Server Security for the Modern IT Ecosystem

A Changing Landscape

In recent years we’ve seen a fundamental shift in the IT landscape, accelerated towards cloud and containerized infrastructures. According to Forbes, by 2020 it is predicted that 83 percent of enterprise workloads will be in the cloud. Moving beyond the cloud, software development teams are driving further change with the adoption of microservice architectures and containers, a market poised to grow over 40 percent year over year. The adoption of these new technologies signals a major change in IT infrastructures for modern enterprises. However, this transition is not always seamless, and it can be difficult to refactor legacy applications for a new technology stack. As a result, teams are building and deploying applications across a variety of environments, including physical machines, virtual machines, containers, and cloud infrastructures. While these new technologies offer great benefits in terms of agility, scalability, and continuous integration (CI)/continuous delivery (CD), they also add a layer of complexity to security that can expose the organization to vulnerabilities and threats. Overall, the combination of new application technology with existing legacy architectures and deployment models leads to greater IT complexity, making it extremely difficult to achieve consistent security across the organization.

A Growing Threat to Servers

Enterprise security has traditionally been thought of as primarily an endpoint issue, however, the modernization of the IT landscape is resulting in attacks from all directions. Servers have become an important target for cybercrime, with more than 145 million U.S. citizens having their data compromised by the Equifax server breach. In recent years, we’ve seen a number of high-profile server-targeted vulnerabilities. For example, the Equifax attack leveraged a server-side vulnerability in the Apache Struts web application framework, and Heartbleed directly targeted servers to reveal private data.

Servers are the workhorses of the IT environment, and server workloads have fundamentally different security requirements from traditional endpoint protection. As threats increase in sophistication, there is no single miracle fix to server protection. Rather, it requires multiple techniques through a layered security approach. Security and risk managers should utilize offerings dedicated to cloud workload protection, or cloud workload protection platforms (CWPP). As stated in Gartner’s 2018 Market Guide, “The market for cloud workload protection platforms (CWPPs) is defined by offerings specifically designed for server workload-centric security protection and are typically agent-based for deep workload visibility and attack prevention capabilities.”* 

Market-Leading Performance

Additionally, Trend Micro believes that the Deep Security™ platform meets many capabilities and architectural considerations listed in Gartner’s Market Guide for Cloud Workload Protection Platforms.

Deep Security offers recommendations through the following:

  • Seamless integration with leading environments, including AWS, Azure®, and VMware®
  • Complete visibility and protection of workloads
  • Automatic discovery and deployment of security controls
  • Security integrated with your DevOps team’s toolsets
  • Support for microservices architectures and Docker® container protection

This is all done with minimal impact on performance, allowing companies to maintain their agility without sacrificing security. Learn more about our Hybrid Cloud Security solutions, and contact us to discover what makes Trend Micro the number one provider of corporate server security.

Sources:
*Gartner, “Market Guide for Cloud Workload Protection Platforms”, Neil MacDonald, 26 March 2018 G00328483. 
451 Research’s Market Monitor: Cloud Enabling Technologies, Q3 2016
Trend Micro, “Critical Remote Code Execution Vulnerability (CVE-2018-11776) Found in Apache Struts”
https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/critical-remote-code-execution-vulnerability-cve-2018-11776-found-in-apache-struts

Read More HERE