SlideShare a Scribd company logo
1 of 24
Download to read offline
Virtualizing More While Improving Risk Posture –
       From Bare Metal to End Point




Rishi Bhargava – Sr. Director, Product Management, Datacenter & Server Security, McAfee
James Greene – Product Marketing, Intel
Hemma Prafullchandra – CTO and SVP Products, HyTrust




      © 2012, HyTrust, Inc. www.hytrust.com   1975 W. El Camino Real, Suite 203, Mountain View, CA 94040   Phone: 650-681-8100 / email: info@hytrust.com
                                                                                                                                                           1
Agenda

Introductions
Overview: Setting the Stage
Solutions:
      Intel
      HyTrust
      McAfee
Discussion Topics/Q&A
Summary




© 2012, HyTrust, Inc. www.hytrust.com   2
Setting the Stage: Security and Compliance Will Be Key to
                                    Virtualizing the Next 50% of the Data Center
                             100%




                                                         Cost Savings                                       Compliance Risk              Discussion
% of Workloads Virtualized




                                                                                                            Enterprise Platform    Growth depends on
                                                                                                                                    virtualizing mission
                                                                                                                                    critical workloads
                                                                                     Extensive Production
                                                                                                                                   Virtualization platform
                                                                                                                                    provides basic
                                                                Limited Production                                                  security: OK for non-
                                                                                           Mission-Critical Workloads               critical workloads
                                     Develop/Test                                                                                  Tier 1/2 workloads
                                                                                                                                    have higher security,
                                                                                                                                    compliance needs
                                                                            Non-Mission-Critical Workloads
                                                                                                                                   Purpose-built solutions
                             0%




                                                                                                                                    needed
                                    Non-Compliant Limited Compliance                      Compliant            Best-Practice




                                    © 2012, HyTrust, Inc. www.hytrust.com                                                                                   3
Audience Poll

      What are your virtualization priorities for 2012?
      (Pick Top Priority)

       Maximize performance and availability with sophisticated monitoring
       Continue to increase consolidation ratios
       Better management of existing virtual environments
       Standardization of hypervisors and/or platforms
       Become compliant and/or other organizational mandates (i.e. 25% quota for
        Federal organizations…)
       Only maintain at this point




   © 2012, HyTrust, Inc. www.hytrust.com

© 2011, HyTrust, Inc. www.hytrust.com                                               4
4 “Must Haves” For a Secure Cloud Environment




                                            Virtual
                                        Infrastructure




                                          Intel TXT



© 2012, HyTrust, Inc. www.hytrust.com                    5
Audience Poll

      What security concern ranks highest in importance in your
      virtualized environments in 2012?
       Lack of automation (admin is brought in for every update and change)
       Self service for line of businesses to access/manage their virtual machines
       Strength of security policies and processes around access and change controls
       Insider threat – either malicious or errant
       Logging and reporting tools for audit and/or forensics purposes
       All of the above




© 2012, HyTrust, Inc. www.hytrust.com

© 2011, HyTrust, Inc. Inc. www.hytrust.com                                              6
   © 2012, HyTrust, www.hytrust.com
Intel Security Focus
                   Security & Trust Built-In




         Identity       Detection &    Securing Data   Recovery and
       Protection &    Prevention of    and Assets      Enhanced
    Fraud Deterrence     Malware                         Patching




                  Hardened Foundation for Computing


7
Intel® Technologies: Server Security

          Encrypt                   Isolate                  Enforce
    Intel® AES-NI             Intel® VT & Intel®      Intel® TXT
                              TXT
                              protects VM isolation
    delivers built-in         and provides a more     establishes “trusted”
    encryption acceleration   secure platform         status, foundation to
    for better data           launch                  control migration based
    protection                                        on security policy




                                     VM 1     VM 2
                                                      VM 1         VM 1   VM 2


                                         VMM
                                                      ??             VMM



     Establishing the Foundation for More Secure Computing

8
Intel® Trusted Execution Technology

    Intel® TXT: Hardware Root of
    Trust
    • Enables isolation and tamper
      detection in boot process
      • Measured/Verified BIOS and
        Hypervisor or OS
      • Complements runtime                     Intel®
        protections                            Chipset
                                                               TPM
      • Reduces support and
        remediation costs              BIOS   Flash      VT   VMM/OS
                                                                (MLE)
    • Hardware based trust
      provides visibility and
      verification useful in
      compliance, enforcement


