officescan 10.5 vdi-aware endpoint security
DESCRIPTION
OfficeScan 10.5 VDI-aware endpoint security. Datacenter-hosted virtual desktop infrastructure. User Operating environment Virtual machine on an central server Accessed from existing hardware or a thin client Can be accessed from anywhere Home PC over VPN BYOC Analysts view: - PowerPoint PPT PresentationTRANSCRIPT
Copyright 2009 Trend Micro Inc.
OfficeScan 10.5VDI-aware endpoint security
Copyright 2009 Trend Micro Inc.
Datacenter-hosted virtual desktop infrastructure
Virtual Desktop I nfrastructure
Local OS
Terminal SW
VMM
APP
OS
APP
OS
RDP / PCoIP / HDX
APP
OS
APP
OS
Virtual Desktop I nfrastructure
Local OS
Terminal SW
VMM
APP
OS
APP
OS
RDP / PCoIP / HDX
APP
OS
APP
OS
User Operating environment• Virtual machine on an central server• Accessed from existing hardware or a thin client• Can be accessed from anywhere
• Home PC over VPN• BYOC
Analysts view:
Gartner:“[VDI] will undergo an explosive growth...“
Enterprise strategy group:”60% of enterprises have a VDI strategy“
Forrester:“three-quarters of firms now have client virtualization on their IT agenda for the next 12 months“
Copyright 2009 Trend Micro Inc.
Reasons for VDI-adoption:
• Lower operational cost than physical hardware– Easier Deployment, Patching, Application Provisioning
• Extended desktop hardware lifecycles – Windows 7 adoption funds get reassigned to VDI
• Security and data protection– Data never leaves the data center
• Regulatory compliance (PCI, HIPAA, etc.)– More tightly controlled environment
Copyright 2009 Trend Micro Inc.
VDI Risks
• Malware risk potential: Identical to physical desktops– Same operating systems
– Same software
– Same vulnerabilities
– Same user activities
=> Same risk of exposing corporate and sensitive data
• New challenges, unique to VDI:– Identify endpoints virtualization status
– Manage resource contention• CPU
• Storage IOPs
• Network
Copyright 2009 Trend Micro Inc.
Resource Contention
• The “9-AM problem”– Multiple users log in and get updates at the same time
• Scheduled scans– Adds significant load to the endpoint– Multiplied by number of VMs
Cumulative system load
Customers had to completely disable Security in their VDI environments!
Copyright 2009 Trend Micro Inc.
OfficeScan 10.5 has VDI-intelligence
• Detects whether endpoints are physical or virtual– With VMware View– With Citrix XenDesktop
• Serializes updates and scans per VDI-host– Controls the number of concurrent scans and updates per VDI host– Maintains availability and performance of VDI host– Faster than concurrent approach
• Leverages Base-images to further shorten scan times– Pre-scans and white-lists VDI base-images– Prevents duplicate scanning of unchanged files on a VDI host– Further reduces impact on the VDI host
Copyright 2009 Trend Micro Inc.
OfficeScan 10.5 has VDI-intelligence
• With OfficeScan 10.5, customers can run more than
double the number of desktop images per host –
without sacrificing security
• Investment in OfficeScan‘s VDI plug-in pays for itself:
– In less than 3 months with 1000 users*
– In less than 2 months with 2500 users*
*: assuming average cost of $8000 per VDI server and the deployment of standard endpoint security
Customers no longer have to choose
between Security and Return On Investment
Copyright 2009 Trend Micro Inc.
Integration with Citrix Receiver
• BYOC
– Users bring their own computers
– Ensure protection before granting access
• OfficeScan 10.5
– Deploys through Citrix Receiver
– Secures endpoints as a self-service application
– Easy provisioning of OfficeScan clients to enduser devices
– Supports consumerization no trade-off in security
Copyright 2009 Trend Micro Inc.
Windows 7 support
• Logo-certification as compatible with Windows 7– Supports XP, Vista, Win7
– Windows POSReady, Windows Embedded Enterprise
– Supports Server 2003, 2003R2, 2008 and 2008R2
• Integrates with Windows 7 Action Center
• Support for 32 and 64 bit environments
• Easy migration from physical to virtualdeployments accross versions of Windows
Copyright 2009 Trend Micro Inc.
Local File Reputation AND Web Reputation
Corporate Network
Internet
Local Smart Protection Network Server
Query CRC/URL
Immediate response
FILE REPUTATIONWEB REPUTATION
Constant, real-time updates happen in the cloud
Query CRC/URL
Immediate response
New: Local Web-reputation:
• Privacy mode
• Proxy mode
• Improves user experience
New: Local Web-reputation:
• Privacy mode
• Proxy mode
• Improves user experience
Copyright 2009 Trend Micro Inc.
Enterprise-class management
• Unified management for physical and virtual endpoints
• Increased management scalability– 20,000 or more endpoints per management server (up from 8000)– Allows consolidation of management stations
• Improved Role-based administration– More granular– Controls applicable to the client-tree segregate customers/regions
• Improved Active Directory Integration– Sync changes to AD– Improved Security compliance reports
Copyright 2009 Trend Micro Inc.
Summary
• Industry‘s first VDI-aware endpoint security solution– Optimized for physical and virtual desktops– Optimizes VDI Return on Investment– Pays for itself in 3 months or less
• Best security for Windows 7
• Local Smart Protection Network Server– File Reputation and Web Reputation in the local cloud– Optimizes performance and privacy
• Management enhancements– Enables management server consolidation– More granular Role-based Administration– Leverages Active Directory
Copyright 2009 Trend Micro Inc.
Questions & Answers