Blue Lane Technologies debuts an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.
The unfettered growth of virtual machines means it's time to seize on the technology's capacity to improve security while avoiding new security pitfalls. That's exactly what Blue Lane Technologies had in mind Thursday when it introduced the equivalent of an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.
The company's VirtualShield software sits between the host server's hypervisor and its virtual machines and is designed to block malware from reaching virtual machines, which could be vulnerable to being exploited if their applications don't have the latest patches. "It puts a force field in front of server images; that was the 'a-ha' behind the product," says Blue Lane president and CEO Jeff Palmer, adding that, although VirtualShield is currently available only for VMware, there's nothing keeping Blue Lane from developing VirtualShield for other vendors' hypervisors.
Put another way, VirtualShield "plays zone defense" for all of a system's virtual machines rather than guarding each one individually," says Allwyn Sequeira, senior VP of product operations for Blue Lane Technologies. "We emulate the behavior of a patch, so you don't have to touch every server, although we're not replacing the patch itself."
VirtualShield isn't the only virtualization security out there, but its timing is just right. About two-thirds of the 150 senior IT executives recently surveyed by InformationWeek Research say their companies are implementing server virtualization. And IDC reports that more than two-thirds of all U.S. companies with 1,000 or more employees are currently deploying virtualization technology. That will only grow as key Linux players ratchet up their support for virtualization.
In a virtualized environment, IP addresses change as virtual machines are created, disbanded, or moved from one physical server to another. Because most security is designed to associate an IP address with a location, it becomes harder for firewalls and intrusion-prevention systems to recognize the need to protect virtual machines, says Andreas Antonopoulos, an analyst with Nemertes Research. "That's not a problem with virtualization; it's a problem with security," he adds.
A big concern for Paul Asadoorian, lead IT security engineer at Brown University, is the possibility that one compromised virtual machine could infect all virtual machines on a server. "So many people have their servers connected to a private network but still allow Web surfing from a virtual machine on that server," he says, a situation that defeats the purpose of closing a server off to the public network. Reflex Security identified this problem and sells its Virtual Security Appliance, which creates and enforces security policies between virtual machines or even virtual networks.
In fact, virtual machines can improve a system's security in several ways. Virtual machines set up to run different applications within a host server can keep buffer overflow attacks from bringing down the entire server. That's because each virtual machine is allocated a certain amount of memory space and can't steal memory from an application running in another virtual machine.
Virtualization also aids in disaster recovery by making IT environments "more portable," says Burlington Coat Factory CTO Michael Prince. Given that disaster recovery is increasingly being considered a part of a company's security program, virtualization improves security by making it easier to recreate an IT environment damaged during an emergency replace crashed systems in an emergency, he adds.
Another aspect of virtual machine security that can't be overlooked is the ability to run multiple operating systems within the same server, creating a more diverse environment that can't be completely shut down by malware designed to specifically target Windows or Linux.
VirtualShield's strength is that it buys companies time until they can patch the applications and operating systems on their virtual machines. It may not solve all of the security challenges that virtualization brings, but it's a step in the right direction.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.