             Intel® TXT: Enforce Control On The Platform


9                              www.intel.com/go/txt
Intel® TXT Use Models
                                                                                     Trusted Pools
                                                                               2
     1
         Hardware enforced detection of
         launch components —reduces
         malware threat                                       Trusted Launch –
                                                         1    Verified platform
                                                              integrity
     2 Enforce control of VMs based
                                                                                               Internet
         on platform trust (and more)
         to better protect data


     3 Hardware support for
         compliance reporting
                                                              Compliance Support – enhancing
                                                         3    auditability of cloud environment



         Powerful Benefits: Protection, Visibility and Control

                            *Other names and brands may be claimed as the property of others


10                                www.intel.com/go/txt
HyTrust Appliance Provides Necessary Controls to
   Confidently Virtualize Mission-Critical Applications
Secures the administration of the
hypervisor & virtual infrastructure:
 Enforces consistent access and
  authorization policies covering all
  access methods
 Provides granular, user-specific,
  audit-quality logs
 Enables strong, multi-factor
  authentication
 Verifies platform integrity, ensuring the
  hypervisor is hardened and the virtual
  infrastructure is trusted
  Provides complete visibility into and control over who accesses the infrastructure, the
        integrity of the infrastructure, and the validity of the changes requested.



   © 2012, HyTrust, Inc. www.hytrust.com                                                    11
Technology Leaders Partner With HyTrust for
  Comprehensive Solutions




                                          HyTrust is part of Intel's   HyTrust event reporting and       HyTrust provides
 HyTrust is part of CA                    trusted cloud architecture   TXT-based trust status
 Access Control for                                                                                      native integration with
                                          based on TXT                 being integrated with             SecurID and enVision
 Virtual Environments                                                  McAfee ePO




                                          HyTrust provides             HyTrust is the platform       HyTrust is "go to" partner
HyTrust reporting and
                                          combined reporting           security solution -           for vSphere security and
controls being integrated
                                          with Trend's Deep            access control and            compliance
with Symantec CCS
                                          Security product             auditing - for vBlock




  © 2012, HyTrust, Inc. www.hytrust.com                                                                                            12
McAfee Data Center Solutions



                                          GTI


                             McAfee ePO         SEIM


                  Security                             Management




Server Security                                               Network Security



 13
McAfee Data Center
Server Security Solutions




14
MOVE-AV Benefits



     OPTIMIZES McAfee security for
1
     virtualized environments


     STANDARDIZES security across all
2
     major hypervisors


     ENSURES best security management
3
     and delivery for virtualized environments




        Security Intelligence for Virtualization
15                                                 Confidential
Optimizes McAfee Anti-Virus


     VM     VM            MOVE                               McAfee ePO
                         Appliance


     MOVE   MOVE

     MA     MA             MA
     OS      OS            OS



            Hypervisor
                                     Features
                                     • Offloads On-Access Scanning
                                     • Enhanced scan avoidance
                                     • Memory protection
            Datacenter
                                     • Quarantine
                                     • GTI file reputation
                                     • VSE license for virtual machines

16
2. Standardizes Security Across Hypervisors



     VM         VM                MOVE                               McAfee ePO
                                 Appliance


     MOVE       MOVE

     MA         MA                 MA
     OS         OS                  OS



              VMware ESX
             Citrix XenServer
                                                   Features
            Microsoft Hyper-V*                     • Hypervisor-agnostic
                                                   • Hypervisor-aware scan scheduling
                                                   • Increased hypervisor capacity
              Datacenter                           • Offline security for inactive servers
                                                   • ePO management

17                        *Not supported for MOVE Scheduler
Discussion topic:


Accelerating time-to-value from your security initiatives




Audience: What works and doesn’t work in your organization’s security
                             office?


                                                                        18
Discussion topic:


Secure Cloud Architecture begins with Hardware Root of
Trust
   Physical Equipment
   Virtualization platform
   Virtualized physical equipment
   Management
    server/appliance/portal/services




                                       Management

                                        Intel TXT
                                                         19
Discussion topic:


Drive higher efficiencies and consolidation ratios through
virtualization-optimized security solutions for the guest
and virtual infrastructure




                                                             20
Discussion topic:


Provide corporate with visibility and enable a state of
continuous compliance




Audience: How are you producing these insights for your management
                           teams now?


