Trend Micro and VMware Virtualization
Trend Micro is a global leader in content security and threat management, with more than 20 years of expertise in server, endpoint, messaging, and Web security. Trend Micro provides the most comprehensive suite of next-generation virtualization and cloud security solutions available today. These solutions leverage the VMware platform to deliver better-than-physical security, giving VMware customers the confidence to accelerate and complete their virtualization journey, maximize consolidation rates and cost savings, and ensure compliance.
By tightly integrating with and leveraging VMware products and APIs, Trend Micro security and compliance solutions allow VMware customers to increase consolidation rates, accelerate and complete their virtualization journey, more fully leverage their VMware investments, and maximize their ROI.
Specifically, Trend Micro helps VMware customers to:
Prevent data breaches and business disruptions by
- Providing a line of defense at the VM itself.
- Shielding known and unknown vulnerabilities in web and enterprise applications, as well as operating systems, and blocking attacks to these systems.
- Identifying suspicious activity and behavior, and taking preventive measures, before it’s too late.
- Detecting and blocking a broad range of threats to endpoints, including viruses, web threats, spyware, rootkits, network worms, and blended threats and preventing exposure to web threats.
- Preventing unauthorized access over the network, and ensuring malware-free data storage.
- Encrypting, and controlling access to data on cloud servers, and facilitating virtual data destruction, for data and applications deployed to infrastructure-as-a-service (IaaS) cloud service providers.
- Stopping web and email threats at the gateway, and ensuring email security and compliance.
Maximize consolidation rates, operational efficiency and cost savings by
- Enabling higher consolidation rates of mission critical / Tier 1 applications, and the deployment of sensitive applications to the public cloud.
- Reducing the performance impacts associated with full-system anti-malware scans, through serialization.
- Sharing threat intelligence amongst multiple virtual desktops, running on a single VDI server instead of on each virtual desktop. This reduces the number of queries to the local scan server and further improves scan performance.
- Retrieving information about the status and location of secured virtual desktops to optimize resource utilization across the entire virtual desktop environment.
- Providing vulnerability protection so that secure coding efforts can be prioritized, and unscheduled patching can be implemented more cost-effectively.
- Providing comprehensive protection in a single, centrally managed software agent / virtual appliance, thus eliminating the need for, and costs associated with, deploying multiple software clients.
- Enabling portability between cloud providers – and avoiding vendor lock-in – while still ensuring that data is virtually destroyed.
- Reducing the configuration, installation, patching and testing time, and the overall administrative and management costs, associated with gateway security for email and web.
- Lowering the overall cost of security management.
Ensure compliance with security best practices, internal governance and external regulations, by
- Addressing a broad range of security requirements identified by PCI and other standards.
- Applying and enforcing a consistent set of security policies across virtualized desktops and servers.
- Providing detailed, auditable reports that document prevented attacks and policy compliance status, and encryption policies for public cloud servers, and that better support an efficient audit process.
Spotlight: Security Built for VMware
VMware and Trend Micro have partnered to deliver the first agentless security platform for VMware. Designed for both virtualized desktops and datacenters, the joint solution includes the following components:
- VMware vSphere delivers the foundation to transform datacenters into dynamic, simplified infrastrctures for private, public and hybrid cloud environments.
- VMware vShield Endpoint, which is part of vSphere optimizes security for use in VMware vSphere and VMware Horizon 6 environments. It enables offloading of security processing to dedicated, security-hardened virtual machines delivered by VMware partners.
- Trend Micro Deep Security provides a security-hardened virtual machine that integrates with vShield Endpoint and other VMware APIs to offer agentless antivirus, integrity monitoring, intrusion detection and prevention, firewall, virtual patching, and Web application protection for VMware virtual machines.
Deep Security options for VMware virtual machines:
Anti-Malware integrates with VMware APIs to provide agentless anti-malware protection for VMware virtual machines with zero in-guest footprint. Optimizes security operations to avoid antivirus storms commonly seen in full system scans and pattern updates.
Integrity Monitoring available in agentless form factor, ensures timely protection against known and zero-day attacks by detecting and reporting malicious and unexpected changes to files, systems registry and hypervisor in real time.
Web Reputation available in agentless form factor, leverages Trend MicroTM Smart Protection Network and to strengthen protection against web threats for servers and virtual desktops by safeguarding users and applications by blocking access to malicious URLs.
