Securing Virtual Environments

Expand all

The Risk

In recent years, the increasing pressure on CIOs to enhance the financial efficiency of organizational IT infrastructures, has led them to introduce the concept of computer system and network device virtualization higher and higher on their priority list.

In short, Server Virtualization promises to achieve the following:

  • Reduce infrastructure operating costs
  • Increase flexibility and capacity planning
  • Introduce environmental benefits via the reduction of electricity and cooling
  • Improve the utilization of expensive servers/network equipment, and
  • Simplify Disaster recovery planning and implementation, among others.

Beyond the benefits of economic savings and enhanced flexibility in capacity planning, virtualization also introduces a number of threats and challenges to the security of organizational information.

Among such threats and challenges is the increased network complexity and diminished visibility of the network traffic flowing within the virtual environment, which makes it difficult to detect Malicious “insider” Activity and Attacks. These implications are further complicated by the immature state of virtualization solutions as far as relevant ingrained security is concerned e.g. difficult to secure features like VMotion, and ability to enforce policies that isolate VMs for preventing VM sprawl. In the event that an internal malicious user or an attacker manages to compromise the virtualization layer, or hypervisor, this could lead to a compromise of all servers hosted on this virtual environment and as a result all applications and data residing in it.

A number of both established, as well as new-coming security vendors have, during the last two years, introduced a number of "virtualization security" products addressing the issues that we have described above. The number and complexity of these products makes it difficult for organizations to understand when and where such solutions are needed.  This problem is compounded by the fact that these solutions seem so similar and it is usually rather difficult to determine how these differ from one another.

Indicatively, related Gartner analysis states that “by 2012, more than 50 percent of enterprise data centers are expected to be virtualized, although 60 percent of these virtualized servers will be less secure than the physical ones they replace.”

Protecting your Organization

Odyssey remains abreast of latest trend and technology developments in the area of NG firewall technologies and especially within virtual environments.  We also maintain strong partnerships with long standing market leaders, which permits us to expand our knowledge and insights on these technologies.  We are, therefore, in a position to provide you with best of breed, effective firewall solutions for protecting your virtual computer systems and networks, which suit your specific needs and environment.

In doing so, our team, with extensive experience and expertise in the implementation of virtual environment-specific security solutions, will first assess your organization’s needs, based on your existing virtual environment infrastructure, including computer systems and network architecture, applications running, systems’ set up, and users’ access requirements. We will also ensure that we clearly understand your business objectives, internal policies and external compliance requirements, as well as your future expansion plans.

Once we have a well-rounded understanding of your virtual network and systems environment, we’ll recommend the best-suited virtual security solutions for your needs in order to strengthen application and data security by providing, protection against network intrusions, including virus and malware, improving visibility and control of sensitive data and accelerating IT compliance across the enterprise.

The deployment phase is a critical part of this implementation process and requires your active involvement.  Your input ensures that the level of protection applied is in line with your risk appetite and that it maximizes control without hindering productivity. Post-deployment, is the steady state phase during which traffic patterns are observed and security policies are tweaked so that the effectiveness of the access control policy is optimized.

 

Doing it right: Our Virtual Security Solutions’ Key Features and Benefits

Our Securing Virtual Environments solutions are largely characterized by the following key features and benefits:

Key Features

Benefits

Provides visibility into, and/or control of, traffic between VMs within the same virtual network

Increased protection profile between different VMs

Simplifies the inherent network complexity in applying Firewall/ IPS/ Root Kit detection technologies within the virtual environment

Increased protection profile for virtual network devices and computer systems

Ability to enforce policies that isolate VMs, preventing VM sprawl

Increased protection profile for virtual network devices and computer systems
Ability to apply the same security policy for VMs moved in real time from one physical server to another Safeguards that VMs moved in real time, using features like VMotion, from one server to another conform to the same security access policy
Ability to detect Malicious “insider” Activity and Attacks Increased protection profile for virtual network devices and computer systems
Alignment of virtual firewall rules directly with organizational security access policy Enables simple and effective deployment

A central management console allows for the easy and timely management and deployment/update of security policies including IPS, Application Control (AC), Users Identity (UI), URL filtering etc.

Centralized administration, reduces overhead and management costs

Graphical user interface real time monitoring of logs generated in relation to suspected system/network events and user activity.

Centralized administration, reduces overhead and management costs

Enables the generation of reports needed for demonstrating compliance with internal audit and regulatory requirements

Simplified internal audit and regulatory reporting

Could be deployed in Hypervisor and/or network mode, inspecting traffic for unauthorized access and malicious activity

Easy installation and deployment without altering the organization’s virtual network infrastructure if desirable
 

Remaining Secure – Support tailored to your needs

We very well understand that to remain effective, a security deployment requires constant monitoring, fine-tuning, updating and maintenance.  These requirements may prove a burden your organization is not poised to undertake.  We have, therefore, structured our post-deployment services so that you may have the level of support you need, in order to achieve maximum return on your investment, with the least of worries.

Our suite of post-deployment services range from simple Maintenance and Support, to full-fledged Managed Security & Outsourcing Services.

This solution comprises part of the “Design & Implement” phase of our Information Security Continuum (D&I).