Fighting Security Ghosts In The Virtual Machine - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Fighting Security Ghosts In The Virtual Machine

Blue Lane Technologies debuts an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.

The unfettered growth of virtual machines means it's time to seize on the technology's capacity to improve security while avoiding new security pitfalls. That's exactly what Blue Lane Technologies had in mind Thursday when it introduced the equivalent of an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.

The company's VirtualShield software sits between the host server's hypervisor and its virtual machines and is designed to block malware from reaching virtual machines, which could be vulnerable to being exploited if their applications don't have the latest patches. "It puts a force field in front of server images; that was the 'a-ha' behind the product," says Blue Lane president and CEO Jeff Palmer, adding that, although VirtualShield is currently available only for VMware, there's nothing keeping Blue Lane from developing VirtualShield for other vendors' hypervisors.

Put another way, VirtualShield "plays zone defense" for all of a system's virtual machines rather than guarding each one individually," says Allwyn Sequeira, senior VP of product operations for Blue Lane Technologies. "We emulate the behavior of a patch, so you don't have to touch every server, although we're not replacing the patch itself."

VirtualShield isn't the only virtualization security out there, but its timing is just right. About two-thirds of the 150 senior IT executives recently surveyed by InformationWeek Research say their companies are implementing server virtualization. And IDC reports that more than two-thirds of all U.S. companies with 1,000 or more employees are currently deploying virtualization technology. That will only grow as key Linux players ratchet up their support for virtualization.

Red Hat earlier this week released Red Hat Enterprise Linux version 5 with Xen's open source hypervisor. Also this week, rival Novell announced that users of SAP NetWeaver and mySAP Business Suite can now implement instances of that software on virtual machines running SUSE Linux Enterprise Server 10, which ships with open source Xen. IBM has also contributed to virtualization security by developing a security extension called sHype that ties security policies to virtual machines. IBM has also contributed some of its sHype code to Xen.

In a virtualized environment, IP addresses change as virtual machines are created, disbanded, or moved from one physical server to another. Because most security is designed to associate an IP address with a location, it becomes harder for firewalls and intrusion-prevention systems to recognize the need to protect virtual machines, says Andreas Antonopoulos, an analyst with Nemertes Research. "That's not a problem with virtualization; it's a problem with security," he adds.

A big concern for Paul Asadoorian, lead IT security engineer at Brown University, is the possibility that one compromised virtual machine could infect all virtual machines on a server. "So many people have their servers connected to a private network but still allow Web surfing from a virtual machine on that server," he says, a situation that defeats the purpose of closing a server off to the public network. Reflex Security identified this problem and sells its Virtual Security Appliance, which creates and enforces security policies between virtual machines or even virtual networks.

In fact, virtual machines can improve a system's security in several ways. Virtual machines set up to run different applications within a host server can keep buffer overflow attacks from bringing down the entire server. That's because each virtual machine is allocated a certain amount of memory space and can't steal memory from an application running in another virtual machine.

Virtualization also aids in disaster recovery by making IT environments "more portable," says Burlington Coat Factory CTO Michael Prince. Given that disaster recovery is increasingly being considered a part of a company's security program, virtualization improves security by making it easier to recreate an IT environment damaged during an emergency replace crashed systems in an emergency, he adds.

Another aspect of virtual machine security that can't be overlooked is the ability to run multiple operating systems within the same server, creating a more diverse environment that can't be completely shut down by malware designed to specifically target Windows or Linux.

VirtualShield's strength is that it buys companies time until they can patch the applications and operating systems on their virtual machines. It may not solve all of the security challenges that virtualization brings, but it's a step in the right direction.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll