1 / 14

Server Security Press Presentation

Server Security Press Presentation. Harish Agastya, Director Server Security Product Marketing. Deep Security: Securing the New Server. Cloud . Virtualized. Physical. Servers in the open. Servers virtual and in motion . Servers under attack . 2. 7/31/2014. 2. Internal Training.

keiji
Download Presentation

Server Security Press Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Server SecurityPress Presentation Harish Agastya, Director Server Security Product Marketing

  2. Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion • Servers under attack 2 7/31/2014 2 Internal Training

  3. Threat Environment More profitable $100 billion: Estimated profits from global cybercrime -- Chicago Tribune, 2008 More sophisticated, malicious & stealthy “95% of 285 million records stolen in 2008, were the result of highly skillful attacks” “Breaches go undiscovered and uncontained for weeks or months in 75% of cases.” -- Verizon Breach Report, 2009 More frequent "Harvard and Harvard Medical School are attacked every 7 seconds, 24 hours a day, 7 days a week.” -- John Halamka, CIO More targeted “27% of respondents had reported targeted attacks”. -- 2008 CSI Computer Crime & Security Survey

  4. “99.9% of records were compromised from servers and applications” 2009 Data Breach Investigations Report conducted by Verizon Business RISK Team

  5. High profile breaches May-2008: Security breach cost $12.6 million so far, including legal costs and fines from MasterCard and Visa. More >> Dec-2008: DNS hijacking puts 5,000,000 check processing accounts at risk. More >> Dec-2008: PII of 1.5M customers& 1.1M Social Security Numbers. More >> Mar-2009: Hackers hijack PII for 45,000 employees & retirees. More >> Aug-2007: Hackers placed software on the company’s network, and steal 45 M credit card #’s. Costs soar to $256 M. More >> May-2009: Hackers broke into 2 databases over a 6 month period, and exposed the data of 160,000+ students. More >>

  6. Verizon 2009 Data Breach Investigations

  7. Compliance Imperative • More standards: • PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS… • More specific security requirements • Virtualisation, Web applications, EHR, PII… • More penalties & fines • HITECH, Breach notifications, civil litigation “ DMZ consolidation using virtualisation will be a "hot spot” for auditors, given the greater risk of misconfiguration and lower visibility of DMZ policy violation. Through year-end 2011, auditors will challenge virtualized deployments in the DMZ more than nonvirtualized DMZ solutions. Neil MacDonald, Gartner, June 2009 ”

  8. Virtual Machines Need Specialized Protection 1. Same threats in virtualized servers as physical: • OS & Application vulnerabilities and Configuration errors allow Malware to attack & infect 2. Plus Dynamics of virtualisation causes some new challenges: • Dormant VMs • Resource contention • VM Sprawl • Inter-VM traffic • vMotion 8

  9. Trend Micro Server Security Value Proposition

  10. Trend Micro Deep Security Advanced Server & application protection for: VIRTUAL CLOUD PHYSICAL Deep Packet Inspection Firewall Integrity Monitoring Log Inspection Malware Protection IDS / IPS Web App. Protection Application Control

  11. Why They Buy: Plays for Deep Security • Compliance • Reason to do it today • Internal compliance, security policy • External compliance, like PCI, FISMA, NERC, FDIC, SAS 70… • Detailed reporting, audit support • Virtualisation Security • Reason to revisit security practices • Provides security necessary to achieve100% virtualisation • Enables mobility and evolution to cloud computing • Defense in Depth / Business Continuity • Best practice • Preventing data breach and business disruption • Zero-day protection and virtual patching • Detecting suspicious activity 7/31/2014 11 Confidential

  12. Internal Training Deep Security 7 Modules Deep Packet Inspection Integrity Monitoring • Enables IDS / IPS, Web App Protection, • Application Control • Examines incoming & outgoing traffic for: • Protocol deviations • Content that signals an attack • Policy violations. • Monitors critical files, systems and registry for changes • Critical OS and application files (files, • directories, registry keys and values) • Flexible, practical monitoring through includes/excludes • Auditable reports Firewall Log Inspection • Centralized management of server • firewall policy • Pre-defined templates for common • enterprise server types • Fine-grained filtering: IP & MAC • addresses, Ports • Coverage of all IP-based protocols: • TCP, UDP, ICMP, IGMP … • Collects & analyzes operating system • and application logs for security • events. • Rules optimize the identification of • important security events buried in • multiple log entries.

  13. Deep Security: Key benefits • Shield vulnerabilities in web apps, enterprise apps OSs • Detect & block suspicious activity • Internal policies • PCI & other requirements • Detailed reports document prevented attacks & compliance status Prevents Data Breaches & Business Disruptions Enables Compliance Supports Operational Cost Reductions • Prioritize secure coding efforts • Manage unscheduled patching • Provides security necessary to realize virtualisation savings • Increased value from SIEM investments

  14. Questions? Laura Maio Harish Agastyalaura_maio@trendmicro.comharish_agastya@trendmicro.com+1 613-270-5531 +1 408-850-1082

More Related