Trend Micro, AWS Deliver Transparent, Inline Network Security for Enterprise Clouds

Trend Micro is taking new steps to help enterprises using Amazon Web Services to better deliver network security for cloud and hybrid operations.  IDN looks at Trend Micro Cloud Network Protection, along with the firm's other cybersecurity updates.

Tags: AWS, cloud, EC2, hybrid, inline, IPS, network, patching, transit gateway, Trend Micro, ZDI,

Trend Micro is taking new steps to help enterprises using Amazon Web Services better deliver reliable network security for hybrid and cloud operations with the release of Trend Micro Cloud Network Protection.


The new offering aims to simplify the deployment of  network security for hybrid environments and automates runtime protection for cloud workloads at scale while maintaining visibility or control.


Thanks to Trend Micro/AWS cooperation, users can deploy the solution quickly without impacting networks. This is because the security solution fits seamlessly into an existing cloud network fabric, according to Trend Micro officials.


“We consistently hear from customers that they face significant operational hurdles with today’s firewall-based approaches to cloud network security,” said Steve Quane, Trend Micro executive vice president of network defense and hybrid cloud security in a statement. Complex requirements can make cloud and hybrid security challenging to design and deploy, he added.


Trend Micro Cloud Network Protection aims to provide “transparent deployment” into the network fabric. With it, users gain scalable security and continuous visibility – without having to rearchitect their security, Quane said.


Trend Micro Cloud Network Protection also provides a single view and centralized management to manage cloud, on-premises, or virtual networks using the same interface.


Under the coves, Trend Micro Cloud Network Protection leverages the company’s TippingPoint Threat Protection System. This approach means users can extend existing TippingPoint network protection to work for hybrid cloud environments.  Threat protection features include virtual patching, vulnerabilities shielding, exploit blocking, and defense against known and zero-day attacks.


In specific, Trend Micro Network Cloud Protection works with AWS Transit Gateway.   The AWS Transit Gateway plays a crucial role, as it simplifies routing between Amazon Virtual Private Clouds and on-premises networks. In turn, Amazon VPC (virtual private cloud) acts as a hub that controls traffic routing among all connected spokes, according to Trend Micro and AWS execs.

This Trend Micro/AWS combination results in less complexity when designing and deploying the solution as well as eliminating disruptions that can come with implementing network security for cloud and hybrid projects.    Further, the Trend Micro and AWS technologies work together to provide compliance, virtual patching (IPS), and post-compromise detection.


Trend Micro Cloud Network Protection is now available for AWS Transit Gateway.   For customers with particularly demanding network traffic, the option to deploy on FPGA accelerated instances will be available with Amazon Elastic Compute Cloud (Amazon EC2) F1.


Trend Micro/AWS Network Security Comes as Enterprises Search for Simpler Solutions

Trend Micro Cloud Network Protection was released as customers continue to look for ways to simplify their attempts to extend security to the cloud, company officials said. 


The offering comes as AWS takes more steps to bring easier ways to deploy and manage security for AWS users.   “As companies move and scale their infrastructure in the cloud, they are looking for ways to easily insert and manage security appliances in their network topologies.  said Dave Brown, vice president for AWS’ EC2 Compute & Networking Services.


“Cloud security is the highest priority for AWS, and we are committed to helping customers achieve the highest levels of security in the cloud. As companies move and scale their infrastructure in the cloud, they are looking for ways to easily insert and manage security appliances in their network topologies,” Brown added.


Among the features and benefits to Trend Micro Cloud Network Protection are:

Network-based virtual patching. To allow users to deploy intrusion prevention system (IPS) security at the network level to for workload protection against network threats. This also lets users secure VPCs rapidly with required compliance.


Zero-day protection. To let users tap into Trend Micro ZDI (Zero Day Initiative) bug bounty program to gain string protection before a vulnerability disclosure. 


Flexible deployment.  Enables admins to insert cloud network security where needed, without complex cloud formations, which can require thousands of lines of code), network re-architecture or re-IP-ing.


Inspection at network speed: To allow for the inspection of traffic at high-speed, without latency.


Portable licensing model. Users have the option of a bring-your-own-license (BYOL) approach (to preserve existing Trend Micro TippingPoint investments). Users can apply licenses to protect cloud, on-premises, and virtual on a flexible, as-needed basis.


Seamless, stateless, transparent. Because TippingPoint’s flow-based engine does not maintain state (as a firewall does), it supports fast and straightforward insertion and removal of inline inspection without impacting the network or apps. 


Simplicity for inspection. It can inspect both ingress and egress traffic up to 10 Gbps with a single pair of Amazon EC2 instances with high-availability. This avoids the need to deploy additional load balancers.

For customers with particularly demanding network traffic, the option to deploy on FPGA accelerated instances will be available with Amazon Elastic Compute Cloud (Amazon EC2) F1.


“We’re very excited about what Cloud Network Protection would allow for our network security in the cloud,” said Alex Tarte, IT Security & Risk Manager and Chief Information Security Officer of Copa Airlines. “This solution will allow us to have frictionless security operations for our business applications while meeting the scale and performance demands of our business.


Trend Micro Cloud Network Protection for AWS Transit Gateway is the first implementation available, Quane noted, with multiple other deployment models planned to follow.


Trend Micro XDR Offers Consolidated Views To Quiet  ‘Alert Overload’

Trend Micro has also launched a new integrated detection and response solution for threat detection, visibility and protection. The key is that it looks and protects across email, network, endpoint, server and cloud workloads.


Trend Micro XDR aims to combat what the company calls “alert overload” to help security teams to detect and focus on essential signals – while having the confidence to ignore lesser important alerts. 


One of the ways Trend Micro XDR aims to amplify the ‘signal-to-noise’ ratio for security teams is to reveal a more global understanding of stand-alone events. These isolated events may often seem minor, but when combined with other events – across multiple silos – such events could signal higher risks, according to Trend Micro execs.


This ‘alert overload’ is becoming a more significant issue, as security teams receive more than 10,000 security alerts – every day, according to an SC Media survey. 


“The threat landscape is unrelenting and the skills gap is nearly unsolvable, so we have done more to help,” Quane noted in a statement. Business security cannot rely on endpoints alone.


Trend Micro XDR looks to break the mold of traditional EDR (endpoint detection and response) solutions by breaking down data silos to provide admins more correlation and context for an exploding number of events. 


In specific, Trend Micro XDR connects detections, telemetry, process data, and network metadata across email, network, endpoint and cloud workloads. It then uses automation to correlate events to avoid the need for human monitoring and calculations. Trend Micro also adds global threat intelligence and rules from its security expertise programs.


To bring together more data, Trend Micro XDR applies expert analytics and AI to “activity data” collected from its native sensors in the environment to produce fewer, higher-fidelity alerts.


As the Trend Micro site described it, “With more context, events that seem benign on their own suddenly become meaningful indicators of compromise, and you can quickly contain the impact, minimizing the severity and scope.”


“Unlike legacy EDR offerings that ignore certain key threat vectors like email, we scale across more sources for the complete detections generated as early as possible,” Quane added.


In Trend Micro’s XDR solution, the “X” refers to the most extensive sets of data from more protection points, which is critical to find hidden threats, he added.