                                                                     21
Summary




• Together provide more comprehensive virtualization security
• Put Intel® Cloud Builders reference solutions to work: makes it easier to
  deploy and optimize cloud infrastructure
    www.intel.com/cloudbuilders
• Automatically enforce use of trusted compute pools for sensitive
  workloads in private, hybrid of public clouds. Highly regulated and
  security conscious organizations can demand use of trusted compute
  pools!
    www.hytrust.com
• For more information on McAfee’s MOVE offering visit
    http://www.mcafee.com/us/products/move-anti-virus.aspx

                                                                              22
Resources Links

 Intel TXT
      http://www.intel.com/go/txt


 Intel Cloud Builders
      http://www.intel.com/cloudbuilders


 McAfee
      http://www.mcafee.com/us/products/endpoint-protection/index.aspx


 HyTrust Appliance and Video Demos
      http://www.hytrust.com/resources/product


 HyTrust Case Studies and Resources
      http://www.hytrust.com/resources/case-studies




© 2012, HyTrust, Inc. www.hytrust.com                                     23
Thank You




© 2012, HyTrust, Inc. www.hytrust.com   24

More Related Content

What's hot

Application HA in Virtual Environments
Application HA in Virtual EnvironmentsApplication HA in Virtual Environments
Application HA in Virtual EnvironmentsArrow ECS UK
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell
 
EMC - Accelerate Cloud Journey Webinar
EMC - Accelerate Cloud Journey WebinarEMC - Accelerate Cloud Journey Webinar
EMC - Accelerate Cloud Journey WebinarErin Banks
 
Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011Symantec
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmgNeha Dhawan
 
分会场九Altiris终端管理套件和服务器管理套件现在及远景
分会场九Altiris终端管理套件和服务器管理套件现在及远景分会场九Altiris终端管理套件和服务器管理套件现在及远景
分会场九Altiris终端管理套件和服务器管理套件现在及远景ITband
 
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...Security Challenges in the Virtualized World IBM Virtual Server Protection fo...
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...Digicomp Academy AG
 
Award Application Development Trends
Award Application Development TrendsAward Application Development Trends
Award Application Development TrendsGlenWhite
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterGeneXus
 
Evaluating thin client_security
Evaluating thin client_securityEvaluating thin client_security
Evaluating thin client_securityNick Turunov
 
User Experience Monitoring presented at CA World 2011
User Experience Monitoring   presented at CA World 2011User Experience Monitoring   presented at CA World 2011
User Experience Monitoring presented at CA World 2011CA Nimsoft
 
Introducing OneCommand Vision 3.0, I/O management that gives your application...
Introducing OneCommand Vision 3.0, I/O management that gives your application...Introducing OneCommand Vision 3.0, I/O management that gives your application...
Introducing OneCommand Vision 3.0, I/O management that gives your application...Emulex Corporation
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback OpportunityNovell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback OpportunityNovell
 
Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Khazret Sapenov
 

What's hot (17)

Application HA in Virtual Environments
Application HA in Virtual EnvironmentsApplication HA in Virtual Environments
Application HA in Virtual Environments
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
 
EMC - Accelerate Cloud Journey Webinar
EMC - Accelerate Cloud Journey WebinarEMC - Accelerate Cloud Journey Webinar
EMC - Accelerate Cloud Journey Webinar
 
Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011Symantec ApplicationHA June 2011
Symantec ApplicationHA June 2011
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmg
 
分会场九Altiris终端管理套件和服务器管理套件现在及远景
分会场九Altiris终端管理套件和服务器管理套件现在及远景分会场九Altiris终端管理套件和服务器管理套件现在及远景
分会场九Altiris终端管理套件和服务器管理套件现在及远景
 
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...Security Challenges in the Virtualized World IBM Virtual Server Protection fo...
Security Challenges in the Virtualized World IBM Virtual Server Protection fo...
 
