Deep Security & vShield Endpoint : Is Endpoint for free or at cost ?

This is a question I get often : When implementing Deep Security do we (as the client) need to purchase vShield Manager or vShield Endpoint for the solution at extra costs ? Well Simple answer is NO ! vShield Endpoint is for free with ESXi Standard, Enterprise and Enterprise + editions. Here is the link to the VMware ESXi Editions comparison site. I took a screenshot of the section of the page that indicated the inclusion of vShield Endpoint :   The next question is around vShield Manager. vShield Endpoint is a function of vShield Manager, thus you need to deploy vShield Manager in your environment. If you are entitled to ESXi and vCenter as a licensed product you will...
Continue reading »

Using Infrastrature Navigator for Firewall Rules

I was at a client yesterday that were nearly 100% virtualized, talking about our IPS and Firewall Solutions using Deep Security on ESXi. One of the topics we talked about was how to create firewall rules and what do you was them on if you have an environment that have multiple application communicating to each other. The easy answer for me was that the client could use VMware vCenter Infrastructure Navigator. I have been using this in my lab also to give me insight to what VM and application is communicating to what other VM’s. The information returned by Navigator is very useful in the sense that is presents you with a map of a VM and the following information...
Continue reading »

Deep Security : Securing Business Critical Monster VM’s : Part 2

In the second part of this series I want to take the the time to explain how Agent-Less Security works using Deep Security with VMware ESXi and vShield Manager. Agent-Less Security have been out for a while now and at my days at VMware I did some testing with Agents installed and without. These tests were just in a lab with stop watches but even then we could see a 10-20% speed increase using Agent-Less(Note : TESTS WAS DONE IN LAB..NOT OFFICIAL). So lets start of with how the implementation is done to use Agent-Less. From a Deep Security perspective you need the following software : Deep Security Manager (DSM) Deep Security Virtual Appliance – The DSVA is deployed as...
Continue reading »

Deep Security : Securing Business Critical Monster VM’s : Part 1

Monster VM’s and Business Critical VM’s is a very interesting topic especially from a design perspective. I have been reading a lot from Michael Webster and Sunny Dua about design considerations on these type of VM’s. You should check there blogs out as they really good points of reference.  What I thought I wanted to add on is from a Security perspective around adding Security to these VM’s. Topics that came to mind was around Patching and Firewalls and Malware and how to protect these VM’s with the minimal impact to performance and downtime.  The product that I will be referring to is Trend Micro’s Deep Security. Agent-Less Protection This is an important technology that enabled Agent -Less scanning of Malware...
Continue reading »

Deep Security , Veeam & VMware : Instant Recovery…Instant Protection

So what do I mean with this ? While I was doing the Webinar on Compliance and Backups I got the idea to see if I can protect a VM that is being recovered by Veeam’s Instant Recovery using VMware’s vShield Manager and Agent-Less AV ability. So lets look at the product set we going to use for this : Deep Security Deep Security have the ability to protect VMware Virtual Machines from Malware, Web Threats, Firewall and Intrusion Detection/Prevention using Agent-Less technology. Thus there is no in guest agent needed to protect the VM from all these threats. Veeam Veeam have this cool feature’s that is called vPower and Instant Recovery. Basically with vPower Veeam can mount the backup...
Continue reading »