Published on February 14, 2014
Securing Virtual and Cloud Environments January 15th 2014
Securing Virtual and Cloud Environments Agenda Bunmi Sowande Technical Specialist – F-Secure (UK) bunmi_Sowande@f-secure.com 07818 515 687 • • • • • What is virtualization? Benefits of virtualization Virtualization = Cloud ?? Security in Virtual and Cloud Environments F-Secure Security for Virtual and Cloud Environments
Awarded Best Protection & Praised by Certified and Awarded by Analysts numerous 3 parties! rd “Out of all corporate endpoint protection products reviewed, F-Secure Client Security offered by far the best protection.” Andreas Marx, CEO of AV-TEST The Forrester Wave™: Endpoint Security, Q1 2013 Received highest score among all vendors for our product roadmap and strategy. Top ranking scores on performance and satisfaction, in addition to our advanced anti-malware technologies.
Comprehensive Protection Providing 360 protection from all threats Protection Service for Business Business Suite In-House IT Policy Manager Management as a Service Internet Gatekeeper Messaging Security Gateway PSB Portal Out-sourced IT Server Security Client Security Email and Server Security Mobile Security Linux Security AV for Workstations PSB Server Security PSB Email and Server Security PSB Workstation Security Protection Service for Email PSB Mobile Security
Karmina Senior Analyst Security in the news
Security in the News
Security in the News
Security in the News
Security in the News
What is virtualization ?
In the beginning……… ……….Cueball and Associates buy their first server Domain Controller • • • Email Server File and Storage F-Secure Policy Manager Backup Domain Controller CRM Accounting Software Each application requires a separate server Most of the time, the server’s use 5-25% of their resources – VERY INEFFICIENT In large datacenters, most of the power consumed by hardware is just heating the room in idle cycles.
Sharing is caring
Benefits of Virtualization • • • • Hardware Cost savings Resource Utilisation is around 80%, better efficiency Reduced power costs (servers and air-conditioning) Capital and operations expenses cut by half, with annual savings of more than £1,000 for each server virtualized • Less space needed in datacentre for physical servers • High Availability, better disaster recovery without complicated clustering • Faster Provisioning of servers • Easy to upgrade • Allows for easy testing and evaluation of applications and Operating Systems
Virtual machines are already mainstream “Roughly two-thirds of x86 server workloads are virtualized, the market is mature and competitive, and enterprises have viable choices” – Gartner, June 2013, Magic Quadrant for x86 Server Virtualization Infrastructure 16 February 14, 2014 © F-Secure Confidential
Other types of Virtualization • • • • Desktop Virtualization – Thin Clients, VDI Storage Virtualization Network Virtualization Application Virtualization
Desktop Virtualization Trends SMB’s are increasingly using virtual desktops Source: Virtualization: A 2013 HorizonWatching Trend Report
Virtualization = Cloud Computing ?? Virtualization – Physical Infrastructure Cloud Computing – Software or a service.
Most common cloud services Web hosting Virtual servers 20 February 14, 2014 Email and collaboration tools Virtual desktops (VDI for BYOD) © F-Secure Confidential
Security for Virtual Environments with optimal performance
Which is more important? Protection level Performance 22 February 14, 2014 © F-Secure Confidential
Special demands in virtual environments Traditional security threats apply, but… Limited hardware capacity Shared hardware usage Added weight to the scanning process 23 February 14, 2014 © F-Secure Confidential Significant impact on desktop virtualization Need to optimize and offer a good user experience Need to invest in additional capacity
Traditional anti-virus in virtual machines Takes up a lot of resources from the hardware Difficult to manage Higher costs High performance impact 24 February 14, 2014 © F-Secure Confidential
F-Secure Security for Virtual and Cloud Environments 25 February 14, 2014 © F-Secure Confidential
Optimized performance Reduced resource usage for virtual environments Performance optimized to reduce hardware costs Light (small footprint) security client for virtual machines Optimized use of hardware capacity High availability and scalability with multi-server deployment 26 February 14, 2014 © F-Secure Confidential
Multi-platform coverage Supports all popular virtualization platforms, including mixed and hybrid environments with multiple virtual platforms 27 February 14, 2014 © F-Secure Confidential Hypervisor agnostic – works with VMware, Citrix, MS Hyper-V, etc Hybrid solution supports different environment combinations
Reduced complexity Single unified central management and standard clients Built-in functionality in standard clients 28 February 14, 2014 © F-Secure Confidential All parts of the solution centrally managed with the same management tool Reduced complexity due to easy deployment
Security for Virtual and Cloud Environments Virtual Machine Physical Machine
Security solution for virtual and cloud environments 1. Uncompromised, best protection against malware, exploits, phishing and other network based attacks 2. Reduced memory, CPU and disk space consumption on virtual machines 3. Can be deployed in any virtualization or cloud environment including mixed and hybrid environments 4. An added feature for the award-winning endpoint and server protection products 5. Scanning offloaded to a dedicated Scanning and Reputation Server
How it works?
