• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Business   »   Cloud to Desk: Advanced Security for the SDDC

Cloud to Desk: Advanced Security for the SDDC

  • Posted on:August 28, 2015
  • Posted in:Business, Cloud Security, Security, Virtualization
  • Posted by:
    Mike Smith
0

VMworld 2015 kicks off this weekend in San Francisco and one of the big things attendees are anxious to hear more about is how organizations have started relying on VMware NSX as the centerpieces of their software-defined data centers.

In a recent interview with Virtualization Review, VMware CEO Pat Gelsinger shared that, “According to IDC, over 70 percent of midsize to large organizations will initiate major network redesigns over the next three years. We’re seeing that momentum today. Customers are increasingly seeking to transform their network and security operations due to the current limitations of the network architectures in their datacenters.”

NSX Network Virtualization as the foundation of a Software-defined Data Center (SDDC) is gaining rapid momentum. Trying to “lift and shift” existing legacy physical security to the software-defined data center has proven to be a big mistake. Virtualized environments require security that was built specifically to support them.  NSX includes native security capabilities and platform level automation for security operations.

Yesterday’s Security Won’t Cut It

Traditional perimeter-based security models severely lack the capability to extend unit level protection to data center workloads and keep up with the dynamic nature of the cloud. This results in insufficient visibility into east-west traffic, and when malware makes its way into the data center, there is little control to block and isolate the attack inside the data center. Additionally, manual security configuration and patching remains one of the biggest areas of exposure for corporations as hackers are quick to exploit any holes they can find. And the dynamic nature of today’s data centers makes keeping up with basic security even more difficult as workloads are spun up and down and security policies have to be moved or reconfigured with the workloads.

Automating comprehensive security inside the data center

The VMware NSX networking and security platform combined with Trend Micro’s Deep Security enables customers to have the same high level of security that they have for perimeter defense inside the data center – in effect, moving the perimeter to the workload and making it possible to have security that not only works, but is also be flexible, scalable, efficient, and fast.

Better security

The joint solution extends micro-segmentation—isolation of virtual clusters of workloads, even to the individual VM level—via distributed firewalling made possible by NSX. Deep Security extends micro-segmentation via multiple security controls including IDS/IPS, anti-malware, virtual patching, URL filtering, file integrity monitoring, and log inspection. This approach reduces the attack surface within the data center vs. perimeter security.

Faster security

Deep Security has long offered network and endpoint introspection through vSphere with the ability to easily provision existing and new virtual machines (VMs). New integration capabilities delivered through NSX automation and Service Composer will further streamline the provisioning and deployment processes, making insertion, orchestration, and scaling of Deep Security significantly faster and easier across your data center.

More efficient security

Through the use of a new common NSX tagging and orchestration framework, Deep Security services can be inserted as part of an automated, defined workflow for each security group, which is configured in NSX. The user can choose to automate real-time remediation and incident response during attacks. This reduces risk of human error in the configuration process and also prevents proliferation of threats that do appear in the data center by isolating them and removing them once detected. 

The Automated Security Advantage

The Trend Micro Deep Security solution builds on the VMware NSX distributed service platform for automated insertion, deployment, and orchestration of security services in the Software-Defined Data Center. The NSX service composer allows Deep Security protections to be applied when and where they are needed for virtual machines and applications. NSX workflow automation allows Deep Security to scale on demand and manages dynamic responses to emerging threats. Integration with the NSX Service Composer simplifies security operations while improving visibility and coordinating activity with data center operations teams and application owners.

NSX

Integrate: Trend Micro Deep Security integrates with VMware vCenter and VMware NSX manager with a “wizard application” to collect connection information and authentication credentials. As an extension of NSX advanced security services, Deep Security is now a service, available to all ESX hosts, applicable to every virtual machine and virtual network segment. Now Deep Security can provide both NSX Guest Introspection and Network Introspection Services from the same security virtual appliance (SVA).

Deploy: Deployment of Deep Security is automated by NSX for each ESXi host of the cluster. As new hosts are added, NSX will automatically load the Deep Security Virtual Appliance on each new host—ready to provide protection to the virtual system and enforce defined security policy.

Automate: Deep Security services use VMware’s NSX (Service Composer) security groups for automatic workflow capabilities using Event-Based Tasks and service chaining. 

Visit us at VMworld (Booth #1505)

We are excited to continue the conversation with lots of VMware customers starting this weekend in San Francisco. We hope to see you at our booth. Trend Micro is the experienced leader in server security and delivers a comprehensive security platform optimized for the VMware environment. Please join us in our booth (#1505) at VMworld for a personal demonstration showing how we can help secure your VMware deployments.

While at attending VMWorld, you are invited to attend the following speaker sessions:

Tuesday 5:00 – 6:00: SEC6319-SPO

  • Freeing Security from the Bounds of Hardware and Time (Speaker: Trend Micro)

Thursday 10:30 – 11:30: SEC5427

  • From Architecture to Operations, Weaving Security into the Datacenter Fabric (Speaker: Trend Micro & Vmware)

For more details on Deep Security and NSX, get the solution brief here.

Related posts:

  1. 3 Reasons to Use VMware NSX with Trend Micro Deep Security
  2. Optimize Your Modern Data Center with Next Generation Technologies
  3. Comprehensive Security for your VMware Environment
  4. Cloud App Security: the Answer to Advanced Office 365 Threats

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.