Award Application Development Trends
Award Application Development TrendsAward Application Development Trends
Award Application Development Trends
 
Oracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao DatacenterOracle - Soluções do device ao Datacenter
Oracle - Soluções do device ao Datacenter
 
Evaluating thin client_security
Evaluating thin client_securityEvaluating thin client_security
Evaluating thin client_security
 
User Experience Monitoring presented at CA World 2011
User Experience Monitoring   presented at CA World 2011User Experience Monitoring   presented at CA World 2011
User Experience Monitoring presented at CA World 2011
 
Introducing OneCommand Vision 3.0, I/O management that gives your application...
Introducing OneCommand Vision 3.0, I/O management that gives your application...Introducing OneCommand Vision 3.0, I/O management that gives your application...
Introducing OneCommand Vision 3.0, I/O management that gives your application...
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical Approach
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback OpportunityNovell Support Revealed! An Insider's Peek and Feedback Opportunity
Novell Support Revealed! An Insider's Peek and Feedback Opportunity
 
Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...Taking control of bring your own device byod with desktops as a service (daa ...
Taking control of bring your own device byod with desktops as a service (daa ...
 
Enterprise virtual machine on IBM Cloud
Enterprise virtual machine on IBM CloudEnterprise virtual machine on IBM Cloud
Enterprise virtual machine on IBM Cloud
 

Similar to Virtualizing More While Improving Risk Posture – From Bare Metal to End Point

Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
IBM Tivoli Endpoint Manager - PCTY 2011
IBM Tivoli Endpoint Manager - PCTY 2011IBM Tivoli Endpoint Manager - PCTY 2011
IBM Tivoli Endpoint Manager - PCTY 2011IBM Sverige
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Having the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should CareHaving the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should CarePeter Coffee
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?doan_slideshares
 
End-point Management
End-point ManagementEnd-point Management
End-point ManagementIBM Danmark
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk managementAEC Networks
 
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...Khazret Sapenov
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld
 
Securing virtualization in real world environments
Securing virtualization in real world environmentsSecuring virtualization in real world environments
Securing virtualization in real world environmentsArun Gopinath
 
Smart Clouds for Smart Companies
Smart Clouds for Smart CompaniesSmart Clouds for Smart Companies
Smart Clouds for Smart CompaniesPeter Coffee
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMwareOpSource
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:HyTrust
 
360is Capabilities
360is Capabilities360is Capabilities
360is Capabilitiesnickhutton
 
What is behind the cloud
What is behind the cloudWhat is behind the cloud
What is behind the cloudJoseph Remesar
 
Symantec VMworld 2011 News
Symantec VMworld 2011 NewsSymantec VMworld 2011 News
Symantec VMworld 2011 NewsSymantec
 
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...ASBIS SK
 

Similar to Virtualizing More While Improving Risk Posture – From Bare Metal to End Point (20)

Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
IBM Tivoli Endpoint Manager - PCTY 2011
IBM Tivoli Endpoint Manager - PCTY 2011IBM Tivoli Endpoint Manager - PCTY 2011
IBM Tivoli Endpoint Manager - PCTY 2011
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Having the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should CareHaving the Cloud Conversation: Why the Business Architect Should Care
Having the Cloud Conversation: Why the Business Architect Should Care
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
 
End-point Management
End-point ManagementEnd-point Management
End-point Management
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
 
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
What customers want the cloud to be - Jason Waxman GM at Intel, Cloud Slam 20...
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101
 
Securing virtualization in real world environments
Securing virtualization in real world environmentsSecuring virtualization in real world environments
Securing virtualization in real world environments
 
Smart Clouds for Smart Companies
Smart Clouds for Smart CompaniesSmart Clouds for Smart Companies
Smart Clouds for Smart Companies
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
Webinar on Enterprise Mobility Strategy
Webinar on Enterprise Mobility StrategyWebinar on Enterprise Mobility Strategy
Webinar on Enterprise Mobility Strategy
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
 
360is Capabilities
360is Capabilities360is Capabilities
360is Capabilities
 
What is behind the cloud
What is behind the cloudWhat is behind the cloud
What is behind the cloud
 
Symantec VMworld 2011 News
Symantec VMworld 2011 NewsSymantec VMworld 2011 News
Symantec VMworld 2011 News
 
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...
HP Blade matrix, HP Cloud a HP Virtual systém (prehľad HP virtualizačných rie...
 