Client • Standard F-Secure workstation and server software • One-time installation on virtual machine template • Includes F-Secure award-winning technologies • Centrally managed with a single unified management console Scanning and Reputation Server • Easy deployment with pre-configured virtual appliance • Isolates performance consuming operations from clients • Centrally managed with the same management console as clients Elements Management, provisioning, monitoring • F-Secure Policy Manager installed on Windows or Linux server • Provides policies , configuration and updates for all managed parts of the solution • Status, monitoring, st atistics and licensing
Security for Virtual and Cloud Environments
SVCE Licensing The things you need to know • What is the number of • End points in total • Virtualized end points The products you need 1) Client installations • Client Security or Server Security • Amount of devices 2) Offload scanning server • Scanning and Reputation Server • Amount of clients offloading the scanning How to sell it? n x CS/SS SKU + n x SRS SKU = SVCE Price
SVCE Pricing example – From physical to hybrid environment 200 workstations (100 Physical PCs and 100 Virtualised) 200 x Client Security (100-499) 100 Connections to Scanning and Reputation Server • Multiple SRS Servers can be deployed for scalability and redundancy. • 1 Scanning and Reputation Server (4GB RAM and 4 vCPU) for 100 virtual machines running on the same hypervisor host
No more compromises! Request trial Bunmi.Sowande@f-secure.com Robert.firstname.lastname@example.org
Questions ?? Next webinars 12th February - Why SMBs are outsourcing Security to Managed Service Providers – bit.ly/fswebinar4 12th March – Why do you need to protect your mobile devices? - bit.ly/fswebinar5
How it works Component What it does? Policy Manager provides centralized management for products installed on physical and virtual machines Policy Manager Console the administration console to define policies, deploy F-Secure software and monitor status of security Client Security, Server Security and Email and Server Security endpoint security protection installed on physical or virtual desktops and servers respectively Management Agent communicates with Policy Manager, applies defined policies and sends status information and alerts to the Policy Manager Server Automatic Update Agent responsible for downloading and installing software and database updates Offload Scanning Agent offloads malware scanning and content reputation checking to minimize the performance impact Scanning and Reputation Server the virtual appliance based on hardened Linux platform. It provides malware scanning and content reputation services.
Securing Virtual and Cloud Environments. Mariana Carroll Affiliated with CSIR Meraka Institute School of Computing, University of South Africa Email author
1 Introduction. In today’s globalised, volatile and competitive market, organisations are forced to leverage core competencies, be agile to allow them to ...
InfoSec Reading Room ... address three features in a virtual Cloud environment ... Ottenheimer, D., & Wallace, M. (2012). Securing the virtual environment ...
CLEAR CLOUDS AHEAD. Going virtual? ... Security for Virtual and Cloud Environments brings ultimate, incorporated protection for all virtual environments.
securing virtualized environments and accelerating cloud computing we can WHITE PAPER Securing Virtualized Environments and Accelerating Cloud Computing ...
Menu. Solutions. Storage and Data Management. Disaster Recovery Solutions; Information Lifecycle Management
As more and more data is moved into virtual environments the need to secure them becomes increasingly important. Useful for service providers as well as ...
Unified Network Services (UNS) Securing Virtual ... Nexus Series virtual switch to help secure multitenant virtual and cloud environments at the ...
SecureCloud provides cloud ... Trend Micro SecureCloud™ provides data protection for cloud and virtual environments ... Are Your Peers Securing the Cloud?