HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments



Similar documents
SECURE SHARING AND COMMUNICATION. Protection for servers, and collaboration

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure

MESSAGING SECURITY GATEWAY. Detect attacks before they enter your network

AND SERVER SECURITY

AND SERVER SECURITY

OUR MISSION IS TO PROTECT EVERYONE FROM CYBERCRIME

INTRODUCING: KASPERSKY SECURITY FOR VIRTUALIZATION LIGHT AGENT

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments

ESET Security Solutions for Your Business

PROTECTION SERVICE FOR BUSINESS WELCOME TO THE BUSINESS OF FREEDOM

Symantec Endpoint Protection Datasheet

VIRTUALIZATION SECURITY IN THE REAL WORLD

Netzwerkvirtualisierung? Aber mit Sicherheit!

Endpoint protection for physical and virtual desktops

RELEASE NOTES. F-Secure Client Security Version build 309 (RTM) F-Secure Client Security Premium Version build 118 (RTM) 1.

How To Protect Your Cloud From Attack

McAfee Server Security

Bitdefender GravityZone Sales Presentation

Devising a Server Protection Strategy with Trend Micro

Symantec Endpoint Protection

Understanding & Improving Hypervisor Security

Symantec Endpoint Protection

Meeting the Challenges of Virtualization Security

Devising a Server Protection Strategy with Trend Micro

Symantec Endpoint Protection

Endpoint protection for physical and virtual desktops

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center

Networking for Caribbean Development

F-Secure Internet Gatekeeper Virtual Appliance

The Virtualization Practice

End to End Security do Endpoint ao Datacenter

Virtualization Support - Real Backups of Virtual Environments

SECURE YOUR BUSINESS WHEREVER IT TAKES YOU. Protection Service for Business

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Move over, TMG! Replacing TMG with Sophos UTM

Two Great Ways to Protect Your Virtual Machines From Malware

Outline. Introduction Virtualization Platform - Hypervisor High-level NAS Functions Applications Supported NAS models

INFORMATION PROTECTED

F-Secure Client Security. Administrator's Guide

Securing Your Business s Bank Account

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Patch and Vulnerability Management Program

Comparing Antivirus Business Solutions. A small business running 25 work stations and 2 servers require an antivirus solution that

World-class security solutions for your business. Business Products. C a t a l o g u e

CA Anti-Virus r8.1. Benefits. Overview. CA Advantage

Total Cloud Protection

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

V1.4. Spambrella Continuity SaaS. August 2

Webinar: Op1mize & Secure Your Hyper- V VDI Deployment. Presented by:

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Acronis Backup Product Line

Small and Midsize Business Protection Guide

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Firewall and UTM Solutions Guide

Server Virtualization A Game-Changer For SMB Customers

Security and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser

Symantec Endpoint Protection

BitDefender Client Security Workstation Security and Management

Single Product Review - Bitdefender Security for Virtualized Environments - November 2012

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

How To Protect Your Data From Being Hacked On Security Cloud

overview Enterprise Security Solutions

Next Gen Firewall and UTM Buyers Guide

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

PCI DSS 3.0 Compliance

Cloud Courses Description

Citrix XenServer 7 Feature Matrix

Microsoft Windows Intune: Cloud-based solution

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Data Center Connector for vsphere 3.0.0

Symantec Protection Suite Small Business Edition

AntiVirus and AntiSpam scanning The Axigen-Kaspersky solution

Advanced Persistent Threats

NetScaler VPX FAQ. Table of Contents

Version Kaspersky Lab FOR INTERNAL USE ONLY

End-user Security Analytics Strengthens Protection with ArcSight

Transcription:

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what it is, what it does, and how it works. It also explains some of the needs and requirements specific to virtual and cloud environments. Key features SVCE is hypervisor-agnostic and supports all popular virtualization platforms, including VMware, Citrix, and Microsoft Hyper-V, as well as mixed and hybrid environments. To optimize performance, malware scanning is offloaded to a dedicated Scanning and Reputation Server. SVCE combines the flexibility of agentless solutions and the security of traditional agent-based solutions. Benefits SVCE offers complete protection for all virtual environments without compromising performance. The best protection offered by F Secure s award-winning security clients is now available for virtualized environments. Optimized performance reduces hardware costs due to lower RAM, CPU, and disk space requirements. Unified central management tools and client software reduce complexity. Change virtual desktops or servers from one virtualization platform to another without changing security products.

