Search Results for: virtualization security

Trend Micro is introducing an advanced server security strategy that encompasses protection for the cloud, as well as products and solutions that help corporations address the challenging data protection, security and compliance needs of today’s datacenters that stretch across physical, virtualized and cloud-computing environments.

Trend Micro Deep Security, the flagship product for advanced server security at Trend Micro, introduces a new paradigm for server security where the entire server is protected, including the operating system, network and applications layers for superior and comprehensive security, regardless of computing environment, virtualization platform or storage location.

It emphasizes:

• Preventing data breaches and disruptions by providing a layer of defense at the server itself, whether physical, virtual or cloud.
• Lowering the cost of security management for virtual and cloud computing environments.
• Helping to make possible compliance over a wide range of regulations and standards, including PCI, SAS 70, FISMA, HIPAA, and more.
• Addressing immediate security concerns plaguing enterprises in physical and virtual worlds such as SQL injection and cross-site scripting attacks perpetrated by sophisticated, for-profit hackers.

Trend Micro Deep Security provides advanced protection for servers right from the operating system to resident applications with a modular architecture that includes: A deep packet inspection engine with intrusion detection/prevention (IDS/IPS), Web application protection and network-level application control; firewall, integrity monitoring and log inspection modules. This protection is available for both physical and virtual systems using server-based software agents and, coming soon with Deep Security 7.0, using virtual security appliances specifically designed for VMware VI3 and vSphere 4 environments. Trend Micro Deep Security 7.0, the latest version, is the world’s first security software that coordinates VMsafe API-based security applied at the hypervisor with additional protection on virtual machines to protect VMware environments. This version also includes new features designed to improve management and simplify compliance for a lower total cost of ownership such as: Event tagging to enable better workflow of security incident handling, the ability to create a “reference system” or known good state to reduce false positive alerts resulting from normal system updates such as patching. Other enhancements include integrity monitoring, log inspection, and SIEM integration capabilities.

Trend Micro Deep Security combines with Trend Micro ServerProtect and Core Protection for Virtual Machines, the company’s anti-malware products designed for physical servers and VMware virtual servers respectively. This unique blend delivers layered and comprehensive server security now vital to business continuity. Trend Micro Deep Security, with advanced anti-malware protection, further adds to Trend Micro’s ability to broadly deliver layered and comprehensive server security now vital to business continuity.

Trend Micro Deep Security 7 will be available in November 2009 with two pricing models designed to deliver maximum value to organizations. Deep Security is available for traditional physical servers on a per server basis starting at $885 per server. A virtual server license is also available for VMware environments with unlimited agents per host machine starting at $2100 per socket.

Trend Micro advanced server security solutions are part of Trend Micro Enterprise Security – a tightly integrated offering of content security products, services and solutions which is powered by the Trend Micro Smart Protection Network. Trend Micro Enterprise Security delivers maximum protection from emerging threats while greatly reducing the cost and complexity of security management.

While catching up on my reading backlog I ran into an article over at Ostatic titled, “Linux and Virtualization will March Forward Together” ,

Bob Sutor from IBM is quoted in that article stating

“I think Linux is such a natural for virtualization, both as a host and as a guest, and this will drive Linux even deeper into datacenters. Why? Linux and virtualization increase efficiency, allow consolidation, help reduce power and heat generated, and reduce server footprint. When you combine this with the quality of service offered by mainframes, you get even more benefits. When you open all this up to new ways of scheduling and managing applications, clouds emerge. So I think virtualization is key to what will foster greater use of Linux in the next decade.”

Apparently some study figured out that there are even better TCO savings for Linux virtualization as compared to Windows Virtualization and that Linux users Virtualize more . Obviously the license issues with other platforms make it much easier to deploy , and that’s what makes it the default platform in the cloud

Now the really strange thing is that the Linux platform is probably the platform that thad didn’t need Virtualization in the virst place.
All the claims for security, isolation , dll conflicts, finer process isolation etc might be relevant on different platforms but Unix and Linux already had chroots, cpu locking, nice, ionice and others. Good practice can get you pretty far in creating an strict and managable isolated environment, don’t get me wrong there are lot of valid reasons to virtualize on Linux, but the number of reasons not to is probably equally long

As @Beaker also realized adding the extra os layer each time add another factor , a potential performance penalty, another layer to manage, secure and update

So are Bob Sutor and Matt Asay right on their future of Linux Virtualization ? Will it continue to grow, will Linux Virtualization grow bigger than any other platform ?

Off course it will , Linux is the ideal open source platform in the cloud, it’s the perfect light JeOS on a thin Bare Metal Hypervisor , or even Linux as the Hypervisor ? But the average user won’t notice, just as he doesn’t notice now . Virtualization will become invisible again it will become a part of your infrastructure like a CPU or a Switch ,Typical Virtualization management platforms will disappear, or blend in with platforms that manage your infrastructure as a whole.
By then it’s time for a new hype.

GlassHouse Technologies has announced it has acquired UK-based virtualization infrastructure consulting company, Systems Group Integration (SGI). The acquisition broadens GlassHouse’s existing virtualization capabilities by combining vendor experience with analysis tools, helping customers realise ROI, increase efficiencies and reduce carbon emissions in their IT environments.

SGI has specialized in Microsoft and virtualization technologies for over 15 years. Its services and solutions for all aspects of distributed IT architecture will be integrated into GlassHouse’s existing and complementary platform business to help customers build effective, service centric infrastructures and realize ROI on their virtualization investments. The timely acquisition responds to increased customer demand for wide scale adoption to include server, desktop and storage virtualization over the coming years.

The move will also increase the depth of GlassHouse’s vendor relationships to optimize GlassHouse consultants’ access and knowledge of the very latest product developments. GlassHouse remains completely vendor independent and will use vendor information, alongside its Transom™ methodologies to advise customers on the best strategies for individual business needs.

The acquisition will also strengthen GlassHouse’s relationship with partners such as Dell; both SGI and GlassHouse are approved Dell partners, with SGI being a preferred partner for virtualization practice. GlassHouse partners will now have access to its broader virtualization resources as well as expertise in storage, back up, data centers, security and managed services.

Virtacore Systems has launched a new website and community to help solve the complexities of virtualization and cloud computing technologies for businesses of all sizes.

Thomas Kiblin, CEO and Founder, believes the complexities of virtualization can be explained and tailored to each individual business.

“We view our relationship with our customers as a partnership to leverage the best web technologies to help improve their business. Whether businesses are new to web technology or familiar with hosting concepts, we will educate and explain everything needed in order to maximize their hosting experience.”

Virtacore Systems provides a customized approach to virtualization technologies. Benefits include increased flexibility, reliability, and security as well as reduced infrastructure, footprint, and facility costs. Virtacore’s consultative process gives company IT managers peace of mind and a virtual engineering team to assist them with feasibility, day-to-day management, disaster recovery, and capacity planning.

Citrix Systems recently announced it is working with SignaCert, a provider of IT compliance solutions based on whitelisting methods, to include Citrix Systems software measurements in the SignaCert Global Trust Repository (GTR).

This collaboration will provide objective, third-party validation of Citrix-built software for IT security, compliance and systems management of virtual infrastructures, enabling Citrix customers and partners to explore innovative uses for Citrix desktop and server virtualization products such as XenDesktop, XenApp and XenServer, including dynamically managing applications and packages in workloads. Additionally, SignaCert will license the Data Exchange Format (DEF) to customers at no charge to help them leverage the whitelist data method for custom uses in their Citrix environments.

The SignaCert Global Trust Repository uses known-provenance and vendor-independent software measurements, or whitelists, to enable new enterprise IT security methods. These whitelists provide a standardized way to enforce security and compliance of third-party software for enterprise computing environments, as well as more advanced uses such as software attestation in high-assurance platforms. The technology permits virtual machines (VM) and their applications to be securely authenticated, so that when a VM is moved – between the enterprise data center and a cloud, for example – the user can be confident that the workload originated with their enterprise customer and it has not been altered outside of policy in any way, and that there have been no file and structure changes, additions or deletions to the application stack.