Getting Serious About Virtualization Security

Michael Vizard

While there have been no reports of widespread attacks on virtual machine hypervisors, it doesn't mean that IT organizations need to pay less attention to virtualization security.

That's one of the major themes emanating from RSA Conference 2011 in San Francisco this week with VMware lending its support to the virtualization security efforts of Hewlett-Packard, while Juniper Networks touted the virtualization security benefits of its recent acquisition of Altor Networks.

In the case of HP and VMware, the two companies pledged to work together on next-generation intrusion prevention systems that will be applied to virtual machines running both on premise and in the cloud.

While virtual machines benefit from the existing security infrastructure applied to physical servers and networks, the advent of technologies such as vMotion makes it clear that virtual machines are going to dynamically move around the network. Venu Aravamudan, senior director of product marketing for VMware's Server Business Unit, says that as these virtual machines move about the network, IT organizations will need to make sure that the security policies that have been applied to these virtual machines travel with them.

According to Michael Callahan, director of worldwide security product and solution marketing for HP's TippingPoint products, the two companies plan to work together to give TippingPoint products much greater visibility into the overall VMware environment. Specifically, the two companies are working on integrating TippingPoint IPS products with vShield and VMware vCloud Director. The two companies are also jointly marketing the vController IPS from HP with VMware vShield App and Edge security products.

Juniper Networks, meanwhile, announced that its vGW virtual gateway is now integrated with the company's SRX Series Services Gateway, which serves to bridge the two worlds of virtual and physical security, said Peter Lunk, Juniper director of product marketing for high-end security systems.

The core issue that Juniper is trying to address, says Lunk, is the loss of visibility that security products such as firewalls experience when dealing with virtual servers. By integrating the Altor virtualization security technology with Juniper security products, visibility into those environments is provided in a way that leverages a customer's existing investments in physical security products.

No matter the approach, it's pretty clear that virtualization security is becoming a bigger IT concern as more mission-critical applications wind up being deployed on top of virtual servers. And while there may be a tendency to overlook virtualization security issues in the absence of an immediate threat, the fact remains that anything left unguarded is going to eventually attract the wrong kind of attention.

Add Comment      Leave a comment on this blog post
Feb 21, 2011 7:02 PM Anonymous Anonymous  says:
There are other solutions which are VMware and citrix certitfied who provide security in virtualized environment like Netasq Virtual appliance with all UTM functions then why the author is only talking about Juniper and HP tippingpoint Reply
Feb 22, 2011 9:54 PM Anonymous Anonymous  says: in response to Anonymous
...probably because an in-line virtual appliance (like Netasq) doesnt have the level of visibility the Juniper, HP, and (also left off) Reflex Systems appliances have of the network. All three have hypervisor level integration giving very fine grain access to virtual network traffic. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.