Transcript RSA Solutions for Virtualization

RSA Security Solutions for
Virtualization
Martin de Jongh, Presales team lead EMEA North
RSA
Market Opportunity
RSA capabilities for Virtualization
RSA VCE’s Vblock security
Words of Wisdom
2
RSA, The Security Division of EMC
EMC² is the world leading
information infrastructure company
enabling organizations to bring the
power of their information to life
Add
Intelligence
VMWare is the world leading
Information
Virtualization company Virtualize,
Optimize & Energize
Protect
RSA is the world leader in
securing information infrastructure
ensuring that information is always an
asset and never a liability
3
Virtualize
& Automate
Store
RSA Security Leadership
1st
25 +
35K +
175K +
Inventors of
RSA algorithm
year
legacy
organizations
protected
phishing attacks
shut down
250M
+
online identities
protected
4
1B
+
products
shipped with RSA
BSAFE® encryption
World’s
Largest
information
security industry
event
RSA Security Leadership
1
st
Authentication
Source: Frost & Sullivan
5
Leader
Leader
Leader
Data Loss
Prevention
Web Fraud Detection
SIEM
Source: Gartner Magic Quadrant Reports
RSA
Market Opportunity
RSA capabilities for Virtualization
RSA VCE’s Vblock security
Words of Wisdom
6
IT Budget wishlist for 2010
survey of 1,189 CIOs in the US and Canada.
Market Opportunity
Biggest increases in spending for 2010: Security (20%), Virtualization
(12%) & Cloud Computing……….
In 2009 only 18% of enterprise datacenter workloads that could be
virtualized have been virtualized.
In 2009 40% of virtualization deployment projects undertaken were
without involving the information security team in the initial architecture
and planning stages.
Through 2012, 60% of virtualized servers will be less secure than the
physical servers they replace .
RSA
Market Opportunity
Cloud Computing
RSA capabilities for Virtualization
Summary
Words of Wisdom
9
The Business View of Clouds
The Security View of Clouds
New Cloud Security challenges
1.
Information Sensitivity
– What information will be going to the cloud?
– Are there privacy or confidentiality issues?
2.
Information Mobility
– Where physically will the information be? Are there legal/sovereignty issues?
– Can I be sure I get it all back – and all copies are permanently deleted– if I stop using the cloud vendor or
–
infrastructure?
Will the cloud vendor outsource any of its functions? Can I control that?
3.
Transparency, Accountability, Trust
– Can I get clarity into whether security controls, and other best practices, are being deployed?
– Can I meet audit and compliance requirements for the information or business process?
– Can I trust the cloud service provider?
4.
Who Are My Neighbors?
– Are there controls in terms of who else is using this cloud infrastructure?
– Is there good discipline over separation of data, processes and infrastructure?
– Is there strong identity management both for customers and for employees?
5.
The Human Dimension
– Can I get insight into hiring practices and training practices regarding privacy and
security?
RSA/EMC/VMWare
’Private’ Cloud strategy
RSA
Market Opportunity
Cloud Computing
RSA capabilities for Virtualization
Summary
Words of Wisdom
14
RSA capabilities for Virtualization
Info Centric vs. Perimiter defense
Transforming Security within the
Virtualized infrastructures
APP
APP
APP
OS
OS
OS
vApp and VM layer
VDC Services Layer
Virtual Infrastructure
(including hypervisor)
Compute
16
Today
Most security is enforced by
the Network, OS and
application stack.
Network
Storage
Cloud Computing
Security Management & Reporting
(SIEM)
RSA’s approach -
RSA’s Vision
Surpass the levels of security
possible in today’s physical
infrastructures by pushing
information security
enforcement down the virtual
stack.
RSA capabilities for Virtualization
RSA portfolio
Multi-product solutions
Encryption, Identity/Access controls, SIEM &
DataLossPrevention
-
RSA SecurBook for VMWare View
•
•
•
•
•
Solution Architecture
Solution deployment and configuration guides
Operational guidance for effective using the solution
Troubleshooting guidance
Solution guides for planning, deploying, and
administering RSA solutions in an Virtual infra.
