Confidence in the Cloud – with Symantec and Fujitsu

VISIT 2010 – Fujitsu Forum Europe 1

Cloud Computing – Room 13b

Shapingtomorrowwith you.

Confidence in the Cloud –with Symantec and Fujitsuwith you. y j

Andreas ZeitlerVice President EMEA Central, Symantec

10:00 h10:00 h

VISIT 2010 – Fujitsu Forum Europe

3

Confidence in the cloud –i h ji dwith Fujitsu and Symantec

Andreas ZeitlerRegional Vice President EMEA Central

4

MegatrendsMegatrends

• Consumerization of IT

• IT‐ization of Consumer

• Mobility

• Virtualization

• CloudCloud

• Social networks

5

IT Must Evolve to Meet New DemandsIT Must Evolve to Meet New Demands

InformationInformation--CentricCentricCentricCentric

SystemSystem--SystemSystemCentricCentric

• Driver: Business automation

• Driver: Agility with collaboration and knowledge sharing

• Data: Distributed unstructured• Data: Centralized, structured

• Infrastructure: Physical

Data: Distributed, unstructured

• Infrastructure: Virtual, cloud, outsourced

• IT focus: Systems tasks • IT focus: Information tasks

6

The Information‐Centric Model

7

Three challenges of todayThree challenges of today

8

Stuxnet – FactsStuxnet – Facts

9

Stuxnet: Incursion

• Spreads by copying itself to USB drives

LNK vulnerabilityAttacker Victim

– LNK vulnerability

– Autorun.inf

• Spreads via network shares

• Spreads using 3 known and 2 Zero‐day Microsoft vulnerabilities

MS08 067 (vulnerability used by Conficker)Employee

– MS08‐067 (vulnerability used by Conficker)

– LNK: allows automatic spreading via USB keys

– Printer Spooler: allows network spreading to remote machines

Co workers

remote machines

– Undisclosed 1: local privilege escalation vulnerability

U di l d 2 l l i il l tiCo‐workers – Undisclosed 2: local privilege escalation vulnerability

• Default password in Siemens WinCC

10

Denmarkmypremierfutbol.commypremierfutbol.com

••Malaysia

todaysfutbol.com

••

y


••Malaysia

todaysfutbol.com

••

y


••Malaysia

todaysfutbol.com

••

y

The victim: S7‐315‐2 and 417 –plus the new 1200 seriesplus the new 1200 series

Siemens S7‐300

14

Percentage of Stuxnet infected hosts withSiemens Step 7 software installerdSiemens Step 7 software installerd

15

Number of new infections by countryNumber of new infections by country

16

Fararo Paya und Vacon2 – 807 – 1410 Hertz for months2 – 807 – 1410 Hertz for months

17

First install of StuxnetFirst install of Stuxnet

18

Infection mechanismInfection mechanism

19

White: Stuxnet Yellow: original Simatic files used for by Stuxnet

f d bl kGrey: System functions Green: Stuxnet data blocks20

How to protect agains Stuxnet

Application hardening

• Symantec Critical System Protection Policies in kernel filter driver mode

Application hardening

•Identify inappropriate access to sensitive information•Identify and clean up internal data spills

Data Loss Prevention

y p p

•Many infection vectors appear to be delivered by removable media

Removable Media Device Control

•Many infection vectors appear to be delivered by removable media•Restrict automatic launch of content on removable media

Hardening of Information-Repositories

•Core repositories of intellectual property are primary targets

g p

21

Symantec’s Enterprise Vision

Confidence in the Connected World

S d f i iSecure and Manage Your Information‐Driven Enterprise, across Physical, Virtual, and Cloud

22

Dynamic infrastuctureDynamic infrastucture

Manage Take Advantage Leverage Hosted Private Clouds of Public Clouds Services

2323

Dynamic InfrastructuresDynamic Infrastructures

Dynamic Infrastructures

Managed Infrastructure

Managed OfficeManaged Data Center

Managed Maintenance

ServiceDesk

Infrastructure Workplace as a S S i S S i

Managed Maintenance

Infrastructure as a service

o p ace as aService

Server as a Service Storage as a Service

Infrastructure Solutions Office SolutionsData Center Solutions

Infrastructure Products & Services

Network

Server ClientsStorage

Infrastructure Software

Copyright 2010 FUJITSU LIMITED

24

Symantec Infrastructure Solutions for Cloud Computingfor Cloud Computing

Cloud Requirements

KeyTechnologies

Symantec SolutionsRequirements Technologies

Virtualized servers

Virtualized storage

Solutions

Security & Compliance

Storage ManagementService-based

Scalable and Elastic Virtualized storage

Scale out architectures

Automated HA/DR

C dit HW

Storage Management

Clustered Storage

Backup and Archive

A il bilit

Scalable and Elastic

Shared

Quality of ServiceCommodity HW Availability

Endpoint Virtualization

Cloud Advisory Svcs

25

Symantec ‘s IT Security Strategy – also for clouds

Develop and EnforceDevelop and Enforcell

Policy Driven and Risk BasedIT PoliciesIT Policies

Information andProtect the Information Information and Protect the Information

Authenticate Identities Identity Centric

Well Managed over aManage Systems

Protect the InfrastructureProtect the Infrastructure Secure InfrastructureProtect the InfrastructureProtect the Infrastructure Secure Infrastructure

