Trend Addresses Cloud Security Concerns   Leave a comment

John Lister from Trend Micro spoke at the September 2011 Rochester VMWare user group meeting.   IDC says the number one concern for cloud is security. ESG Research found security was the fourth biggest blocker to cloud adoption.  Gartner rates security as the number one concern.

Inter-m attacks uses named pipes to attack vm on same host. This has been going on for over 2 years with confiker. It gains access to one VM through a vulnerability and then uses that to hit the other VMs.

To answer these concerns vmware made vShield available in August 2010. vShield sees all inbound and outbound traffic going to each vm so it can be monitored and controlled.  It might be an unpatched vm that was just turned on- doesn’t matter because vshield protects it.

The Trend Deep Security add-on will additionally look at each vm up through the application layer and make remediation recommendations and protection. It also does pattern file distribution for each agentless vm. In the lab they have 250 vm per host because agentless is better on performance. 

Trend Deep Security is at the common criteria level 3 plus certification, soon to be 4 – which means it is a high security product.

Trend Deep Security performs integrity monitoring for detection of unauthorized changes. When something changes it emails an alert. All agentless (vsphere 5). It also provides deep packet inspection for ids ips and log inspection.

Trend performed a case study for an Airline. The airline ran out of data center space so they moved apps to Amazon AWS. They used the Trend Ssecure Cloud product. As a result, all the data is encrypted all the time. The connection keys continually change and decrypting is done on the fly.

I am going to find out more information about the Trend Secure Cloud Product for a future blog entry.

 

About the Author:

Kevin Gilbert is the Technology Manager with SIGMA Marketing and holds several certifications including CISSP, SSCP, Security +, NISMA, VCP, MCSE, and more.

Posted September 23, 2011 by cloudbusterspodcast in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: