virtual appliance

SourceFire Presents New Virtual Appliances

June 26, 2009 by Robin Wauters 1 Comment

Open source innovator and Snort creator Sourcefire announced Sourcefire 3D System 4.9, with the new Sourcefire Virtual 3D Sensor and Sourcefire Virtual Defense Center. These new virtual appliances will enable users to deploy the company’s leading security solutions within their virtual environments, increasing protection for both physical and virtual assets. Available during the second half of 2009, the Sourcefire 3DSystem 4.9 also features the industry’s first Policy Layering capabilities that deliver increased customization for large or multi-organizational networks, including cloud or virtual implementations.

With the new Virtual 3D Sensor and Virtual Defense Center, Sourcefire is enabling customers to:

Secure virtualization – Protecting virtual infrastructure from internal and external attacks with virtual security appliances
Virtualize security – Leveraging cost- and energy-saving benefits of virtual security appliances to improve security efficiency

As part of the Sourcefire 3D System 4.9, the new virtual appliances allow organizations to inspect traffic between virtual machines, while also making it easier to deploy and manage sensors at remote sites where resources may be limited. They also enable Managed Security Service Providers (MSSPs) and cloud computing companies to easily implement Sourcefire’s leading security solutions for increased protection. MSSPs can configure multiple Virtual Defense Centers to support multiple customers from a single VMware server, increasing the efficiency of management efforts.

Users can deploy Virtual 3D Sensors on VMware ESX and ESXi platforms to inspect traffic between two or more virtual machines (VMs), while also using physical Sourcefire 3D Sensors to inspect traffic going into and out of a VMware virtual environment. Deployed as software running within VMs, the Virtual 3D Sensor also makes it easier for users to inspect traffic on remote segments of the network where local IT security resources may not exist (e.g., retail stores, remote offices) or where little rack space remains in the datacenter.

The Virtual 3D Sensor will provide simultaneous execution of Sourcefire IPS, RNA (Real-time Network Awareness) and RUA (Real-time User Awareness) functions. Customers can deploy the Virtual Defense Center to monitor any combination of up to 25 virtual or physical 3D Sensors. They can also opt to monitor their Virtual 3D Sensors from the same physical Defense Center they use to monitor their physical 3D Sensors.

In addition to the new virtual appliances, Sourcefire 3D System 4.9 delivers new policy management capabilities that allow organizations to easily customize security to support the varying user requirements of expansive multi-department/organization networks, as well as virtualization and cloud computing implementations. With the industry’s first Policy Layering capability, Sourcefire users can create policy “building blocks” to capture specific Intrusion Prevention System (IPS) requirements by organization, by site, by department, or even by user.

Sourcefire is enhancing its market-leading dashboard to include new custom query widgets, providing users with increased control over the way data is presented. With Sourcefire 3D System 4.9, Sourcefire is also improving the overall manageability and detection accuracy of RNA to include new application and service detectors, auto-configuration and simplified packet-level forensics.

The Sourcefire 3D System 4.9 release, including the Virtual 3D Sensors and Virtual Defense Center, will be available during the second half of 2009.

Layer 7 Release SecureSpan Virtual Appliance For Cloud Governance

June 10, 2009 by Robin Wauters 1 Comment

Layer 7 Technologies today announced the availability of the Layer 7 SecureSpan Virtual Appliance for cloud governance. The Virtual Appliance offers all the features of the SecureSpan family of hardware appliances, including sophisticated runtime governance, agent-less SOA management and industry-leading XML security in a VMware or ESX-based soft appliance. The Layer 7 Virtual Appliance for cloud governance allows organizations to secure cloud-based interactions, monitor service level conformance and adapt to changing conditions and needs.

Traditionally, Layer 7 customers have deployed the SecureSpan Virtual Appliance as a budget-friendly alternative to hardware appliances. The SecureSpan Virtual Appliance for cloud governance incorporates the new Layer 7 Enterprise Service Manager (ESM), which is a lightweight method of centrally managing, tracking and measuring application services no matter where those services reside: in enterprise SOAs, as part of a Software-as-a-Service offering or in cloud (both public and private) initiatives. With the Virtual Appliance for cloud governance, Layer 7 customers can seamlessly reuse their existing, on-premise SOA governance solution for their cloud-based initiatives.