More from HyTrust

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veHyTrust
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business ValueHyTrust
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011HyTrust
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitectureHyTrust
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies HyTrust
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust
 

More from HyTrust (7)

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
S24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.veS24 – Virtualiza.on Security from the Auditor Perspec.ve
S24 – Virtualiza.on Security from the Auditor Perspec.ve
 
G12: Implementation to Business Value
G12: Implementation to Business ValueG12: Implementation to Business Value
G12: Implementation to Business Value
 
IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011IBM X-Force 2010 Trend and Risk Report-March 2011
IBM X-Force 2010 Trend and Risk Report-March 2011
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference Architecture
 
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
Implementing ID Governance in Complex Environments-HyTrust & CA Technologies
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data CenterHyTrust-FISMA Compliance in the Virtual Data Center
HyTrust-FISMA Compliance in the Virtual Data Center
 

Recently uploaded

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 

Recently uploaded (20)

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 

Virtualizing More While Improving Risk Posture – From Bare Metal to End Point

  • 1. Virtualizing More While Improving Risk Posture – From Bare Metal to End Point Rishi Bhargava – Sr. Director, Product Management, Datacenter & Server Security, McAfee James Greene – Product Marketing, Intel Hemma Prafullchandra – CTO and SVP Products, HyTrust © 2012, HyTrust, Inc. www.hytrust.com 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com 1
  • 2. Agenda Introductions Overview: Setting the Stage Solutions:  Intel  HyTrust  McAfee Discussion Topics/Q&A Summary © 2012, HyTrust, Inc. www.hytrust.com 2
  • 3. Setting the Stage: Security and Compliance Will Be Key to Virtualizing the Next 50% of the Data Center 100% Cost Savings Compliance Risk Discussion % of Workloads Virtualized Enterprise Platform  Growth depends on virtualizing mission critical workloads Extensive Production  Virtualization platform provides basic Limited Production security: OK for non- Mission-Critical Workloads critical workloads Develop/Test  Tier 1/2 workloads have higher security, compliance needs Non-Mission-Critical Workloads  Purpose-built solutions 0% needed Non-Compliant Limited Compliance Compliant Best-Practice © 2012, HyTrust, Inc. www.hytrust.com 3
  • 4. Audience Poll What are your virtualization priorities for 2012? (Pick Top Priority)  Maximize performance and availability with sophisticated monitoring  Continue to increase consolidation ratios  Better management of existing virtual environments  Standardization of hypervisors and/or platforms  Become compliant and/or other organizational mandates (i.e. 25% quota for Federal organizations…)  Only maintain at this point © 2012, HyTrust, Inc. www.hytrust.com © 2011, HyTrust, Inc. www.hytrust.com 4
  • 5. 4 “Must Haves” For a Secure Cloud Environment Virtual Infrastructure Intel TXT © 2012, HyTrust, Inc. www.hytrust.com 5
  • 6. Audience Poll What security concern ranks highest in importance in your virtualized environments in 2012?  Lack of automation (admin is brought in for every update and change)  Self service for line of businesses to access/manage their virtual machines  Strength of security policies and processes around access and change controls  Insider threat – either malicious or errant  Logging and reporting tools for audit and/or forensics purposes  All of the above © 2012, HyTrust, Inc. www.hytrust.com © 2011, HyTrust, Inc. Inc. www.hytrust.com 6 © 2012, HyTrust, www.hytrust.com
  • 7. Intel Security Focus Security & Trust Built-In Identity Detection & Securing Data Recovery and Protection & Prevention of and Assets Enhanced Fraud Deterrence Malware Patching Hardened Foundation for Computing 7
  • 8. Intel® Technologies: Server Security Encrypt Isolate Enforce Intel® AES-NI Intel® VT & Intel® Intel® TXT TXT protects VM isolation delivers built-in and provides a more establishes “trusted” encryption acceleration secure platform status, foundation to for better data launch control migration based protection on security policy VM 1 VM 2 VM 1 VM 1 VM 2 VMM ?? VMM Establishing the Foundation for More Secure Computing 8
  • 9. Intel® Trusted Execution Technology Intel® TXT: Hardware Root of Trust • Enables isolation and tamper detection in boot process • Measured/Verified BIOS and Hypervisor or OS • Complements runtime Intel® protections Chipset TPM • Reduces support and remediation costs BIOS Flash VT VMM/OS (MLE) • Hardware based trust provides visibility and verification useful in compliance, enforcement Intel® TXT: Enforce Control On The Platform 9 www.intel.com/go/txt
