Piszki Lab | EN

My case study in the clouds…

Trend Micro Deep Security 10 – What’s new?

| 0 comments

On this blog many times I wrote about Trend Micro Deep Security, I believe this product to be one of the most interesting on the market. Deep Security provides a comprehensive protection to VMware vSphere. Here we have agents and agentless anti-virus protection, HIDS, IPS, inspection logs, and the newly introduced, application control. Trend Micro develops its product in a sustainable manner, new versions appear not too often but quite regularly. In this post I will try to describe briefly what’s new in Trend Micro Deep Security 10.

deep2

The most important change in the Deep Security that it is based on XGen Security, it is a Trend Micro proprietary solution which you can read here. XGen solution combines many Trend Micro products into one cohesive ecosystem, for example, Deep Security 10 integrates with Deep Discovery. It is a hardware-based solution that can analyze (eg. the detected virus) in an isolated virtual environment (Sandbox). The latest version of Deep Security introduces even greater integration with cloud-based services, Amazon Web Services, Microsot Azure and VMware vCloud, hence, there was support for the Docker containers. There was also a new, intuitive interface consistent with other Trend Micro products. Also now we have new look in download center.

deep1

Upgrade version 9.6 to 10 takes place normally and entails no problems, the installer itself checks whether all the components are compatible.

deep3

After logging in, the system widgets is preserved with this as it was in the previous version, the new interface looks very neat.

deep4

Use and service Deep Security 10 is exactly the same as the previous version. The most obvious interface change is the addition of the Application Control. In this moment only supported operating systems is Red Hat and CentOS linux, in the future it is planned to extend this functionality to other Linux and Windows systems. Application Control is a creative development of SeLinux mechanism (Security Linux). It works exactly the same (detects changes in the operating system), and behaves the same (blocks not approved changes). With this small difference that we do not have anything to do with the VM console, all performed operations is at the level of the Deep Security interface.

deep5

The application control gives us insight into what is going on inside the VM, we see new applications, we can approve or reject. While in the Linux system this is not a novelty, it its introduction in Windows will be quite revolutionary. Security department will have total control over what is happening in the protected area.

deep6

As you can see, if you monitor apache web server, you also monitor all page files.

deep8

Another novelty which boasts Trend Micro is a so-called Smart Folders. This is a functionality based on vCenter attributes (Custom Attributes) and allows you to construct a specific search folders under Computers. Search is based on the attributes added to VM from the vSphere Web Client.

deep10

Attribute mapping on the Deep Security side.

deep9

Useful? This funcjonality automates the views which, combined with a variety of roles at Deep Security, enables efficient access allocation to environments for each Deep Security user. In conclusion, Trend Micro Deep Security 10 is a step in the right direction, a lot of news but without revolutionary changes.

Rate this article:
[Total: 1    Average: 3/5]

Author: Piotr Pisz

Computer always, since I got a Commodore 64 at the end of primary school, through his beloved Amiga and Linux infinite number of consoles, until today, fully virtual day. Since 2001, Unix/Linux Systems Administrator, for seven years a faithful companion and protector of Solaris system, until his sad end. In the year 2011 came in the depths of virtualization, then smoothly ascended into the clouds and continues there today. Professionally working as Systems Architect in the Polish Security Printing Works.

Leave a Reply

Required fields are marked *.


.

Enjoyed the post? Support Piszki Lab | EN, click on the AD! :-)

.