The Right Security Tools - InformationWeek
04:45 PM

The Right Security Tools

To bring VM sprawl under control, virtual deployments need the same controls as physical deployments.

Sure, security risks to your virtual systems exist. Some are rare, like virtual rootkit attacks and other theoretical vulnerabilities. Others are more practical, such as the potential loss of visibility into intraserver network traffic on a physical host. And because it's so easy to deploy virtual machines, it's easier than ever for servers to spawn like dandelions--so-called VM sprawl. This creates the risk of unauthorized, rogue servers being deployed.

But these risks are no different than the risks organizations face every day securing their physical networks. To bring VM sprawl under control, virtual deployments need the same controls as physical deployments. Server-hardening practices, penetration tests, and whatever procedures are followed by physical deployments must be followed by virtual ones. When it comes to securely introducing and managing virtualization to production environments, success in enforcing these basic practices is half the battle.

Security success has always involved the right mix of smart people, good processes, and solid technologies. What's made virtualization security different is that, until recently, few virtualization-specific security and management tools were available to get the job done. Fortunately, startups are rapidly filling this void.

InformationWeek Reports

Consider newcomers Altor Networks and Fortisphere. Both promise to help keep those sprouting VMs under control. Altor's Virtual Network Security Analyzer spots and manages virtualized network traffic, while Fortisphere's operational life cycle manager, Virtual Insight, inspects, tags, tracks, and reports on all virtual machines as they move throughout preproduction and production systems.

George V. Hulme

A number of startups are promising to bring established network security tools to the hypervisor.
Another startup, Blue Lane Technologies, provides virtual patch and security protection for hosted VMs as well as physical servers--a useful shield to help calm the maddening patching process.

One of the unique challenges to securing virtualized environments is the loss of visibility by traditional network security tools into intrahost VM traffic (see story, "Virtualization Has A Security Blind Spot"). As a workaround, many companies segment their intraserver traffic and route it to their wired network where it can be vetted by traditional intrusion-prevention systems, anti-malware software, and traffic analyzers.

This is a kludgy solution at best. What's needed is a way to bring those established network security tools to the hypervisor, and a number of startups are promising to do just that.

Catbird Networks' HypervisorShield protects the hypervisor management network from unauthorized access. The company also provides what it calls a VMware hypervisor-specific intrusion-prevention system for virtual subnets, so companies routing virtual traffic out to the physical wire may not have to perform such LAN gymnastics any longer. And Montego Networks' HyperSwitch integrates network policy enforcement and access control into virtual switches for policy-based virtual network partitioning and switching, as well as load balancing.

Then there's Reflex Security, an old-school IPS vendor that recently retooled itself to specialize in virtualization security. Its Virtual Security Appliance profiles virtualized assets and traffic flows and offers intrusion prevention, anti-malware, and other security capabilities to the hypervisor.

While business will have to keep an ear open for those theoretical hypervisor vulnerabilities, they'll want to keep both eyes focused on operational controls and choosing the virtualized security systems that make sense for their environments.

Illustration by Dan Page

Return to the story:
Virtualization Has A Security Blind Spot

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll