4. 2013 Trend Micro
25th Anniversary
Active Dormant
Reactivated with
out-of-date security
Instant-on gaps2
Challenges of Virtualization Security
New VMs
5. 2013 Trend Micro
25th Anniversary
Resource contention
Typical AV
Console
3:00am Scan
3
Challenges of Virtualization Security
6. 2013 Trend Micro
25th Anniversary
Patch
agents
Rollout
patterns
Provisioning
new VMs
Complexity of Management4
Reconfiguring
agents
Challenges of Virtualization Security
8. 2013 Trend Micro
25th Anniversary
Q & A
VMUG - IT
CLOUDITALIA
Delio Trapani – DataCenter Director
9. 2013 Trend Micro
25th Anniversary
PHYSICAL VIRTUAL CLOUD
Integrity
Monitoring
Integrity
Monitoring
Log
Inspection
Log
Inspection
Anti
Malware
Anti
Malware
FirewallFirewall
Deep Packet
Inspection
Deep Packet
Inspection
Agent-less
Deep Security Platform Overview
10. 2013 Trend Micro
25th Anniversary
10
Firewall
• Centralized management of server
firewall policy
• Pre-defined templates for common
enterprise server types
• Fine-grained filtering: IP & MAC
addresses, Ports
• Coverage of all IP-based protocols:
TCP, UDP, ICMP, IGMP …
Deep Packet Inspection
• Enables IDS / IPS, Web App Protection,
• Application Control
• Examines incoming & outgoing traffic for:
• Protocol deviations
• Content that signals an attack
• Policy violations
• Shields vulnerabilities from exploit until the
next maintenance window
Integrity Monitoring
• Monitors critical files, systems and
registry for changes
• Files, directories, ports, registry
keys and values, etc.
Log Inspection
• Collects & analyzes operating system and
application logs for security events
• Rules optimize the identification of important
security events buried in multiple log entries.
Anti Malware
• Agent-Less Real Time Scan
• Agent-Less Manual and Schedule Scan
• Zero Day Protection
• Agent-Less Remediation
• API Level Caching
Deep Security Modules
11. 2013 Trend Micro
25th Anniversary
• vSphere preparation
vShield Manager 5.X installation:
- Network setup
- Web console setup
- vShield Endpoint installation on each host
Deep Security deployment
12. 2013 Trend Micro
25th Anniversary
• Install Deep Security Manager
• Check license & import filter driver & DSVA
• Add vCenter to DSM console
• Prepare ESX host
• Deploy and configure DSVA
• Activate DSVA
• Install vShield Endpoint on VMs (VMware tools)
• Activate and assign a security policy to VMs
• Eicar Virus test
Deep Security deployment