Configuration errors even in the best of times are the bane of IT existence. As IT environments have become more complex thanks to the advent of virtualization and cloud computing,the opportunity to misconfigure any number of devices has exponentially increased.
To help IT organizations deal with that issue, Juniper Networks today at the VMworld 2011 conference rolled out version 5.0 of the vGW Virtual Gateway for managing security in virtual machine environments. Major enhancements to the vGW Virtual Gateway include the ability to continuously monitor virtual machine gold images to make sure security policies are not violated. In addition, Juniper has added anti-virus software to the security gateway for virtualization environments and tightened integration between the vGW Virtual Gateway, which is based on technology that Juniper acquired when it purchased Altor Networks, and the vCenter management platform.
According to Johnnie Konstantas, director of marketing for cloud security at Juniper Networks, this latest version of the Juniper security gateway for virtual environments closely associates configuration management with security. Konstantas notes that it makes strategic sense because most security and compliance issues are tied to configuration errors that make it possible for the system to be compromised in the first place.
In the absence of automated approaches to managing IT that eliminate the possibility for human error, the next best thing is a system that alerts IT managers to when specific IT conditions have been changed. There are plenty of such approaches for physical servers, including offerings from Juniper. But virtual environments, says Konstantas, require a layer of dedicated security management software.
Virtual machines and the hypervisor technology that they rely on are for the most part secure. But everything above that on a virtual machine, including the guest operating systems, is subject to the same security and configuration issues as any other application environment. As such, given all the complexity involved in managing those environments, it's probably even more likely that the security of the virtual environment is going to be more easily compromised than traditional physical servers simply because the number of things that can go wrong has dramatically been increased.