Intrusion Detection and Prevention provides agentless vulnerability shielding for virtualized data centers by shielding known vulnerabilities from unlimited exploits in critical systems until a patch is deployed or in place of a future patch that may never materialize. Enables PCI compliance by defending against vulnerabilities and identifies malicious software accessing the network.
Firewall decreases the attack surface of physical, cloud and virtual servers with central management of server firewall policy using bi-directional stateful firewall. Supports virtual machine zoning and prevents Denial of Service attacks.
Log Inspection provides visibility into important security events buried in log files with collection and analysis of operating system and application logs, security events and administrative events across a datacenter.
- Higher Density by offloading security scans from individual virtual machines to a single security virtual appliance on each vSphere host
- Optimized Resources by eliminating antivirus storms and resource contention from multiple security agents
- Simplified Management by eliminating agents and the need to configure and update each one
- Stronger Security by providing instant-on protection for new virtual machines and tamper-proof security coordinated by the dedicated security appliance
Trend Micro Secure Cloud
Trend Micro SecureCloud™ makes it possible for businesses to encrypt and control data in public and private cloud environments via patent-pending, simple policy-based key management. It gives businesses power over how and where data is accessed and greatly reduces the complexity of inherent in traditional key management solutions. SecureCloud is offered as an on-premise console or as a remote Software-as-a-Service solution.
- Protection for: Private and public cloud computing
- Leverages: vCloud APIs
VMware Ready Security Virtual Appliances
Trend Micro offers a range of enterprise VMware-Ready – and VMware Ready for Email Security—virtual appliances for gateway security, including:
- Web Security: Stops web threats at the gateway with a consolidated web security solution that combines powerful URL filtering, real-time web reputation and award-winning malware scanning.
- Web Reporting: Provides real-time visibility of Internet activity and how it is impacting the organization, thus ensuring resources are most effectively managed.
- Messaging Security: Defends the enterprise at the email gateway by combining multi-tiered anti-spam and reputation filtering with award-winning anti-virus and anti-spyware.
- Email Encryption: Enables organizations to enforce compliance requirements and to ensure that confidential information is delivered securely.
- Data Loss Prevention: Protects customer data and intellectual property from the growing volume of threats — whether it’s data-stealing malware, hackers, accidental loss, or malicious insider leaks.
* Note: Trend Micro also offers an agent-based anti-malware solution that is optimized for VMware Horizon 6, and is well-suited to organizations that:
- Are running older versions of Horizon 6
- Want to deploy VDI with untethered or offline VMs that will be in active use
- Want to run the same security solution across all their physical and virtual desktops, including desktop security capabilities beyond AV, such as behavioral monitoring and web reputation monitoring
Introductory ResourcesSolution Brief
VMware enables us to provide an enterprise-class data center at an SMB price…Deep Security has been a very good fit in our data center, and provides excellent protection for our virtualized servers and desktops and our continually changing environment.
— Orinzal Williams, IT Executive Director, United Way
Compliance was a major factor in our data center project. Trend Micro Deep Security, with the integrated firewall and deep packet inspection, gave me the capabilities I absolutely needed for PCI compliance.
— Scott Forrest, Director Networks & Infrastructure, Guess?, Inc.
Our goal was to come up with a scalable foundation that was compliant with the standards required in the insurance and finance industries... The answer was a VMware cluster of servers hosted by a local datacenter service provider and protected with Trend Micro security.
— Jeff Jackson, Co-Founder & CEO, Acumen Technologies (Omni technology partner)
The Medical Center of Central Georgia
We were in the position of not knowing what we didn’t know. Trend Micro Data Loss Prevention gives us visibility into data usaThe Medical Center of Central Georgiage behaviors that we did not have before…Trend Micro helped make vendor consolidation possible by offering a comprehensive data protection portfolio.
— Ty Smallwood, Information Services Security Officer, Medical Center of Central Georgia
Increased Visibility Helps Schools Evolve Cloud Computing
With the phasing in of Deep Security capabilities, we have confidence that we are staying ahead of the evolving threats and maintaining a proactive posture for security in our physical, virtual, and cloud environments.
— Noe Arzate, Director of Technology, Mount Pleasant Independent School District
Baptist Hospitals of Southeast Texas
Everyone else is at least 18 months behind Trend Micro as far as securing virtual environments... Trend Micro is taking VDI security in the right direction.
— Ronald J. Anderson, IT Infrastructure Support Team, Baptist Hospitals of Southeast Texas