Virtualization.com

News and insights from the vibrant world of virtualization and cloud computing

virtsec

Trend Micro Expands Virtualization Security Portfolio

by 1 Comment

Trend Micro is expanding its overall virtualization security portfolio with the introduction of a content security solution to protect VMware ESX/ESXi environments.

Trend Micro Core Protection for Virtual Machines is designed to secure VMware virtual machines, both active and dormant, comprehensively and efficiently. The product leverages the VMsafe APIs from VMware to offer layered protection through the use of dedicated scanning VMs coordinated with real-time agents within the VM.

A tough economy is driving companies globally to adopt more cost-effective measures and pursue efficiency, one of the main reasons why analysts expect the virtualization industry to hit over $7 billion over the next four years.

But while server virtualization increases efficiency in the data center, it also challenges the security of the IT environment: Existing content security solutions imported from the physical world typically leave security gaps when deployed in virtual environments. For example, dormant or offline virtual machines can get infected even while dormant, yet are unable to protect themselves with a virus scan agent and signature updates.

Similarly, resource-intensive security operations such as scheduled full system scans can significantly degrade the performance of the host and render the security ineffective, especially when initiated concurrently on multiple virtual machines.

Trend Micro Core Protection for Virtual Machines is part of Trend Micro Enterprise Security – a tightly integrated offering of content security products, services and solutions which is powered by the Trend Micro(TM) Smart Protection Network. Trend Micro Enterprise Security delivers immediate protection from emerging threats while greatly reducing the cost and complexity of security management.

Trend Micro Core Protection for Virtual Machines 1.0 will be available in August 2009 both as a standalone as well as part of the OSCE X Advanced Suite. The solution is also available as part of a new Virtualization Security suite that includes Trend Micro Deep Security, brought to the company from its acquisition of Third Brigade in April 2009. Core Protection for Virtual Machines can be deployed standalone or as a plug-in to OfficeScan Client/Server and managed through the OfficeScan console.

On the dangers of OVF

by 7 Comments

Usually I`m all in favour of Open Standards that are supported by different parties, and the Open Virtual Machine Format (OVF) pretty much matches these requirements.
The last Virtualbox has support for it, Simon is telling about it being part of the new XenConvert v2 Tech Preview .
However, Reuven wonders why it hasn’t gained widespread adoption yet.

Here’s my take, .. I`m not in favour of a standard as OVF that provides an easy way to transfer packaged virtual machine instance between different platforms.

Why ? Because I don’t think transferring full images of Virtual machines around is a good idea, not on 1 platform, not on different platforms.
And I`m not the only one with that opinion.

A Virtual Machine image is the perfect vehicle for malware in your network … some prepares an image for you , you run it on your network, and you set loose the devil, who knows it does a networkscan in the background and sends the info

OVF is a good breeding area for VM Image Sprawl,the effect you get when the number of images you have grows beyond what you can easily maintain, and this time it can grow beyond the people only using proprietary software , where as Image Sprawl used to be a disease mostly diagnosed within the VMWare usergroups and sysdamins with no clue on large scale deployments OVF

Sure OVF will assist smooth migration between different platforms so vendors want to keep it as far away from their users as possible, but people that already have a platform agnostic deployment framework in place don’t really need to worry about deploying on different platforms.

Catbird Debuts VMShield 2.0 With V-Tracker

by Leave a Comment

Catbird today announced the immediate availability of VMShield 2.0 with V-Tracker.

VMShield 2.0 leapfrogs legacy virtual firewall technology to enforce compliance and policy of both network and VM state, regardless of location or movement of VMs. With V-Tracker, VMShield 2.0 combines proven virtual machine tracking capabilities with in-depth monitoring of suspect activity on the network itself; preserves policies across hosts, clusters and vendor platforms; and automatically blocks out-of-policy or compromised VMs from breaching data center security.

VMShield 2.0 with V-Tracker is the latest innovation in Catbird’s comprehensive line of cross-platform, non-invasive security solutions for virtual and physical networks. Catbird’s encyclopedic Virtual Infrastructure Security Engine (VISE) correlates hundreds of machine attributes with access control, network segmentation, vulnerability and IDP security events for both virtual and physical machines, across multiple clusters and data centers, to deliver broad asset awareness and defense-in-depth.

Moreover, VMShield’s internal or external cloud-based platform with stateless monitoring enables unprecedented visibility and control to track virtual machines across clusters and detect and thwart potential security and policy violations before they escalate to a breach.

Catbird V-Tracker uniquely fingerprints each VM it tracks, even through virtual machine mobility. In combination with Catbird’s ground-breaking TrustZones policy enforcer, these machines stay monitored and protected via the Catbird Control Center, validating and enforcing policies for all VMs within a given TrustZone. Catbird’s automated quarantine mechanism instantly shuts down non-compliant virtual machines. The architecture is designed with maximum flexibility and portability to allow for cross-host and cross-platform coverage and ease of use.

VMShield 2.0 delivers a highly-correlated approach to virtualization security, a key capability for TrustZone enforcement and data protection. At its heart is the Catbird VISE, enabling intelligence and protection not possible with simple virtual firewall technology and which goes well beyond simple segmentation and ACLs.

VMShield 2.0 with V-Tracker utilizes hypervisor APIs to be VM aware and is also designed for compatibility with Citrix Xenserver and Microsoft Hyper-V.

Unlike conventional host-based solutions, stateful appliances and proprietary hardware solutions, VMShield 2.0 leverages Catbird’s fully SOA and cloud-based stateless architecture and is 100% plug-and-play, web-enabled, and architected to have minimal impact on the virtual environment itself. VMShield 2.0 is available as part of Catbird’s flagship V-Security 2.0. The company is a VMSafe partner.

Dell To Resell Reflex Systems’ Virtual Management Center

by 1 Comment

Reflex Systems, provider of virtualization management and security solutions, yesterday announced a global reseller agreement that authorizes Dell’s worldwide direct and channel sales forces to sell Reflex VMC (Virtual Management Center).

Reflex VMC is designed to provide customers with the essential management capabilities needed to effectively manage the complex, dynamic virtual environment, capitalize on the existing virtualization investment, reduce cost through efficient management, minimize downtime and maintain a reliable virtualized infrastructure running critical business-line applications. The solution boasts innovative performance management features including discovery and mapping, configuration change monitoring, application and services discovery and monitoring, virtual network security, and reporting.

Reflex VMC is available for purchase now through authorized channel partners including Dell.

Reflex Security Rebrands To Reflex Systems

by Leave a Comment

Reflex Security today announced it has changed its company name to Reflex Systems.  The new moniker was given “to more appropriately convey the award-winning comprehensive virtual infrastructure management offering that the company is now known for in addition to the virtual security appliance solution that Reflex pioneered”.

Reflex Virtualization Management Center (VMC) dramatically increases the visibility, management and security of an organization’s virtual infrastructure. Purpose-built on a strong security foundation, VMC provides the essential tools needed to bridge the gap between management and security in virtualized data centers. Reflex VMC provides infrastructure discovery and visualization, revision control, application/services discovery, network security, performance, lifecycle management and policy enforcement.