“…we don't usually do this as part of our briefings, but I must say I looked at
the RSA SecurBook and was very surprised with the level of detail and
material in there. Lots of screen shots and other materials I wasn't
expecting. Very nicely done. Excellent resource.”
- Gartner Analyst, December 2009
RSA Identity & Access controls
for the Virtual Infrastructure
VMware View
(Desktop virtualization-VDI)
• RSA SecurID &
Authentication Manager
strong authentication secures
access to the portal through which
virtual desktops are accessed
remotely
VMware vSphere (ESX)
(Sever virtualization)
• RSA SecurID &
Authentication manager
strong authentication secures
administrative access to ESX
console and vSphere
Management Assistant
Authentication
Manager
RSA Security Management & Reporting
for the Virtual and physical infrastructure
Overview
Ease of analysis, implementation,
compliance and change control in VMware
environment.
RSA enVision collects distinct
logs from VMware environment thru 1
seamless, agentless connection
– vCenter logs
– VMWare Servers logs
RSA enVision (SIEM)
VMware Events and Activity
RSA Data Loss Prevention Suite
DLP Datacenter
DISCOVER
Where is my sensitive data?
Enterprise
Manager
DLP Network
MONITOR
Policies
Where is my sensitive data going?
ENFORCE
How do I prevent loss of my data?
Remediation
DLP Endpoint
RSA Data Loss Prevention
for Virtual networks
Overview
Leverages the capabilities of
VMware vShield Zones to
deploy RSA DLP internally as a
OS imbedded virtual sensor
monitoring data traversing
among virtual networks.
Uses a centrally managed
policies and enforcement
controls to prevent data loss in
the virtual datacenter
RSA & VMware ‘
vShield
Zone1
RSA DLP
sensor
RSA DLP
Sensor
vSafe program’
Zone2
Zone3
RSA DLP
Sensor
RSA DLP
Sensor
VMware
VMware
VMware
VMware
VSphere
VSphere
VSphere
VSphere
Network
INTERNET
RSA Solution Suite for Virtual infrastructure
VMware Ionix SCM for
security config and patch
management
RSA DLP for
protection of data
in use
RSA SecurID
for remote
authentication
RSA SecurID
for ESX
Service Console
RSA enVision
for security monitoring
and reporting
RSA Secures the Core Vblock Platform (VCE)
Validated with Vblock
Security and
compliance officer
Vmware
Administrator
vSphere
Management
Assistant
vSphere
UCS
Comprehensive visibility
into security events
Storage
Security incident
management,
compliance reporting
RSA SecurID
Strong authentication
before access to ESX
Service Console and
vSphere Management
Assistant
RSA enVision
RSA
Market Opportunity
Cloud Strategy
RSA capabilities for Virtualization
Summary
Words of Wisdom
25
Summary:
Leading the Way Toward 100% Virtualization
RSA: Security and Compliance for Virtual Environments
Protect
Identities
Monitor
Infrastructure
Secure
Information
Benefits
Capabilities
Assure authorized access
into every layer of the virtual
environment
Strong authentication into VMware
View, ESX and Vblock
Ensure compliance across
virtual and physical with a
single platform
Native Security Event and Incident
Management support for VMware
View, ESX, vCenter, vSphere and,
Vblock
Identify targets for low risk
virtualization
Prevent data leakage
between vShield Zones
Data Loss Prevention which
discovers and protects sensitive data
in vShield Zones, VMware View,
ESX and Vblock
Additional Information
• RSA Security Brief:
Security Compliance in a Virtual World
• RSA SecurBook for VMWare View
• RSA White Paper:
VMWare Virtual Desktop Infrastructure
• Website:
RSA Solutions for Virtual Environments
• RSA White Paper:
Desktop Virtualization Management and Security
RSA
Market Opportunity
Cloud Strategy
RSA capabilities for Virtualization
Summary
Words of Wisdom
28
Words of Wisdom
29
RSA Internal only
Thai
Traditional Chinese
Gracias
Russian
Tack så mycket
Thank
You!!
English
Swedish
Arabic
Grazie
Takk!
Norwegian
Spanish
Obrigado
Brazilian Portuguese
Danke
German
Merci
Italian
French
Simplified Chinese
Korean
Japanese
Hartelijk dank!
Dutch
Thank you!