In addition to cloud governance, Layer 7 enables organizations to control, monitor and adapt application services in a variety of enterprise settings, including internal environments and between external domains (such as partners or branch offices). Only Layer 7’s highly automated and interoperable gateway solutions, available as hardware, software and virtual (VMware) appliances, are capable of holistically governing today’s complex and ever-changing ecosystem of application services, no matter where they reside.

Leostream Pushes Connection Broker 6.0

June 1, 2009 by Robin Wauters 1 Comment

Leostream announced late last week a new version of its vendor-neutral connection broker. The Leostream Connection Broker 6.0 features native support for Citrix XenServer, along with additional highlights including extended monitor support, an enhanced Web interface, more powerful USB device management and reporting capabilities.

The Leostream Connection Broker, which is delivered as a virtual appliance, is the software management layer that ties desktop images in the data center to users’ thin client, laptop, desktop or Web interfaces. With it, enterprises can provide end-users with a virtual desktop experience equal or superior to that of traditional desktops. End-users can access their virtual desktop from any machine, no matter where they are located, due to the Connection Broker’s ability to direct users to their own virtual desktop image.

For IT, the Leostream Connection Broker allows managers to maximize the virtualization of existing resources by easily integrating an array of clients, back-end systems and viewers. In addition, management can rest assured that its virtual desktop infrastructure (VDI) is secure. The Leostream Connection Broker integrates with existing authentication and security protocols without changes, providing a rich set of policies for exact implementation of business rules for users and machines.

With its new version, the Leostream Connection Broker 6.0 offers native support for Citrix XenServer, easily installed as a virtual appliance on Citrix XenServer 5. As a result, enterprises can now create a VDI entirely on XenServer. This new capability builds on Leostream’s previous Citrix offerings. This includes Leostream’s long-standing Citrix Ready verified support for XenServer Centers and the more recent addition of XenApp Integration for delivering desktops and applications side-by-side. With Leostream, organizations can deliver Citrix desktops simultaneously with other virtual, physical or bladed desktops or Terminal Server sessions, create pools of Citrix desktops or applications for delivery to different groups of users, and assign desktop and application pools based on end-user policy and location.

The Leostream Connection Broker 6.0 also provides extended monitor support. Virtual desktops can be split or spanned across multiple screens with no degradation of performance. This enables IT to provide virtual desktops to end-users accustomed to multiple monitors.

Additional enhancements in the Leostream Connection Broker 6.0 include:

More Powerful USB Device Management: End-users can attach and employ USB devices on virtual desktops with the same ease-of-use as physical desktops, while IT management has complete visibility and control over which USB devices are permitted;
Enhanced Reporting: IT can now monitor resource usage; and
New Integration with Syslog Servers: New integration features allow for more effective compliance and auditing.

Virtualization Security Startup HyTrust Launches With $5.5 Million In Series A Funding

April 8, 2009 by Toon Vanagt Leave a Comment

HyTrust is entering the virtualization arena today with HyTrust Appliance, which serves as a central point of control, management and visibility for virtualized environments. The company also announced it’s launching with venture capital backing to the tune of $5.5 million, a Series A funding round which was led by Trident Capital and joined by Epic Ventures.

VirtSec nowadays is less about those familiar ‘pure’ security functions like FireWalls (FW) or Intrusion Detection (IDS), but much more about the configuration control and compliance of virtualized environments. HyTrust claims to provide such centralized control, compliance,directory integration and security – requirements that become mission critical as virtual infrastructures scale up and production applications get virtualized. Readers of this blog, probably already know that in addition to immediate cost savings, virtualization enables a more flexible and dynamic infrastructure that can quickly morph to meet changing needs of any organization.

The fresh HyTrust single point of control seems to be competing with Reflex Virtualization Management Center (VMC), Third Brigade Deep Security and an established suite of products from Catbird V-Security such as VMShield, HypervisorShield and VMPolicyCompliance. However during our interview with Eric Chiu (CEO HyTrust), he was confident that HyTrust is different by “really focusing on the underlying virtual infrastructure itself. HyTrust authenticates traffic across 5 VMware application interfaces and centrally enforces policies through role based access control. HyTrust single point of control and hypervisor security really ensures what is allowed to happen and what not.” Questioned on the introduction of a yet another single point of failure or potential security flaw, Chiu was confident that HyTrust “is even more secure than VMware vCenter, since our appliance runs on a hardened Linux OS, without command line interface and its use is strictly limited to the provided User Interface.” It goes without saying that known malicious penetration attempts, scans and probes were tested too. Apart form the current exclusive support for VMware ESX, Chiu confirmed to Simon Crosby they would come up with support for Citrix XenServer and also Microsoft Hyper-V later this year. “Our go-to-market strategy started with the VMWare enterprise datacenter customers, but we are already in talk with 3 leading Vmware cloud providers.” When it comes to cloud computing, Chiu sees 2 main scenario’s. First the ‘internal cloud’-approach (aka located in-house, owned & internally managed by an organization), where HyTrust can provide a purpose built lasso around such corporate cloud environment. The second approach involves external cloud providers (located off-premise & managed by a third party provider) and could still make customers achieve compliance in an easy way by implementing Hytrust as a virtual appliance into that cloud offering.