26

Symantec as a provider of cloud technologies

SLAActual

September 2010

Symantec as a provider of cloud technologies

AntiSpam effectiveness 99% 99.99997%

Spam false positive rate 0.0003% 0.000008%

AntiVirus false positive rate 0.0001% 0.000005%

Email & Web Service Availability 100% 100%

Average Web scanning time 100 ms 30.2 ms

27

billionemails in September 91.7% spampbillionweb requests inweb requests in SeptemberMillion pieces of Malware capturedi S t 2010

1 million only by Sk tiin Sept 2010

Thousand new websites w/

Skeptic

malware or spyware were detected in Sept 2010

28

Symantec isSymantec

Symantec is #1 in SaaS

G l

Other SecurityGoogle

MicrosoftIntelIntel (McAfee/MX Logic)

IDC: Worldwide Messaging Security SaaS Revenue by Vendor July 200929

29

31k

33k

11m

12m

27k

29k

10m

11m

21k

23k

25k

8m0

9m

17k

19k

21k

6m

7m

15k 5m Q1

FY09Q2 Q3 Q4 Q1

FY10Q2 Q3 Q4 Q1

FY`11Q1

FY09Q2 Q3 Q4 Q1

FY10Q2 Q3 Q4 Q1

FY`11

Thousand Thousand businessesbusinesses

MillionMillionusersusersbusinessesbusinesses usersusers

3030

SaaS Adoption –our shared opportunity with Fujitsuour shared opportunity with Fujitsu% of Companies Adopting Hosted Email Security

54%54%UKNordicsUS

38%USGermany

22%18%

26% 27%

15%

20%

26%

11% 13% 11%15%

5%9%

0% 1%

SoHO Small Business Medium Business Enterprise

3131

Confidence Enables the CloudConfidence Enables the Cloud

Trust between cloud service providers

C fid

Trust between cloud service providers and cloud service consumers is the key enabler of the cloud model.

Information Governance

Confidence

Information Privacy

Information Management

I f ti S it

Information Availability

Information Security

32

Thank you!Thank you!yy

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Thi d t i id d f i f ti l l d i t i t d d d ti i All ti l ti t th i f ti i thi d t ith i li dThis document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

33

Digital information increased 73 percent in 2008 to an estimated g p487 billion gigabytes

80‐100 million virtual machines are being created per year or 273,972 per day or 11,375 per hour.

Number of physical servers in the World today: 50 million

By 2013 60 percent of servers workloads will be virtualized

“Market for Enterprise Cloud servers will grow from $8 4 billionMarket for Enterprise Cloud servers will grow from $8.4 billion opportunity in 2010 to $12.6 billion in 2014 (IDC)

34

Symantec Solutions for Virtualization and Cloud ComputingComputing

• Symantec helps customers adopt virtualization and cloud computing with confidence:

– Manage Private Clouds

– Take Advantage of Public Clouds

L H t d S i– Leverage Hosted Services

• Adopt an Information‐centric Model to secure and manage across physical virtual and cloudacross physical, virtual, and cloud

35

Encryption / ERM

EmailSecurity

Remote Access/ Monitoring

Encryption / ERM DLP

Web SecurityEndpoint Management

Monitoring

ArchivingBackup

Endpoint Protection

Addressable market in 2013

3636

%%

Partners are d i iPartners are d i idriving more driving more of our growthof our growth

3737

Cloud Services and Deployment ModelsCloud Services and Deployment Models

Types of Cloud ServicesTypes of Cloud Services

Infrastructure (IaaS)Servers, Storage

Platform (PaaS)Middleware

Software (SaaS)Applications

Cloud Deployment Models

Services available to Public

Private and public Hybrid

Services provided by Private

p y

the general public services coordinated to provide a solution

a single entity on behalf of that entity

38

Finding ROI in the CloudFinding ROI in the Cloud

“A hybrid model will, and should, predominate for the next 10 years.” Gartner 2009Gartner 2009

39

Top Challenges in Moving to a Private or Public CloudTop Challenges in Moving to a Private or Public CloudSecurity/Compliance

Price

Immature Technology

Availability

Integration w/ Existing IT PublicPrivate

Staff Skill Sets

Availability

Ability to meet SLAs

Change in Policies/Processes

0 10 20 30 40 50 60 70 80

Vendor Lock‐in

0 10 20 30 40 50 60 70 80Source: IDC, Cloud Computing Attitudes, April 2010, n = 255.

40

Targeted AttacksTargeted Attacks

53% of providers of critical infrastructure have seen targeted attacks against their

Infrastructure in the last twelf months. On average they had 2 attacks.g y

41

42