Fighting Security Ghosts In The Virtual Machine - InformationWeek
04:22 PM

Fighting Security Ghosts In The Virtual Machine

Blue Lane Technologies debuts an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.

The unfettered growth of virtual machines means it's time to seize on the technology's capacity to improve security while avoiding new security pitfalls. That's exactly what Blue Lane Technologies had in mind Thursday when it introduced the equivalent of an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.

The company's VirtualShield software sits between the host server's hypervisor and its virtual machines and is designed to block malware from reaching virtual machines, which could be vulnerable to being exploited if their applications don't have the latest patches. "It puts a force field in front of server images; that was the 'a-ha' behind the product," says Blue Lane president and CEO Jeff Palmer, adding that, although VirtualShield is currently available only for VMware, there's nothing keeping Blue Lane from developing VirtualShield for other vendors' hypervisors.

Put another way, VirtualShield "plays zone defense" for all of a system's virtual machines rather than guarding each one individually," says Allwyn Sequeira, senior VP of product operations for Blue Lane Technologies. "We emulate the behavior of a patch, so you don't have to touch every server, although we're not replacing the patch itself."

VirtualShield isn't the only virtualization security out there, but its timing is just right. About two-thirds of the 150 senior IT executives recently surveyed by InformationWeek Research say their companies are implementing server virtualization. And IDC reports that more than two-thirds of all U.S. companies with 1,000 or more employees are currently deploying virtualization technology. That will only grow as key Linux players ratchet up their support for virtualization.

Red Hat earlier this week released Red Hat Enterprise Linux version 5 with Xen's open source hypervisor. Also this week, rival Novell announced that users of SAP NetWeaver and mySAP Business Suite can now implement instances of that software on virtual machines running SUSE Linux Enterprise Server 10, which ships with open source Xen. IBM has also contributed to virtualization security by developing a security extension called sHype that ties security policies to virtual machines. IBM has also contributed some of its sHype code to Xen.

In a virtualized environment, IP addresses change as virtual machines are created, disbanded, or moved from one physical server to another. Because most security is designed to associate an IP address with a location, it becomes harder for firewalls and intrusion-prevention systems to recognize the need to protect virtual machines, says Andreas Antonopoulos, an analyst with Nemertes Research. "That's not a problem with virtualization; it's a problem with security," he adds.

A big concern for Paul Asadoorian, lead IT security engineer at Brown University, is the possibility that one compromised virtual machine could infect all virtual machines on a server. "So many people have their servers connected to a private network but still allow Web surfing from a virtual machine on that server," he says, a situation that defeats the purpose of closing a server off to the public network. Reflex Security identified this problem and sells its Virtual Security Appliance, which creates and enforces security policies between virtual machines or even virtual networks.

In fact, virtual machines can improve a system's security in several ways. Virtual machines set up to run different applications within a host server can keep buffer overflow attacks from bringing down the entire server. That's because each virtual machine is allocated a certain amount of memory space and can't steal memory from an application running in another virtual machine.

Virtualization also aids in disaster recovery by making IT environments "more portable," says Burlington Coat Factory CTO Michael Prince. Given that disaster recovery is increasingly being considered a part of a company's security program, virtualization improves security by making it easier to recreate an IT environment damaged during an emergency replace crashed systems in an emergency, he adds.

Another aspect of virtual machine security that can't be overlooked is the ability to run multiple operating systems within the same server, creating a more diverse environment that can't be completely shut down by malware designed to specifically target Windows or Linux.

VirtualShield's strength is that it buys companies time until they can patch the applications and operating systems on their virtual machines. It may not solve all of the security challenges that virtualization brings, but it's a step in the right direction.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll