Overview
Virtualization has already transformed the data center and now organizations are moving their workloads to cloud and container architectures. There are many advantages of hybrid cloud computing, however, it also comes with new risks and threats. Your organization must ensure compliance requirements are met and that you have security across all of your workloads; physical servers, virtual, cloud, or containers.
Trend Micro Deep Security software provides comprehensive security in a single solution that is purpose-built for virtual, cloud, and container environments. Deep Security allows for consistent security regardless of the workload. It also provides a rich set of application programming interfaces (APIs) so security can be automated and won’t impact your teams.
Automated
Security as code lets your DevOps teams bake security into their build pipeline to release continuously and frequently. With built-in automation, including automated discovery and deployment, quick-start templates, and our Automation Center, secure your environment and meet compliance requirements quickly.
Flexible
Builder’s choice. Security for your hybrid cloud, multi-cloud, and multi-service environments, as well as protection for any vintage of application delivery—with broad platform support.
Key Business Issues
- Automated protection
Save time and resources with automated security policies, deployments, health checks, and compliance reporting across your hybrid environments, such as data center and cloud, as you migrate or create new workloads.
- Unified security
Deploy and consolidate security across your physical, virtual, multi-cloud, and container environments with a single agent and platform.
- Security for the CI/CD pipeline
API-first, developer-friendly tools to help you ensure that security controls are baked into DevOps processes.
- Accelerated compliance
Demonstrate compliance with a number of regulatory requirements, including GDPR, PCI DSS, HIPAA, NIST, FedRAMP, and more.
Detection and Protection Capabilities
Network security tools detect and stop network attacks and shield vulnerable applications and servers
- Host-Based Intrusion Prevention: Detects and blocks network-based exploits of known vulnerabilities in popular applications and operating systems using IPS rules.
- Firewall: Host-based firewall protects endpoints on the network using stateful inspection.
- Vulnerability Scanning: Performs a scan for known network-based vulnerabilities in the operating system and applications.
System security tools lock down systems and detect suspicious activity
- Application Control: Blocks any executables and scripts that aren’t identified as known-good applications or DLLs from installing/ executing.
- Log Inspection: Identifies and alerts unplanned changes, intrusions, or advanced malware attacks, including ransomware as it is happening on your systems.
- File Integrity Monitoring: Monitors files, libraries, and services, etc, for changes. To monitor a secure configuration, a baseline is created that represents the secure configuration. When changes from this desired state are detected, details are logged and alerts can be issued to stakeholders.
Malware prevention stops malware and targeted attacks
- Anti-Malware:
i. File Reputation: blocks known-bad files using our anti-malware signatures.
ii. Variant Protection: looks for obscure, polymorphic, or variants of malware by using fragments of previously seen malware and detection algorithms.
- Behavioral Analysis: Examines an unknown item as it loads and looks for suspicious behavior in the operating system, applications, and scripts, as well as how they interact, to block them.
- SAP Scanner*: Enables anti-malware scanning for Netweaver through the SAP Virus Scan Interface (VSI).
- Machine Learning: Analyzes unknown files and zero-day threats using machine learning algorithms to determine if the file is malicious.
- Web Reputation: Blocks known-bad URLs and websites.
- Sandbox Analysis: Suspicious objects can be sent to the Trend Micro Deep Discovery network sandbox for detonation and extensive analysis to determine if it is malicious. A confirmation and rapid response update is then provided back to Deep Security for the appropriate response
*The SAP Scanner requires specialized functionality that must be purchased separately from your Workload Security license.
System Requirements
System Requirements (Manager, Virtual Appliance, and Agents)
- Deep Security is available as a software or via the AWS or Azure marketplaces. System requirements are available at the following URL: https://help.deepsecurity. trendmicro.com/20_0/on-premise/ system-requirements.html
- Available as software as a service (SaaS). Trend Micro Cloud One – Workload Security is a SaaS offering with nearly identical functionality as Deep Security, but hosted by Trend Micro in the cloud—meaning we do the heavy lifting for you. We manage regular product and kernel updates, set up and maintain the security database, and administer the management platform. Our cloud-based security offering enables quick set-up and automates and simplifies security operations for cloud instances.
Supported Platforms (For Agent)
- As Trend Micro is constantly supporting new operating systems and versions, please refer to the following URL for the complete list, including Microsoft Windows, Linux, Solaris, AIX, and Docker containers: https://help.deepsecurity.trendmicro. com/20_0/on-premise/agentcompatibility.html
Built for Security in the Cloud
Workload Security is optimized for leading cloud providers’ infrastructures, including support for many operating systems, examples include:
Compatibility with configuration, event, and orchestration tools:
Key Certifications, Compliance, and Alliances
- AWS Advanced Technology Partner
- AWS Container Competency Partner
- Common Criteria EAL 2+
- FIPS 140-2 validated
- HP Business Partnership
- Microsoft Application Development Gold Partner
- Microsoft Certified Partnership
- SAP Certified (NW-VSI 2.0 and HANA)
- VCE Vblock Validated
- Virtualization by VMware
- VMware Cloud on AWS Partner
- VMware Global Partner of the Year
Architecture
Deep Security Agent
Enforces the environment’s security policy (application control, anti-malware, IPS, firewall, integrity monitoring, and log inspection) via a small software component deployed on the server or VM being protected (can be automatically deployed with leading operational management tools like Chef, Puppet, Ansible, Microsoft SCCM, and AWS OpsWorks).
Deep Security Manager
Powerful, centralized management console: Role-based administration and multilevel policy inheritance allows for granular control. Task-automating features, such as recommendation scan, event tagging, and event-based tasks, simplify ongoing security administration. Multi-tenant architecture enables isolation of individual tenant policies and delegation of security management to tenant administrators.
Deep Security Virtual Appliance
Transparently enforces security policies on VMware vSphere VMs. For VMware NSX environments, this provides agentless anti-malware, web reputation, IPS, integrity monitoring, and firewall protection. A combined mode can be used where the virtual appliance is used for agentless anti-malware and integrity monitoring, and an agent for IPS, application control, firewall, web reputation, and log inspection.
Flexible pricing to meet cloud needs
- Protects thousands of customers and millions of servers globally
- Purchase and procure through AWS Marketplace or bring your own license to the Azure Marketplace
- Cost-effective, usage-based pricing:
| Amazon EC2 Instance Size |
Microsoft Azure Virtual Machine |
Hourly Price |
| Micro, small, medium |
1 Core: A0, A1, D1 |
$0.01 |
| Large |
2 cores: A2, D2, D11, G1 |
$0.03 |
| XLarge and above |
4+ cores: A3-A11, D3-D4, D12-D14, G2-G5, D3, D4, D12-D14, G2-G5 |
$0.06 |
