Trend Micro Incorporated, a global provider in Internet content security, supports the region’s paradigm shift toward virtualisation and cloud computing as organisations reorganise the myriad of business benefits, including IT flexibility, scalability, efficiency, cost reduction, and competitive advantage.
“Regional business are increasingly looking to adopt cloud computing and virtualisation, and this is the right step forward. But business must also secure their virtual environment. Today, the major threat of theft is not cash at gunpoint in a bank, but identity theft, theft of corporate secrets left in unsecured machines and in taxicabs, and a broad range of sophisticated cyber threats,” commented Chris Moore, General Manager, Middle East & Africa, Trend Micro.
Traditional network security, which addressed sets of computing power such as machines and data storage as a guarded walled garden, will no longer apply in a virtual environment. A new generation of security practices, which emphasize the dynamic aspect of computing power and data, is challenging the status quo. Each organisation will move forward at its own pace as a function of the requirements that it faces and various other interacting factors. Hence, solutions must be sufficiently flexible to accommodate this diversity.
As regional businesses begin to implement virtualisation, they typically add virtual machines (VMs) initially alongside traditional physical machines in a hybrid arrangement. To provide the needed security, enterprises need a virtual appliance – a software image designed to run on a virtual machine. The introduction of this appliance allows organisations to bring security into the hypervisor itself to provide more effective protection. This also allows visibility to inter-VM traffic and provides other security benefits specific to virtualisation, such as inter-VM security, virtual patching for hosts that are created, and efficiency of anti-malware module performance.
Virtualisation is a catalyst to cloud computing; for example, it is accelerating transformation of data centers into private clouds. As organisations move toward cloud computing, they are able to move applications from their resources to cloud resources and back, to achieve business benefits.
However, taking advantage of this computing power further strains the security model. Agents are needed, that move with the workload, which includes the operating system, applications, and data. Yet business requirements such as stringent regulatory compliance require more sophisticated “smart” agents that can adjust the level of protection to suit various tasks.
To provide effective security in the virtualisation and cloud computing age, next generation security should include an optimal combination of approaches that protects traditional physical resources, virtual resources, and workloads wherever they may be, including in the cloud. The Trend Micro Smart Protection Network provides oversight and ensures that all resource and workload agent protection is resilient and up-to-date. Security moves with workloads, as needed, and security is deployed on the hypervisor to protect all guest operating systems from a single location.
Characteristics of next generation security strategy
Trend Micro delivers on the promise of a next generation security strategy – one that will enable enterprises to fully realise the substantial business benefits and cost savings of virtualisation and cloud computing – with the following commercially available elements today:
- Cloud architecture: Security should be architected from the ground up to integrate with and leverage virtualisation and cloud computing technologies and models.
- Mobility: In a world driven by increasing mobility, such as 3G networks, vMotion, and cloud computing, and the consumerisation of IT such as SmartPhones and tablets, security must be mobile too. It must travel with the data, applications, and devices it is entrusted to protect.
- Thin endpoint: The endpoint protection presence must be as small as possible to fit on smaller/thinner devices such as virtual machines, SmartPhones, and USB-based devices, and consume fewer resources such as memory, CPU time, and I/O.
- Speed: Security must be fast to provision, quick to update – given the pace of discovery of new threats and vulnerabilities, and the speed with which virtual machines can be provisioned or moved from a dormant to active state – and impose a minimal impact on system performance.
- Simplicity: Security should be simple to operate; easy to integrate with existing solutions and IT infrastructure; and include automation, notifications, reporting and other features that reduce management and maintenance time.
- Breadth of protection: A broad range of fundamental security controls, including anti-virus, encryption, data loss prevention (DLP), firewalls, IDS/IPS, file integrity monitoring, and log inspection, should be virtualised and operate seamlessly in virtualised and cloud computing environments. Point security solutions are not sufficient.
- Effective, accessible, supported, and compliant protection: Given the trend towards consumerisation, and buy-your-own-computer provisioning models, security solutions should be both globally available and readily accessible to consumers, provide effective protection, be aligned with corporate IT standards, and be backed by global support.