Contact Us




Change Locale

Mind the gap with security in your virtualized data center [Trend Micro]

Enterprise Software | Posted on June 28, 2011 by Stephen Perciballi

Previously we gave a high level view of securing a virtual environment. We talked about security gaps in the post and one of the biggest gaps is the lack of visibility between virtual machines on the same server.

In a physical world, you have a network based Firewall and possibly a Unified Threat Management device securing the physical gateway into your network. What happens when you go virtual and the traffic doesn’t leave the physical host? Your Network IDS/IPS is rendered useless as it’s blind to interVM traffic.

Ok, so let’s put an AV client on each virtual machine, that should help right? Well, yes and no. Yes, it will protect the VM itself, but it’s not going help you get the consolidation rates you were promised when you invested in Virtualization.  Scheduled security scans kicking off at the same time cause “AV Storms” and can over utilize your ESX host resources.

What about those “gold images” you are using to provision new virtual desktops and servers? Chances are you are powering them down when you’re done using them.  When you consider how many threats are created every second of every day, coupled with OS patches released by various vendors, how do you ensure that the gold image is being updated before its being used again?

And who’s in charge of creating these VM’s anyway? The security guy? The network guy? We are seeing the same issue with server sprawl in the virtual world that we saw in the physical world. With virtual servers being only a click away, how do you ensure that they are secure before putting them into production?

Deep Security is virtualization aware and designed for a virtual environment and can help you:

  • Monitor InterVM traffic
  • Avoid AV Storms and help increase consolidation rates
  • Shield OS and Application vulnerabilities
  • Protection new VM’s as soon as they are created with no AV clients to configure or patch

So you can fill in the gap.

Related Articles

Enterprise Software | October 10, 2019 by Susana Byun

With hundreds of VMware ELA negotiations under our belt, we decided to shed some light on the situation. Below you will find a high-level summary of a recent webinar hosted by our VMware experts

Moving to SAP HANA is a lot like moving to a new home. The destination is exciting, but the process of moving isn’t. For most enterprises, migration brings significant difficulties. It’s tempting to just put it off.

Enterprise Software | June 3, 2019 by Susana Byun

Signing up for the VMware Enterprise Licensing Agreement (VMware ELA) is a major undertaking, one that comes with many questions and considerations.