trend micro - your journey to the cloud, where are you
DESCRIPTION
Nick Black, Senior Technical Manager at Trend Micro spoke at the CIO Event (dot) com/meTRANSCRIPT
Copyright 2011 Trend Micro Inc.
www.trendmicro.com
TREND MICRO: SECURING YOUR JOURNEY TO THE CLOUD
04/12/231
Copyright 2011 Trend Micro Inc.
Nick Black
Trend Micro
The Journey to Cloud
Copyright 2011 Trend Micro Inc.
Cloud Application
Consumerization and Mobility
Cloud Data
The Four Pillars of the Cloud Revolution
Cloud Infrastructure
Hybrid Cloud Management
• Physical • Virtual• Cloud
Unique Set of Security Challenges in Cloud Era
Cloud Infrastructure
Mobile Device Management
Data Protection
Cyber Attacks
Copyright 2011 Trend Micro Inc.
Consumerization of IT
• Popular new consumer technology spreads into business organizations
• IT and consumer electronics converge as the same devices are used for work and play
• Power shifts from corporate IT and enterprise vendors (IBM, HP) to end users and innovative consumer vendors (Apple, Google)
“Consumerization will be the most significant trend affecting IT during the next 10 years” Gartner
Copyright 2011 Trend Micro Inc.
Consumerization: why now?
• Affordable products and services• Simple, intuitive, easy to use• Pervasive fast network connectivity• Abundance of content & applications
5 Copyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc.
30K Android Malware
• 10K: Middle of 2012!
• 100K: End of 2012!
http://blog.trendmicro.com/how-big-will-the-android-malware-threat-be-in-2012/
Copyright 2011 Trend Micro Inc.
Advanced Persistent Threats
EmpoweredEmployees
Elastic Perimeter
Copyright 2012 Trend Micro Inc.
Trend Micro evaluations find over 90% of enterprise networks contain active
malicious malware!
Traditional Security
Copyright 2011 Trend Micro Inc.
Data Protection
Data
• Self-Secured Workload
• Local Threat Intelligence
• When-Timeline Aware
• Who-Identity Aware
• Where-Location Aware
• What-Content Aware
• User-defined Access Policies
• Encryption
All network-connected data must be able to defend itself from attacks
Integrated Security Across PlatformsInside-out Security : smart context aware security
Inside-Out Security
Endpoints Datacenters
8
Copyright 2011 Trend Micro Inc.
Who is responsible for security?
• With IaaS the customer is responsible for VM-level security
• With SaaS or PaaS the service provider is responsible for security
Public CloudPaaS
Public CloudIaaS
Servers Virtualization & Private Cloud
End-User (Enterprise) Service Provider
Public CloudSaaS
Cloud SecurityCloud Security
Cloud Models: Who Has Control?
904/12/23
Copyright 2011 Trend Micro Inc.
PhysicalDesktops & Servers
DesktopVirtualization
Server Virtualization
Private Cloud
Hybrid Cloud Public Cloud
Mobile
BYOPC
Journey to the CloudJourney to the Cloud
Where is Your Data?
1004/12/23
Safe Harbour
USA Patriot Act
Copyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc.
APTs -- The Challenges
Sophisticated Social Engineering1.People is the weakest link
2.Spear phishing3.Employee training
Stealthy Behavior1.Low profile – may be dormant for months
2.Leverage employee credentials and privileges3.Noise from network IDS/IPS technology
Zero-day Vulnerabilities1.Patch management
2.Thousands of endpoints3.Servers in datacenters can’t be patched…right away
13
Copyright 2011 Trend Micro Inc.
Deep Discovery: APT Hunter
Specialized Threat DetectionAcross the Attack Sequence
Malicious Content•Emails containing embedded
document exploits•Drive-by Downloads
•Zero-day and known malware
Suspect Communication•C&C communication for any
type of malware & bots•Backdoor activity by attacker
Attack Behavior•Malware activity: propagation,
downloading, spamming . . .•Attacker activity: scan, brute force, service exploitation . . .
•Data exfiltration communication
14
Network Inspection Platform
Network Visibility, Analysis & Control
Deep Discovery
• Visualization• Analysis• Alarms
• Reporting
Network Inspection Platform
ThreatDetection
Virtual Analyzer
WatchList
Threat Connect
SIEMConnect
Copyright 2011 Trend Micro Inc.
GLOBAL SENSORNET(via agents, community, customers, threat
researchers and more)
THREAT-ACTORSFILES
MOBILE/APPS
EXPLOIT KITS
URLS
IP ADDRESSES
NETWORK TRAFFIC
DOMAINS
VULNERABILITIES
Copyright 2011 Trend Micro Inc.
GLOBAL THREAT INTELLIGENCE
FILEREPUTATION
WEBREPUTATION
EMAILREPUTATION
WHITELISTING
VULNERABILITIES/ EXPLOITS
MOBILE APPREPUTATION
NETWORK TRAFFIC RULESexpanded
expanded
Copyright 2011 Trend Micro Inc.
VM
VMware VirtualizationVMware VirtualizationSecurity
Virtual Appliance
VM VM VM VM
• Agentless security
• Layered server security
• Encryption for vSphere
Private CloudPrivate Cloud
• Agentless security• Layered server security
Security Virtual
ApplianceVM VM VM
Public CloudPublic CloudServer security console
• Shared policy profile
• Virtual patching
VM
VM VM VMVM
• Encryption for vCloud• Compliance support
(FIM, Encryption, etc.)
Encryption console
• Shared policy profile
• Key ownership
• Agent-based security
• Layered server security
• Encryption for leading cloud providers
• Compliance support (FIM, Encryption, etc.)
VM
Virtualization and Cloud SecurityVirtualization and Cloud Security
One Security Model
1704/12/23
Copyright 2012 Trend Micro Inc.
Copyright 2011 Trend Micro Inc.
Trend Micro
Worldwide Endpoint SecurityRevenue Share by Vendor, 2010
Source: IDC, 2011
Trend Micro
Source: 2011 Technavio – Global Virtualization Security Management Solutions
Source: 2012 Technavio – Global Cloud Security Software Market
Trend Micro is No.1 in Server, Virtualization, & Cloud Security
Why is Trend Micro an Expert? Why is Trend Micro an Expert?
#1 in Cloud Security
#1 in Virtualization Security
#1 in Server Security
Trend Micro
Trend Micro
Copyright 2011 Trend Micro Inc.
www.trendmicro.com
TREND MICRO: SECURING YOUR JOURNEY TO THE CLOUD
04/12/2319