Trend Micro designed OfficeScan 10.5 to secure both physical and virtual desktops. What is driving virtual desktop infrastructure (VDI)?
The ability for an enterprise, or really any organization, to create this idea of a gold master, where just the applications that the corporation is worried about are guaranteed to be served to that user in this sort of container fashion, is a very attractive model from an efficiency perspective. It's also attractive from a control perspective, because you now know exactly what that user's application profile looks like. You can control it, you can set policy. In a lot of ways, there's a security aspect to it, because of the sense that you're now centralizing that image in some sort of protected environment…We've architected our products, beginning with OfficeScan 10.5, to support the front-end of that movement toward the cloud, and that's the concept of virtualization on servers, and now with VDI virtualization on the endpoint. What are the challenges of securing virtual desktops compared to the usual endpoint security protection?
Performance. Security represents a layer of [performance] overhead. There are a number of security concerns, whether it's a physical desktop or the image of a virtual desktop running as a VM, but now, because you're stacking those instances on a single physical server, you have to worry a lot more about performance. It's no longer this 1:1 relationship of the security application having full access to, in a sense, a dedicated processor to deal with the overhead associated with security, particularly around securing an endpoint for malware...That's where a lot of our engineering investment has gone. It's figuring out ways to secure the environment appropriately, but not impact performance in a way that interferes with the capacity to realize the benefits. Is desktop virtualization an SMB priority? An enterprise priority? Both?
We let the virtualization industry take the lead on that positioning… it's probably what we would characterize as a midmarket play and up; when you get to a point where there are somewhere north of five servers in an environment. It may be 100 machines or 100 endpoints. We've heard a lot, especially from VMware, on their big focus and push on the SMB space. We define our SMB space all the way down to 5 users. I wouldn't expect very much adoption of VDI down to an environment of 5-10 machines; it's probably not efficient or necessary. For partners selling this, what will they need to do next? How are you enabling them to sell it?
There are two strategies that Trend has embarked on. One is really around VDI, and the enablement strategy for our partners is that we're extending VDI support into that platform they already know. Within the OfficeScan 10.5 management console, it identifies the users within environments that are using virtual desktops and then it's simply aware of that hypervisor. It will secure it like it does now in the environments where the machine has an OS and a physical desktop.
The other strategy for virtualization security is a more robust platform called Deep Security, and it's more of a data center-centric value proposition. It's more server-oriented, although it does have the capacity to support endpoints. The real delineation is that for our OfficeScan-focused, endpoint-focused customers, OfficeScan has full VDI support. For the data center-centric customers, who often times are more worried about server security, it's a more complicated enablement process -- for data center virtualization security -- than simply a bigger platform with more capabilities and features. But with the training and certification process of our partners, it's really a question of understanding that partner's particular business ecosystem. Then it's a goal of aligning to their interests in terms of which security practice are they prioritizing first. Are they prioritizing their endpoint security practice, or are they prioritizing their data center security practice? Will your VDI capabilities be supported on all platforms?
It will be supported on all platforms. There are levels of integration that make the implementation of security within a virtual environment – I'll just use the expression more seamless [compared to the integration within other virtual environments].
These integration layers -- often times, you're integrating through [another vendor or product]. In the VMware case, there's a program like VMsafe [a set of APIs that VMware has opened up to security developers]. Now if that particular provider makes certain APIs available and the development can be more customized, then you can start talking about the kinds of seamlessness that might mean security capabilities that can be performed agentlessly. What do you think is holding back the adoption of virtual desktop infrastructures?
Just from a sales perspective, and I talk to customers every day, there are few places I go where virtual desktops are not deployed somewhere or in some form of pilot. None of our key channel partners are in any way de-emphasizing or not prioritizing VDI. I think it's a hot space. You'll see that sort of race to this first plateau of acceptance, really driven by the same thing we saw from servers: the servers where you didn't have mission-critical data. They weren't affecting a lot of production processes. They were sort of the low-hanging fruit of the way to deploy virtualization as a way to get efficient. How does Trend Micro leverage the cloud for security?
About five years ago, we embarked on a multimillion-dollar investment in this idea of security from the cloud. The manifestation of that strategy is something that we proudly call the Smart Protection Network. It's essentially our inter-connected data centers that are capturing all of the threat intelligence we receive on a global basis from all of our labs all over the world. And what we've created and innovated with this Smart Protection Network is the capacity to correlate that threat data, so whenever we learn through the examination of this email traffic – billion of emails are looked at, billion of URLs are looked at on a daily basis, and hundreds of millions of files are looked at – and we're able to determine the reputation of these email senders, we're able to determine the reputation of these URLs, and we're able to determine the reputation of these files. Because we've architected all of our products with an architecture we call "cloud-client," meaning all of our premise-based solutions communicate with the Smart Protection Network, we're able to prevent the vast majority of malicious activity from reaching the physically protected environment on the customer premise. How can existing partners best expand their offerings, given the recent and latest products and services from Trend?
There's now a new category of data protection products around encryption, around data leakage, around archiving that represent new opportunity for our channel partners… "Trend 2.0" helps protect customers and their data, helps customers achieve compliance, helps customers leverage cloud and virtualization and helps customers achieve better total cost of ownership (TCO) to take advantage of convergence… The [other] part of this strategy [related to TCO] is to provide that single pane of glass idea into the management of this comprehensive suite of products and solutions. Does this new value proposition require additional certifications? Which certifications are essential?
We do have some requirements for the upper tier of our partner community regarding some sales certifications. However, they're very flexible…We have a foundational certification, which we think is fundamental to help articulate the investments that Trend Micro has made in our client-cloud architecture, our Smart Protection Network. It really is a differentiator for our channel partners. That's a baseline foundation that we encourage partners to take, and we allow our partners to choose and customize the basic levels. If they're interested in our virtualization security message, we have Deep Security training, which is focused on compliance in server elements. We also have training certifications around our data loss prevention (DLP) solutions. It's very much a customizable program, allowing the partners to bake in the Trend products that make sense for the business, and then we provide them the educational path. What are the advantages of being 100% channel driven?
The idea that those partners are going to be consistent over time -- that develops into a trust. That's where the advantage comes in. When you're consistent over time, and you earn the trust with the channel, it gives you an advantage in the marketplace. I look at all our routes to market as some form of channel. And so, like any of these particular routes, I have dependencies, and my interest better be aligned to the interests of those channels. They have to be able to trust that you're going to be consistent so they can plan and build and have certainty that the partnership is going to be a good one.