While no hypervisor has ever been hacked, when it comes to the application workloads that run on top of a virtual machine, security is still a concern. The trouble lies in a lack of shared visibility between the physical and virtual layers of computing that make up the modern data center.
At the VMworld 2013 conference, Fortinet showed off a proof of concept that promises to solve that problem by securing data at the hypervisor level. According to John Maddison, vice president of marketing for Fortinet, the goal is to unify security management within the data center by dynamically applying controls before data traverses a virtual network.
With the rise of virtual networks, IT organizations will need to manage both physical and virtual networks that logically tie various network elements to a specific application. At the VMworld conference, Fortinet showcased how instead of having to apply separate policies to the forthcoming VMware NSX network virtualization platform, it’s possible to extend controls on the physical network to the NSX platform as part of unified approach to threat management.
In addition, Fortinet also announced its strategic investment in HyTrust, a provider of security products specifically designed to secure workloads running on virtual machines.
Security in virtualized environments is often overlooked because of an assumption that the virtual machine itself isolates the workload from operating systems that are considered the most likely source of a compromise. In reality, it’s often the application that is compromised. But because the virtual machine inserts a layer of software between the operating system and the application, network security products have been unable to apply policies to workloads running on a virtual machine.
As the number of virtual networks in the enterprise expands, securing those networks will be nothing short of a daunting task. Having tools like the Fortinet concept will be integral for IT to successfully manage security for the future.