGeeSVP and General Manager, Cloud and Data Center SecurityTrend MicroMarch 13, 2014

Copyright 2014 Trend Micro Inc. 2

Have you simply “lifted-and- shifted”

your traditional security to your software-defined

data center?


Many organizations are experiencing the following…

• Minutes to deploy a server…weeks to secure it

• Virtually scale beyond physical limits… until you hit your security limit

• Servers that share resources…security that consumes it

Attackers

Potential Risks

• Vulnerability in server exploited to introduce malicious code

• Company must restrict access to certain applications

• Admin makes changes to known good configuration

• Hacker attempts a SQL injection attack

• Brute force authentication attack is executed

Software-defined data center changes the game

The opportunity:Automate and optimize security as part of your data center operations


Security principles remain the same;APPROACH to security must change

CONTEXT Workload and application-aware

SOFTWARE Security that evolves with the data center

PLATFORM Single platform for data center and cloudSiloed

Generic

Hardware

ADAPTIVE Intelligent, dynamic policy enforcement Automated provisioning specific to platform

Static

3/13/2014Copyright 2014 Trend Micro Inc. 6

New approach can improve data center operations

Provision security automatically within a data center

Manage security effectively and efficiently as you scale

Optimize data center resources


Extend to cloud with confidence

Provisioning securely within a dynamic data center

How do you: • Secure the VM the moment it is provisioned?• Apply the right policies to that VM? • Reduce the time to provision without

compromising on security? • Securely bring up/down/move your VMs?


Provisioning InfrastructurevCenter, AD, vCloud and

AWS

SAP

ExchangeServers

Oracle

Web Servers

Web Server

Automate security as part of your operations • Gain visibility into environment using

vCenter and vCloud Director integration

• Recommend and apply policies automatically - specific to your data center

• Automatically scale up and down as required—with no security gaps

19Rules

15Rules

73Rules

8Rules

28Rules








Management Challenge: Keeping up-to-date

How do you:• Quickly and easily identify an issue? • Keep up to date with patches? • Manage multiple controls as you execute your

strategy for your data center and cloud?


Protect even before you patch

• Protect against vulnerability exploits before patches available

• Save money avoiding costly emergency patching

• Patch at your convenience

Vulnerability Disclosed orExploit Available

Patch Available

CompleteDeployment

Test

Soak

Exposure

Begin Deployment

PatchedTrend Micro Virtual Patching








Optimized for your virtual environments

Network Usage

Scan Speed

CPU/Memory Usage

IOPS

Storage

ESXi

SAN


Proven impact on data center resources

18

Scan Cache

*All results based on internal testing using VMware View simulators

Up to 20X Faster* Full Scans

Up to 5X Faster Realtime Scans

Up to 2X Faster VDI Login







Extend to external or public cloud with confidence

Public Cloud: Affects every organization

Public cloud extension of Private Cloud by I.T. (Bursting) Business groups Bypass IT to use Public CloudPrivate Cloud forced to take on attributes of Public Cloud (ITaaS)

Copyright 2013 Trend Micro Inc.

20

Security in the cloud is a Shared Responsibility

Partner Eco-System• Operating Systems• Application• Security Groups• OS Firewalls• Anti-Virus• Account Management• Storage Encryption

• Facilities• Physical Security• Physical Infrastructure• Virtualized Infrastructure

Cust

omer

D

omai

nAW

S D

omai

nFoundation Services

Compute Storage Database Networking

AWS Global Infrastructure

EdgeLocations

Availability Zones

Regions

Enterprise Applications

Enterprise Operation Systems

Cloud Deployment Dynamics

Instance Awareness• Dynamic real-time security

visibility and response

Complexity• Supporting multi-region

and global deployments

Scale & Automation• Elastic services and

applications managed with new tools Data Protection

• Protection of all data across boot & data volumes

Purchasing• Ability to purchase

security aligned to cloud models

Common Management & Reporting

Security platform for the modern data center

3/13/2014Copyright 2014 Trend Micro Inc. 25

Data Center

Physical Virtual Private Cloud Public Cloud

• Address security across ALL your environments• Comprehensive security to address varying risk

Log Inspection

Anti-Malware

Intrusion Prevention

HostFirewall

IntegrityMonitoring

100% of the top 10 automotive

companies.

96% of the top 50 global

corporations.

100% of the top 10 telecom

companies.

80% of the top10 banks.

90% of the top10 oil companies.

Global Threat IntelligenceNew malware every ½ secondCEO

FoundedHeadquarters

EmployeesOffices

2012 Sales

Eva Chen1988, United StatesTokyo, Japan5,13736$1.2B USD

A world safe for exchanging digital information


Thank you!

Copyright 2014 Trend Micro Inc.

Datacenter 2014: Trend Micro - Bill MCGee

Technology

dynamic data center

softwaredefined data

security gaps

traditional security

security principles

rules copyright

security limit servers

confidential copyright