Contact Us

|

Careers

|

Change Locale
close

A Stark Reminder Of The Need For Virtual Security

Security | Posted on June 15, 2015 by Tobin Dalrymple

Now that the VENOM vulnerability has been dealt with, it’s time for technologists to seriously consider how ready they are for virtualization security.

Especially if you’re working in an organization with a significant investment in the cloud, this is one area you can’t afford to ignore any longer.

The VENOM vulnerability was discovered last May in an old string of code used in a majority of modern day virtualization hardware. The glitch allows an attacker to login to a virtual machine from the front door (e.g. buying space on AWS) and then “escape,” gaining code execution ability on the host, as well as any other VMs operating on that machine.

And while the threat was neutralized almost immediately with a series of patches, the story underlines a sad state of security in the virtualized world. As is the case with all major technological advances, security has lagged behind for years in the world of virtualized computing.

And it’s the IT department – not a lack of technology – that is to blame for the hold up.

Nearly 75% of organizations running virtualized environments have not deployed a security solution specifically tailored for virtual environments, according to a 2014 global survey conducted by Kaspersky. Just think of how much of our daily computing needs rely on cloud infrastructure, and that figure becomes quite alarming.

In a blog post detailing all the approaches to securing virtual workloads, Eugene Kaspersky, CEO  of his namesake company, highlights what seems to be a confusion throughout the industry about how to best tackle this situation:

“To protect or not to protect virtual machines – that was the question…

But the more crucial question [now] is how to protect,” he said. (Emphasis added)

So what can you do?

The first thing to note is the many of the traditional, agent-based antimalware products are not well suited to virtualized environments. This, pehaps, is what has slowed down adoption.

Virtualization is all about maximizing the utilization rates for the IT infrastructure — in order to maximize return on investment. But agent-based antimalware products usually require the antivirus software and signature database to be installed on every virtual machine, which soaks up resources, and therefore partly defeats the object of virtualization.

Which is why one approach that accomplishes your strategic goals while keeping your VMs safe is to install an antimalware product tailored exclusively for virtualized environments.

Enter Kaspersky Security for Virtualization

When speaking with our clients, Softchoice often suggests Kaspersky’s security solutions for virtualization. While it’s not the only solution, it stands out for a number of reasons.

For one, Kaspersky Security for Virtualization (KSV) is built to stay lean. It protects virtualized IT environments as either an agent-less or “light agent” anti-malware solution. This a more efficient way to protect your virtualized infrastructure — with greater performance and less impact on virtualization density.

The Agentless solution is VMWare only and works best for server scenarios such as data centers. It requires no deployment to VMs and provides best performance. Light Agent, while requiring a deployment of a small agent to every VM, is vendor-agnostic and brings full stack of Kaspersky security technologies to virtualization domain, allowing efficient application in VDI scenarios.

Another really important factor in choosing KSV is its seamless integration with VMware, the most popular of the virtualization providers. Kaspersky often touts its industry unique position of having the only solution built specifically for VMware.

Although it does work with the other major providers, too.

Personal Advice

Want to find out more about Kaspersky Virtual Security or virtualization security in general? Our team of agnostic experts will make recommendations on your needs.

Feel free to also attend one of Kaspersky’s weekly demos. The webinar will give you a chance to ask your questions about virtualization security and the specifics around the KSV solution. Sign up here.

Related Articles

Cloud | December 20, 2019 by Ryan Demelo

The stakes surrounding data security and risk mitigation rise with each passing year. Data breach costs continue to increase and potential threats grow more sophisticated.  According to IBM, the average total cost of a data breach – after accounting for remediation, reputational damage and regulatory issues – has reached $3.92 million. While smaller organizations may […]

Cloud | December 11, 2019 by Karly Pierce

IT organizations have seen too much of their time consumed by non-strategic tasks. This comes at great cost to their bottom lines and cloud transition strategies.  In fact, a 2018 Stripe survey found that between dealing with bad code, technical debt and various refactors or modifications, most of the typical developer workweek was wasted.   That […]

Cloud | November 28, 2019 by Ryan Demelo

Among the biggest obstacles to IT resilience is the “data dilemma.”  That data has become “the new oil” is a well-worn cliché by now. But clichés earn that status because they originate in the truth. And it’s true that today, data drives the decision-making that moves businesses forward. Protecting it is more important than ever. […]