Due to significantly higher rate of change in virtual infrastructure, automated controls are necessary to ensure that security and operational readiness is on par with that of physical environments. In addition, given the spread of virtualization, companies are now being faced with meeting regulatory compliance of their virtual infrastructure. HyTrust allows enterprises to meet these needs and answer the demands of auditors and their solution was created to proactively address the new challenges presented.

Rather than retroactively building necessary safeguards while sensitive data is put at risk, HyTrust, which has three patents pending, allows organizations to build a manageable virtual infrastructure foundation from the ground up. Additionally, to comply with regulations or security standards such as HIPAA, SOX and PCI/DSS, HyTrust gives enterprises the ability to demonstrate that adequate processes and enforcement controls are in place, configuration changes are consistent, and confidential information is secure. The HyTrust Appliance is the only product that addresses virtualization infrastructure control, including all four requirements outlined.

Backed by positive reactions from 12 trial customers, Eric Chiu is confident that he has gotten ‘at the right place, at the right time with the right solution’.

Pricing for the HyTrust Appliance (Enterprise Edition) is based on the number of protected VMware ESX hosts (on a per CPU/socket basis) and HyTrust Appliance license. Protection license for a 2 CPU VMware ESX host is $1,000; the HyTrust virtual appliance is $3,000; and the physical appliance is $7,500. Maintenance and support is charged on 25% of the annual license basis. HyTrust will soon make available the new HyTrust Appliance: Community Edition —a free virtual appliance available for download via the Web. Due out at the end of April, Community will allow protection for up to 3 hosts and offers an excellent way for smaller companies to bring automated virtualization best practices into their environments. HyTrust launched with a direct customer approach, but was already contacted by integrators and resellers eager to distribute licenses. Hytrust is expected to develop such hybrid distribution model in the third quarter of 2009.

Next to its venture capital investors, HyTrust is launching with an impressive list of technology partners, including VMware, Symantec, Cisco Systems and Citrix Systems.

Release: Arkeia Network Backup 8.0

January 27, 2009 by Robin Wauters Leave a Comment

Arkeia Software today announces Arkeia Network Backup v8.0 which delivers the first true virtual appliance for backup that gives customers free choice of hardware.

Version 8.0 extends Arkeia’s product family of physical backup appliances and software applications to address the rapidly-growing demand for virtual backup appliances. Arkeia Network Backup v8.0 also simplifies backups of virtualized server environments, protecting both traditional and virtual machine platforms with one consistent process and making backups more reliable.

The Arkeia Virtual Appliance delivers Arkeia Network Backup as a system image for a VMware virtual machine and comes bundled with everything required to implement a robust backup solution, including licenses for a disk-based virtual tape library (VTL) and Arkeia Backup Agents. The Arkeia Virtual Appliance delivers all the functionality of Arkeia Network Backup v8.0 and interoperates with Arkeia Backup Agents and the Arkeia Backup Replication. The Arkeia Virtual Appliance can be deployed in both VMware ESX and ESXi virtual environments.

The new Arkeia VMware ESX Agent is installed on an ESX hypervisor and allows backup of one or several virtual machines on that physical computer, regardless of the operating system or the application running in the virtual machines. The Arkeia VMware ESX Agent leverages the VMware ESX snapshot mechanism.

Other features in v8.0 include an enhanced graphical user interface, expanded reporting capabilities, simplified tape library management, wiki-based documentation, and delivery platform updates.

Arkeia Network Backup v8.0 is currently in beta test, and is expected to become generally available in March, 2009. Pricing for the virtual appliance deployment with three bundled backup agents begins at $2,000.