At VMworld 2011, Trend Micro Incorporated, the number one market leader in server and virtualization security, the first vendor to introduce agentless anti-malware for virtual environments, and the first to include intrusion prevention and web application protection as part of an all agentless solution, announced the next release of Deep Security that further cements its leadership as a leading server security platform in the industry – across physical, virtual and cloud computing environments.
With an all-new agentless integrity monitoring capability purpose-built for VMware vSphere 5 virtual environments, including hypervisor integrity checks and other cloud-sourced innovations, Deep Security 8 will lower the barrier to adoption of file integrity monitoring across the datacenter and help organizations achieve higher levels of data protection and compliance without added cost and complexity.
Deep Security 8
Trend Micro Deep Security has already established itself as a market leading server and virtualization security offering. A server security platform comprising anti-malware, firewall, IDS/IPS, web application protection, integrity monitoring and log inspection in one integrated solution, Trend Micro now extends its leadership and innovation even further with Deep Security 8 with the following new feature benefits:
For physical servers
Automatic cloud-based event white-listing and configurable trusted events lower the operational complexity of integrity monitoring, further opening the technology to a much wider set of customers.
Agent-based anti-malware allows organizations to extend the same Deep Security protections to physical servers for Windows and Linux operating systems.
For virtual servers
Agentless File Integrity Monitoring, through the same Deep Security Virtual Appliance that already provides agentless anti-malware and agentless intrusion prevention in a virtual environment, removes integrity scan storms and significantly lowers the operational complexity.
Flexible deployment architecture allows select VMs to be set up with optional agents that coordinate with the virtual appliance for added defense in depth.
Hypervisor integrity monitoring utilizing Intel TPM/TXT technology is one of the first market solutions available to monitor whether the hypervisor is compromised
Support for VMware vSphere 5 and VMware vShield Manager 5, with VMware vShield Endpoint Security API 2, also permits backward compatibility with VMware vSphere 4.1 with VMware vShield 1.0.
For virtual desktops
Agent-based anti-malware for VDI local mode allows continuously optimized protection of virtual desktops as they move outside, and back, into the data center.
Leverages web reputation capabilities to protect users from accessing compromised websites.
For virtual desktop environments protected by Deep Security agentless anti-malware, Deep Security now provides an optional End-user Notifier that can provide malware notifications in lieu of a full-blown anti-malware agent.
For cloud servers:
See below for Deep Security 8 integration with SecureCloud 2.
Total Cloud Protection with Deep Security 8 and Trend Micro SecureCloud 2
Trend Micro was the premier vendor to deliver security architected for private and public clouds, and pioneered the market with security architected for VMware virtualization and cloud infrastructure platforms. While Deep Security is a server security platform that provides a secure container for applications and servers in the cloud, SecureCloud augments Deep Security by encrypting and protecting the data that the servers and applications use. SecureCloud is a cloud data protection and policy-based encryption key management solution that makes it easy to encrypt and protect data in physical, virtualized and cloud computing environments. It simply enables faster cloud adoption, greater cost reduction, and better compliance. With this upcoming release, Deep Security customers and channel partners can choose to reap the benefits of integrated bundling with SecureCloud’s encryption and policy-based key management features.
Deep Security and SecureCloud work together to create a context-aware framework that responds to the constantly evolving state of the dynamic datacenter. For instance, SecureCloud communicates with Deep Security, using the security status information from Deep Security to ensure that any server requesting access to encrypted data has up-to-date protection before encryption keys are released. If integrity checks by Deep Security determine that a VM with out-of-date or inadequate protection is trying to startup, or that a VM has been compromised by an attack, SecureCloud adaptively responds and the VM’s data access is blocked via denial of encryption key and an action is flagged to the administrator for remedial action.
New and Enhanced
SecureCloud 2 also features significant new enhancements, including a new encryption agent complete with FIPS 140-2 certification. Government agencies, and companies held to the highest security standards, require FIPS (Federal Information Processing Standards) certification of encryption products. In addition, new Deep Security Manager (DSM) linking points allow SecureCloud to query the DSM and gather information about the servers it is protecting. SecureCloud administrators can build policies around this new information and enhance the rules that govern which servers are allowed access to encryption keys. This increases the overall security posture and provides additional validation criteria queried from the Deep Security operating environment.