new horizons for end-user computing event - trend

Trend Micro Trend Micro 2013 EUC / VDI RoundTable

04/09/2023 1 Confidential | Copyright 2012 Trend Micro Inc.

Stephen Porter

Alliances & Global SI BDM

Stephen_porter@trendmicro.co.uk

Tel:07557154436

AdvancedTargetedThreats

EmpoweredEmployees

De-PerimeterizationVirtualization, Cloud

Consumerization & Mobility

Outside-in Perimeter Defense Isn’t Enough…

Source: Forrester

Challenge: Resource Contention

Typical Security

Console 09:00am Virus Definition Updates

Configuration Storm

Automatic security scans overburden the system

3:00am Integrity Scan

Destroys the business case for VDI

Cloned

Challenge: Instant-on Gaps

Dormant Active Reactivated with

out dated security

Reactivated and cloned VMs can have out-of-date security

Log Inspection

Anti-Virus

Detects and blocks known and zero-day attacks that

target vulnerabilities

Tracks credibility of websites and safeguardsusers from malicious urls

Reduces attack surface. Prevents DoS & detects

reconnaissance scans

Detects malicious and unauthorized changes to

directories, files, registry keys…

Optimizes the identification of important

security events buriedin log entries

Detects and blocks malware (web threats, viruses &

worms, Trojans)

Deep Security Virtual Appliance (or Agent)System, application and data security for servers

Protection is delivered via Agent and/or Virtual Appliance

6 protection modules

IntegrityMonitoring

Intrusion Prevention

Firewall

WebReputation

Physical Servers Virtual Servers Cloud Desktop/Laptop

Any Hypervisor

Agent Based

VMware Hypervisor

Agent-Less

2012 Technology Alliance Partner of the Year

Improves Securityby providing the most secure virtualization infrastructure, with APIs, and certification

programs

Improves Virtualizationby providing security solutions architected to

fully exploit the VMware platform

2008 2009 2011

Feb: Join VMsafe

program

RSA: Trend Micro VMsafe demo, announces

Coordinated approach & Virtual pricing

RSA: Trend Micro announces virtual

appliance

2010:>100 customers

>$1M revenue

VMworld: Announce Deep Security 8

w/ Agentless FIM

1000 Agentless customers

VMworld: Trend virtsec customer, case study,

webinar, video

May: Trend acquires

Third Brigade

July:CPVM

GA

Nov: Deep Security 7with virtual appliance

RSA: Trend Micro Demos Agentless

2010

Q4: Joined EPSEC vShield

Program

VMworld: Announce

Deep Security 7.5

Sale of DS 7.5 Before GA

Dec: Deep Security 7.5w/ Agentless Antivirus

RSA: Other vendors

“announce” Agentless

Deep Security Virtual Appliance• Intrusion prevention• Firewall

Virtualization Security with Deep SecurityAgentless Security Platform for Private Cloud Environments

• Anti-malware• Web reputation• Integrity monitoring

VM VM VM

The Old Way

Security Virtual

ApplianceVM VM VM

With Deep Security

VM

EasierManageability

HigherDensity

FewerResources

StrongerSecurity

VM

More VMs

Anti-malware Scan Performance1st AM scan

2nd AM scan

(cached)

Scan time ~ 20x fasterSignificant DSVA CPU Reduction

Huge IO Volume Reduction

Shared Memory:Light and Lean

Classification 04/09/2023

11

Keeping a signature file inevery virtual desktop is

inefficient and unsustainable

Sources: Tolly Enterprises Test Report, Trend Micro Deep Security vs. McAfee and Symantec, February 2011; Saving estimate based on VMware ROI calculations

3X higher VDI VM consolidation ratios

Increased ROI with Deep SecurityExample: Agentless Antivirus

VIRTUALIZATION SECURITY

Traditional AV

Agentless AV

0 10 20 30 40 50 60 70 80

VM servers per host

75

25

3-year Savings on 1000 VDI VMs = $539,600

CBRE UK – VDI Success

• 2000 Seats of VDI• 15,000 global rollout • Mobile Device Enabled• Operational Benefits

• Single Image• Easier Support • Reduced Capex

• Improved User Productivity

• EMEA rollout planned

Integrated Management

Deep Security 8.0VM Lifecycle • Creation

• Configuration• Deployment

• Dynamic update• V-Motion• Restart

vCenter….. Cloud Management

Secure the lifecycle of the VM VIRTUALIZATION SECURITY

Moving VM’s

Restarted VM

Self Service new VMs

Reconfiguring VM - Clones

Relevant Deep Security

Controls FIMDPI

FirewallAV

FIMDPI

FirewallAV

FIMDPI

FirewallAV

FIMDPI

FirewallAV

FIMDPI

FirewallAV

Recommendation Scan

vCenter

Profile Management

Deep SecurityManager

Agentless Protection with Virtual Appliance

Agent based Protection

Manual Updates

As Required

Pattern #file distribution

Vulnerability Identified

Rule defined and Incorporated in Pattern File

THREAT DATA

CUSTOMERS

THREAT INTELLIGENCE

Global Threat Intelligence with the Smart Protection Network

Identifies

Global We look in more

places

Broad We look at more

threat vectors

CorrelatedWe identify all components of

an attack

ProactiveWe block threats

at their source

1.15B Threat Samples Daily

90K malicious threats daily

200M Threats blocked daily

Automatic updates

Automatic or Customer Controlled

Deployment

Vulnerability Identified

Rule defined and Vulnerability shielded

Virtual Patching

VM VM VM VM

50-60 VMs per server

vShield

VA

Microsoft Patch Tuesday Business Critical AppsOther Vendors Regular ProcessTime ConsumingExpansiveUn Supported OS

Intermittent notification Change Freeze Zero Down time

No Regular notification Collaborative process

04/09/2023 21Confidential | Copyright 2012 Trend Micro Inc.

Virtual Patching Savings

VDI Example – Cost Breakdown per desktop; 4 year model

£1000 £1250 £875

£2480 £1160 £928

£1360 £440 £396

£4840 £2850 £2199

STD VDI VDI + Security

End to End Security Solution for EUC • Adds protection technology

– Virtual Patching– VDI Intelligence– DLP Lite– Encryption

• Adds management capabilities– Smartphones– Tablets – Mac

OfficeScan Console

Trend Micro Mobile Security 8.0

Mobile Device Management• Device Discovery• Device Enrollment• Device Provisioning• S/W Management• Remote Control• Reporting• Inventory Man.• Remote Locate• Summary Views

• Summery Reports

Mobile Device Security• Anti-Malware• Firewall • Web Threat Protection • Call Filtering• SMS/WAP Anti-Spam• Jail break detection

Data Protection

• Encryption Enforcement

• Remote Wipe• Selective Wipe• Remote Lock• SIM Change/ Watch• Feature Control / Lock• Password Policy

Application Management• App Black Listing• App White Listing• App Push• Required• Optional

• App Inventory

Centralised Policy Management – Single PlatformIntegrates directly into OfficeScan as a Plug in

Customer Benefits – Cost / Operations

• Capex – Reduced Hardware investment– Reduced software licensing – Software Product Consolidation

• Simplification– Software Consolidation– Reduction in Managed Elements – Heterogeneous Physical, Virtual or Cloud Management

• Operation Benefits – Standardised Profiles – Automated Updates – Virtual Patching