TrendMicro Adds Enhanced Host Security & New Cloud Encryption

Trend Micro is adding an anti-malware module to its host-based security product, now Deep Security 7.5, the host-based intrusion prevention product from the acquisition of Third Brigade last year. They are also introducing SecureCloud, a hosted encryption service for protecting data in the cloud. The anti-malware capability protects individual virtual machines at the hypervisor level, eliminating the need for managing agents on each client VM. SecureCloud encrypts data to and from Infrastructure as a Service cloud improving security and compliance requirements.

Deep Security was among the first products to leverage VMware's vSafe API, which allows security vendors to make their products virtualization aware. The core Deep Security product is a "deep inspection" module that includes host-based IDS/IPS, Web application protection and application control. The other optional modules are firewall, log inspection and integrity monitoring.

The advantage to enterprises is the ability to manage security at the host device level, rather than on each VM. VSafe also enables enterprises to apply security policies to individual VMs and to traffic between VMs. It also provides visibility into the virtualized environment. This kind of visibility and control has been largely limited to virtualization-specific security vendors such as HyTrust and Altor Networks, but traditional security vendors such as Trend are beginning to take advantage of VMSafe as well as the vShield API, which allows security to be applied across logical zones.

Enterprises are asking about virtualization-specific security, said Forrester Research analyst Chenxi Wang, but she isn't sure they're spending a lot of money on it, at least not yet. The market for virtualization isn't large at this point, and there aren't that many organizations that have a highly virtualized environment that would benefit from the level of control and visibility these security products offer. That's bound to change.

"Trend Micro is looking to the direction in which the market is going," said Wang. "The population of organizations actually running virtual infrastructure isn't that big, but the trend of the future is people who will run their own virtualized infrastructure or outsource to either a hosted private cloud or a public cloud. That's why security companies are beginning to offer mechanisms for virtualized infrastructure in the data center."The anti-malware module simplifies configuration, update and patch management. It also assures that new VMs and VMs which may have been offline have current protection. Deep Security avoids the performance impact from serial anti-virus scans and updates. Enterprises using infrastructure as a service (IaaS) can leverage Deep Security by installing it on host servers in the cloud provider environment. Deep Security 7.5 is in beta and expected to be available in Fall 2010. Pricing starts at $1000/cpu socket.

The cloud encryption service, SecureCloud is also designed for IaaS scenarios. The service provides block encryption for mounted storage volumes by installing an agent on the cloud servers and retaining key management. Trend is building upon the encryption technology from its Identum acquisition in 2008, which serves as the basis of its e-mail encryption.

TrendMicro claims SecureCloud will facilitate movement from the data center to the cloud and eases portability between service providers, as it delivers control, security and compliance through encryption. When auditors come around, IT can say have policies and encryption in place reducing the scope of the audit. SecureCloud is available for beta trial now, initially for Amazon EC2, Eucalyptus and VMware vCloud services and will be generally available in Q4. Trend Micro also plans an on-premises product that will organizations to encrypt data in the cloud and manage their own encryption keys to be released in the first half of 2011.

"Today, encryption is only way a company gain a little bit of comfort in terms of data protection in cloud," said Forrester's Wang. "Otherwise any admin from the public cloud company can look at your data."