Next Generation Security Platforms Will Enable Clouds To

100401_1Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

Next Generation Security Platforms Will Enable Clouds To Fulfill Their Promise

John MaddisonSVP Trend Micro

June 7th 2010


Cloud Security Business Model

Scalable SubscriptionService Model

Cross SellingOpportunities


3 Types Of Cloud Security

Security

fromThe Cloud

Security

forThe Cloud

Security

inThe Cloud

11 22 33


Threat Environment Evolving

0.00

5,000.00

10,000.00

15,000.00

20,000.00

25,000.00

30,000.00

2006 2007 2008 2009 2010 2011 2012 2013 2014 2015

Threat of VolumeThreat of Volume

ProjectedProjected IncreaseIncrease in Unique Threat Samples

in Unique Threat Samples PER PER

HOUR HOUR (Conservative Projections)

(Conservative Projections) By 2015 By 2015 233,000,000

233,000,000 Per YearPer Year

11


Crimeware Driving the Threat Environment

PROFIT DRIVENPROFIT DRIVEN SOPHISTICATEDSOPHISTICATED

WebWeb

BotnetsBotnets

SpywareSpyware

SpamSpam

WormsWorms

ComplexityComplexity

MULTIPLYINGMULTIPLYING

5,490,9605,490,960

19851985 1995199520072007

Malware SampleMalware SampleCollection GrowthCollection Growth

20052005

ComplexComplex

High VolumeHigh Volume

Short Life CycleShort Life Cycle

11


Threat Protection Databases

50Signatures

Per Day

Past

Cloud Client Architecture Now Required


50,000Signatures

Per Day

Today


(CORRELATION)

ReputationQueries

Tomorrow

FilesURLsIP’s

Files FilesURLsIP’s

11


Threat Protection vs. Detection

TARGET

LINKS &ATTACHMENTS

INTERNETREMOVABLEMEDIA

FILETRANSFERSFILETRANSFERS

THREATSTHREATSTHREATS

EMAILEMAIL

WEBREPUTATIONEMAIL

REPUTATION

FILEREPUTATION

SPAM

WEBSITESWEBSITES


The $30B (IDC) Security Market Will Shift to the Cloud

33


Baseline Security Moving To The Cloud

Small Business

All Security Solutions - Cloud Client Enabled

Option for Cloud Management

Enterprise

All Security Solutions - Cloud Client Enabled

Option for Local Cloud

11


Data Center Being Upgraded

Consolidation & Consolidation & VirtualizationVirtualization

Virtual Desktop Virtual Desktop InfrastructureInfrastructure

Private, Public & Private, Public & Hybrid CloudHybrid Cloud

Data ProtectionData Protection

ComplianceCompliance

22


Datacenter-hosted Virtual Desktop Infrastructure

Virtual Desktop I nfrastructure

Local OS

Terminal SW

VMM

APP

OS

APP

OS

RDP / PCoIP / HDX

APP

OS

APP

OS

Virtual Desktop I nfrastructure

Local OS

Terminal SW

VMM

APP

OS

APP

OS

RDP / PCoIP / HDX

APP

OS

APP

OS

User Operating environment• Virtual machine on an central server• Accessed from existing hardware or a thin client• Can be accessed from anywhere

• Home PC over VPN• BYOC

Analysts view:

Gartner:“[VDI] will undergo an explosive growth...“

Enterprise strategy group:”60% of enterprises have a VDI strategy“

Forrester:“three-quarters of firms now have client virtualization on their IT agenda for the next 12 months“

22


Traditional Security Causes Resource Contention

The “9-AM problem”The “9-AM problem”– Multiple users log in and get updates at the same Multiple users log in and get updates at the same

timetime

Scheduled scansScheduled scans– Adds significant load to the endpointAdds significant load to the endpoint

– Multiplied by number of VMsMultiplied by number of VMs

Cumulative Cumulative system loadsystem load

Customers had to completely disable Customers had to completely disable Security in their VDI environments!Security in their VDI environments!


Security Needs to Align with the New Infrastructure

Detects whether endpoints are physical or virtualDetects whether endpoints are physical or virtual– With VMware ViewWith VMware View

– With Citrix XenDesktopWith Citrix XenDesktop

Serializes updates and scans per VDI-hostSerializes updates and scans per VDI-host– Controls the number of concurrent scans and updates per VDI hostControls the number of concurrent scans and updates per VDI host

– Maintains availability and performance of VDI hostMaintains availability and performance of VDI host

– Faster than concurrent approachFaster than concurrent approach

Leverages Base-images to further shorten scan timesLeverages Base-images to further shorten scan times– Pre-scans and white-lists VDI base-imagesPre-scans and white-lists VDI base-images

– Prevents duplicate scanning of unchanged files on a VDI hostPrevents duplicate scanning of unchanged files on a VDI host

– Further reduces impact on the VDI hostFurther reduces impact on the VDI host


Deep Security Architecture

1414


Key Security Practices

Protecting Virtualized Environments & Ensuring Compliance

Securing the Public Cloud without Losing Control

Managing Traditional and Virtual Desktop Infrastructure (VDI) Security

22


SaaS Market 2010 - $2B (IDC)33


SaaS Basic’s

HostedHosted

Hybrid SaaSHybrid SaaS

Market Market CoverageCoverage

Segment FocusSegment Focus

Adding ValueAdding Value

33


Hosted Solutions For Small Businesses

33

In-the-CloudIn-the-Cloud

Gateway Network Servers Endpoint

Off NetworkOff Network

HostedEmail

Security

WebApplicationScanning

Hosted Endpoint(WFBS-S)

Hosted Web Security(WFBS-S)


Hybrid SaaS Solutions For Enterprises

33

Web Services

On-PremisePart

Cloud Part

Pre-FilterFor

Emails

CentralPolicy

OutboundEmail

Compliance

InternalVulnerability

Scanning


Reseller Management Tools33

Reseller ConsoleReseller Console

Manage Customer Manage Customer ProfilesProfiles

License ManagementLicense Management

Manage PolicyManage Policy

Consolidated ReportingConsolidated Reporting

Customer 1 Customer 2 Customer N


Key Reseller Take-Aways

Differentiated Differentiated Cloud Security Cloud Security OfferingsOfferings Data Center Data Center

Security Security PracticesPractices Scalable, Scalable,

Multiple SaaS Multiple SaaS Offerings with Offerings with Reseller Reseller ManagementManagement


Technology

Next Generation Security Platforms Will Enable Clouds To