  • 10. Intel® TXT Use Models Trusted Pools 2 1 Hardware enforced detection of launch components —reduces malware threat Trusted Launch – 1 Verified platform integrity 2 Enforce control of VMs based Internet on platform trust (and more) to better protect data 3 Hardware support for compliance reporting Compliance Support – enhancing 3 auditability of cloud environment Powerful Benefits: Protection, Visibility and Control *Other names and brands may be claimed as the property of others 10 www.intel.com/go/txt
  • 11. HyTrust Appliance Provides Necessary Controls to Confidently Virtualize Mission-Critical Applications Secures the administration of the hypervisor & virtual infrastructure:  Enforces consistent access and authorization policies covering all access methods  Provides granular, user-specific, audit-quality logs  Enables strong, multi-factor authentication  Verifies platform integrity, ensuring the hypervisor is hardened and the virtual infrastructure is trusted Provides complete visibility into and control over who accesses the infrastructure, the integrity of the infrastructure, and the validity of the changes requested. © 2012, HyTrust, Inc. www.hytrust.com 11
  • 12. Technology Leaders Partner With HyTrust for Comprehensive Solutions HyTrust is part of Intel's HyTrust event reporting and HyTrust provides HyTrust is part of CA trusted cloud architecture TXT-based trust status Access Control for native integration with based on TXT being integrated with SecurID and enVision Virtual Environments McAfee ePO HyTrust provides HyTrust is the platform HyTrust is "go to" partner HyTrust reporting and combined reporting security solution - for vSphere security and controls being integrated with Trend's Deep access control and compliance with Symantec CCS Security product auditing - for vBlock © 2012, HyTrust, Inc. www.hytrust.com 12
  • 13. McAfee Data Center Solutions GTI McAfee ePO SEIM Security Management Server Security Network Security 13
  • 14. McAfee Data Center Server Security Solutions 14
  • 15. MOVE-AV Benefits OPTIMIZES McAfee security for 1 virtualized environments STANDARDIZES security across all 2 major hypervisors ENSURES best security management 3 and delivery for virtualized environments Security Intelligence for Virtualization 15 Confidential
  • 16. Optimizes McAfee Anti-Virus VM VM MOVE McAfee ePO Appliance MOVE MOVE MA MA MA OS OS OS Hypervisor Features • Offloads On-Access Scanning • Enhanced scan avoidance • Memory protection Datacenter • Quarantine • GTI file reputation • VSE license for virtual machines 16
  • 17. 2. Standardizes Security Across Hypervisors VM VM MOVE McAfee ePO Appliance MOVE MOVE MA MA MA OS OS OS VMware ESX Citrix XenServer Features Microsoft Hyper-V* • Hypervisor-agnostic • Hypervisor-aware scan scheduling • Increased hypervisor capacity Datacenter • Offline security for inactive servers • ePO management 17 *Not supported for MOVE Scheduler
  • 18. Discussion topic: Accelerating time-to-value from your security initiatives Audience: What works and doesn’t work in your organization’s security office? 18
  • 19. Discussion topic: Secure Cloud Architecture begins with Hardware Root of Trust  Physical Equipment  Virtualization platform  Virtualized physical equipment  Management server/appliance/portal/services Management Intel TXT 19
  • 20. Discussion topic: Drive higher efficiencies and consolidation ratios through virtualization-optimized security solutions for the guest and virtual infrastructure 20
  • 21. Discussion topic: Provide corporate with visibility and enable a state of continuous compliance Audience: How are you producing these insights for your management teams now? 21
  • 22. Summary • Together provide more comprehensive virtualization security • Put Intel® Cloud Builders reference solutions to work: makes it easier to deploy and optimize cloud infrastructure www.intel.com/cloudbuilders • Automatically enforce use of trusted compute pools for sensitive workloads in private, hybrid of public clouds. Highly regulated and security conscious organizations can demand use of trusted compute pools! www.hytrust.com • For more information on McAfee’s MOVE offering visit http://www.mcafee.com/us/products/move-anti-virus.aspx 22
  • 23. Resources Links  Intel TXT  http://www.intel.com/go/txt  Intel Cloud Builders  http://www.intel.com/cloudbuilders  McAfee  http://www.mcafee.com/us/products/endpoint-protection/index.aspx  HyTrust Appliance and Video Demos  http://www.hytrust.com/resources/product  HyTrust Case Studies and Resources  http://www.hytrust.com/resources/case-studies © 2012, HyTrust, Inc. www.hytrust.com 23
  • 24. Thank You © 2012, HyTrust, Inc. www.hytrust.com 24