Welcome!

CRM Authors: Xenia von Wedel, Ian Khan, PR.com Newswire, Steve Mordue

Blog Feed Post

Securing Your Virtual Environment

By David Phillips, product manager, Wick Hill

So you have you a shiny new virtual environment up and running. You may have virtualised all your servers, so that your business-critical databases, CRM systems, ERP applications and email all reside in a virtual environment. It has been a long project, but now it is complete and you are experiencing the operational, performance and cost gains. Stop! Think! Have you covered all the bases? Have you thought about security?

I ask the security question a lot, and in most cases the response is either: "Security is not my responsibility." or '"Yes I have considered this and we have implemented the same security as we had in our physical environment."

These responses illustrate a common misconception - that a virtual environment is inherently more secure than a physical one. This is wrong. A malware attack doesn't distinguish between a physical or virtual device. Cybercriminals pay little regard to the environment. They are just looking for the easiest way in! There are even Trojan attacks designed specifically to attack virtual machines.

Another objection I hear to my security questions is that malware cannot survive the decommissioning of non-persistent virtual machines (VM). Again, rubbish. Some malware can jump from VM to VM and from host to host.

Finally, cyber-crime does not stand still. There has been a massive increase in the volume of malware and the attacks are constantly evolving, leaving physical and virtual environments at risk.

There are three options for securing your virtual infrastructure - that is, of course, excluding the fourth option of having no security at all!

1. Traditional 'agent-based' security
This can provide you with a good solution, although there are some significant drawbacks. Consider the reasons you moved to a virtual environment in the first place. Cost savings and optimisation are likely to be included in your rationale. By installing software not optimised for a virtual estate, you are loading a separate copy of anti-malware, software and signature updates on every endpoint. This duplication is massively wasteful in a VM environment.

On top of this you have the resource nightmare of potential 'AV storms'. All your VMs updating at the same time slows everything down and can even bring your environment to a complete halt. You can also leave your systems vulnerable through what's known as an 'Instant On Gap,' the window of time after a VM spins up, but before the agent on that VM downloads the latest security updates.

For virtual systems, optimum consolidation ratios ( the greatest possible density of VMs for your money) is the main goal. Traditional protection is inefficient in virtual environments, taking up resources which could be used to add more VMs. However, at least with this approach, you are protected and have not left your systems vulnerable to attack.

2. 'Agentless' Security
This is the next option. Now we are moving on to protection that is designed to optimise security in a virtual infrastructure. The security software is loaded onto its own secure virtual machine and no agent resides on the other VMs in the estate. This allows them to run smoothly with no duplication or redundancies, helping to make the most of your investment. It also means you can get the security up and running very quickly and there is no need for time consuming reboots.

This approach is at the other end of the spectrum to the 'agent-based' approach, addressing most, if not all, of the downsides. However, you don't get something for nothing and if you look at this approach in more detail, there are a few drawbacks.

Firstly, you are relying on your security vendor integrating with the virtualisation vendor. This means that the range of advanced features such as application control, device control and web control may not be available to you. Also, some virtualisation vendors don't have the technology inbuilt to enable this approach. You are moving back to pure anti-virus/anti-malware protection, with none of the enhanced options endpoint security gives you.

So if 'agent- based' is at one end of the spectrum and 'agentless' is at the other, is there another option that gives you the best of both worlds? The answer is yes - with 'light-agent' security.

3. 'Light-agent' security
In this architecture, the security software is still loaded onto a secure virtual machine, but an additional lightweight agent is installed on each VM. This unlocks the potential for deeper, multi-layered protection, including features such as web, device and application policy enforcement. Now you have achieved most of the benefits of the 'agent-based' and 'agentless' approach, giving you the flexibility to setup the most appropriate security posture for your environment.

You may now be scratching your head and wondering how you are supposed to manage all of this and your workstations, laptops and mobile devices. You are managing enough different consoles at the moment. You want to keep things as simple and straightforward as possible because complexity is the enemy of security.

There are security vendors out there that enable you to manage all types of endpoints from one single console. This allows you to effectively manage your security policies and close any gaps that would exist, when using multiple products and management consoles. However, be aware that not all 'single' consoles are identical. Some provide a portal into multiple other consoles (with different interfaces).

Conclusion
Kaspersky Lab has a platform that supports all of these options Kaspersky Endpoint Security for Business is 'agent-based' and offers a full range of endpoint security features including: application, web and device control; mobile security and mobile device management; encryption; systems management; and of course award winning, multi-layered, anti-malware technology. This can be installed on a wide range of virtual platforms. Kaspersky also have Kaspersky Security for Virtualization, if you decide to go for the 'agentless' and 'light agent' approach.

Whichever you choose you can manage everything through one single console, the Kaspersky Security Center, giving you the flexibility to have a mixed physical and virtual environment managed from one place.

There are other solutions out there that provide many of the above benefits. However, with the rapid changes in the threat landscape over the last nine months, one thing is certain - doing nothing is no longer a viable option.

ENDS

For further press information, please contact Annabelle Brown on 01326 318212, email pr@wickhill.com. For reader queries, contact Wick Hill on 01483 227600. Web www.wickhill.com

Source: RealWire

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

IoT & Smart Cities Stories
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...