Upload
cameroon45
View
538
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
100401_1Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Next Generation Security Platforms Will Enable Clouds To Fulfill Their Promise
John MaddisonSVP Trend Micro
June 7th 2010
100401_2Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Cloud Security Business Model
Scalable SubscriptionService Model
Cross SellingOpportunities
100401_3Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
3 Types Of Cloud Security
Security
fromThe Cloud
Security
forThe Cloud
Security
inThe Cloud
11 22 33
100401_4Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Threat Environment Evolving
0.00
5,000.00
10,000.00
15,000.00
20,000.00
25,000.00
30,000.00
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
Threat of VolumeThreat of Volume
ProjectedProjected IncreaseIncrease in Unique Threat Samples
in Unique Threat Samples PER PER
HOUR HOUR (Conservative Projections)
(Conservative Projections) By 2015 By 2015 233,000,000
233,000,000 Per YearPer Year
11
100401_5Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Crimeware Driving the Threat Environment
PROFIT DRIVENPROFIT DRIVEN SOPHISTICATEDSOPHISTICATED
WebWeb
BotnetsBotnets
SpywareSpyware
SpamSpam
WormsWorms
ComplexityComplexity
MULTIPLYINGMULTIPLYING
5,490,9605,490,960
19851985 1995199520072007
Malware SampleMalware SampleCollection GrowthCollection Growth
20052005
ComplexComplex
High VolumeHigh Volume
Short Life CycleShort Life Cycle
11
100401_6Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Threat Protection Databases
50Signatures
Per Day
Past
Cloud Client Architecture Now Required
Threat Protection Databases
50,000Signatures
Per Day
Today
Threat Protection Databases
(CORRELATION)
ReputationQueries
Tomorrow
FilesURLsIP’s
Files FilesURLsIP’s
11
100401_7Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Threat Protection vs. Detection
TARGET
LINKS &ATTACHMENTS
INTERNETREMOVABLEMEDIA
FILETRANSFERSFILETRANSFERS
THREATSTHREATSTHREATS
EMAILEMAIL
WEBREPUTATIONEMAIL
REPUTATION
FILEREPUTATION
SPAM
WEBSITESWEBSITES
100401_8Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
The $30B (IDC) Security Market Will Shift to the Cloud
33
100401_9Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Baseline Security Moving To The Cloud
Small Business
All Security Solutions - Cloud Client Enabled
Option for Cloud Management
Enterprise
All Security Solutions - Cloud Client Enabled
Option for Local Cloud
11
100401_10Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Data Center Being Upgraded
Consolidation & Consolidation & VirtualizationVirtualization
Virtual Desktop Virtual Desktop InfrastructureInfrastructure
Private, Public & Private, Public & Hybrid CloudHybrid Cloud
Data ProtectionData Protection
ComplianceCompliance
22
100401_11Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Datacenter-hosted Virtual Desktop Infrastructure
Virtual Desktop I nfrastructure
Local OS
Terminal SW
VMM
APP
OS
APP
OS
RDP / PCoIP / HDX
APP
OS
APP
OS
Virtual Desktop I nfrastructure
Local OS
Terminal SW
VMM
APP
OS
APP
OS
RDP / PCoIP / HDX
APP
OS
APP
OS
User Operating environment• Virtual machine on an central server• Accessed from existing hardware or a thin client• Can be accessed from anywhere
• Home PC over VPN• BYOC
Analysts view:
Gartner:“[VDI] will undergo an explosive growth...“
Enterprise strategy group:”60% of enterprises have a VDI strategy“
Forrester:“three-quarters of firms now have client virtualization on their IT agenda for the next 12 months“
22
100401_12Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Traditional Security Causes Resource Contention
The “9-AM problem”The “9-AM problem”– Multiple users log in and get updates at the same Multiple users log in and get updates at the same
timetime
Scheduled scansScheduled scans– Adds significant load to the endpointAdds significant load to the endpoint
– Multiplied by number of VMsMultiplied by number of VMs
Cumulative Cumulative system loadsystem load
Customers had to completely disable Customers had to completely disable Security in their VDI environments!Security in their VDI environments!
100401_13Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Security Needs to Align with the New Infrastructure
Detects whether endpoints are physical or virtualDetects whether endpoints are physical or virtual– With VMware ViewWith VMware View
– With Citrix XenDesktopWith Citrix XenDesktop
Serializes updates and scans per VDI-hostSerializes updates and scans per VDI-host– Controls the number of concurrent scans and updates per VDI hostControls the number of concurrent scans and updates per VDI host
– Maintains availability and performance of VDI hostMaintains availability and performance of VDI host
– Faster than concurrent approachFaster than concurrent approach
Leverages Base-images to further shorten scan timesLeverages Base-images to further shorten scan times– Pre-scans and white-lists VDI base-imagesPre-scans and white-lists VDI base-images
– Prevents duplicate scanning of unchanged files on a VDI hostPrevents duplicate scanning of unchanged files on a VDI host
– Further reduces impact on the VDI hostFurther reduces impact on the VDI host
100401_14Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Deep Security Architecture
1414
100401_15Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Key Security Practices
Protecting Virtualized Environments & Ensuring Compliance
Securing the Public Cloud without Losing Control
Managing Traditional and Virtual Desktop Infrastructure (VDI) Security
22
100401_16Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
SaaS Market 2010 - $2B (IDC)33
100401_17Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
SaaS Basic’s
HostedHosted
Hybrid SaaSHybrid SaaS
Market Market CoverageCoverage
Segment FocusSegment Focus
Adding ValueAdding Value
33
100401_18Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Hosted Solutions For Small Businesses
33
In-the-CloudIn-the-Cloud
Gateway Network Servers Endpoint
Off NetworkOff Network
HostedEmail
Security
WebApplicationScanning
Hosted Endpoint(WFBS-S)
Hosted Web Security(WFBS-S)
100401_19Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Hybrid SaaS Solutions For Enterprises
33
Web Services
On-PremisePart
Cloud Part
Pre-FilterFor
Emails
CentralPolicy
OutboundEmail
Compliance
InternalVulnerability
Scanning
100401_20Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Reseller Management Tools33
Reseller ConsoleReseller Console
Manage Customer Manage Customer ProfilesProfiles
License ManagementLicense Management
Manage PolicyManage Policy
Consolidated ReportingConsolidated Reporting
Customer 1 Customer 2 Customer N
100401_21Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.
Key Reseller Take-Aways
Differentiated Differentiated Cloud Security Cloud Security OfferingsOfferings Data Center Data Center
Security Security PracticesPractices Scalable, Scalable,
Multiple SaaS Multiple SaaS Offerings with Offerings with Reseller Reseller ManagementManagement
100401_22Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.