THE CASE FOR VIRTUALIZATION AND VIRTUALIZATION SECURITY Companies of all sizes are moving to the cloud and using virtualization as a way to gain benefits. Moving to the cloud offers the possibility to switch capital expenses to operational expenses. One of the key arguments for virtualization is flexibility the option of adding and removing services as needed. Other compelling reasons include resource optimization that reduces hardware costs, and increases operational efficiency as new services can be deployed quickly and automatically. Companies can also improve their IT infrastructure by gaining more capacity for less money. Resources that easily scale to the current need without hardware limitations and the 24/7 support seal the deal. Despite the increasing use of virtualized platforms and cloud-based solutions, security for these environments has often been inadequate. Virtualization penetration has surpassed 50% of all server workloads, and continues to grow. Gartner, June 2012, Magic Quadrant for x86 Server Virtualization Infrastructure Businesses have had to choose between security solutions that are designed for traditional physical environments and agentless solutions that are based on vendor-specific, proprietary technologies. While secure, traditional solutions are not optimized for virtual environments. On the other hand, agentless solutions may not provide adequate protection against online attacks that exploit security vulnerabilities. In addition to the traditional security threats that businesses of all sizes face, virtual and cloud environments have additional challenges. Limited hardware capacity has a significant impact on desktop virtualization. A good user experience with shared hardware requires optimization. The increased load on scanning processes also requires additional hardware investments.

WHAT IS F-SECURE SECURITY FOR VIRTUAL AND CLOUD ENVIRONMENTS? F-Secure Security for Virtual and Cloud Environments (SVCE) is a solution that is designed to tackle the challenges of virtual and cloud environments. Unlike other security vendors that offer agentless or silent agent-based solutions, SVCE is an added feature for F-Secure s award-winning end-point and server protection products. The solution provides the best protection against malware, exploits, phishing, and other network-based attacks. Component groups SVCE has three component groups: the client security products, Scanning and Reputation Server, and the management portal. 1. Client security products - Standard F-Secure workstation and server software F-Secure Client Security F-Secure Server Security F-Secure E-mail and Server Security F-Secure Anti-Virus for Workstations 2. Scanning and Reputation Server - Isolates performance-consuming operations away from clients Virtual appliance for VMware ESXi, vsphere hypervisor Virtual appliance for Citrix XenServer, Xen hypervisor Virtual appliance for Microsoft Hyper-V hypervisor 3. Policy Manager - Provides policies, configurations and updates for the entire solution F-Secure Policy Manager for Windows F-Secure Policy Manager for Linux

Virtual Desktop Programs Client Security Premium OS Virtual Machine Policy Manager OS Programs Client Security OS F-Secure updates policies, statistics, alerts, updates scan requests, files, results Virtual Desktop Programs orsp Scanning and Reputation Server Virtual Server Server Security OS Virtul Appliance OS Virtual Server Programs Email and Server Security OS Policy Manager Provides centralized management for products that are installed on physical and virtual machines. Policy Manager Console The administration console for defining policies, deploying F-Secure software and monitoring the security status. Client Security, Server Security and Email and Server Security Endpoint security protection products that are installed on physical or virtual desktops and servers. Managemant Agent Communicates with Policy Manager, applies defined policies and sends status information and alerts to Policy Manager Server. Automatic Update Agent Downloads and installs software and database updates. Offload Scanning Agent Offloads malware scanning and content reputation checking from the client to the Scanning and Reputation Server to minimize the impact on performance. Scanning and Reputation Server The virtual appliance that is based on a hardened Linux platform and provides malware scanning and content reputation services. Hypervisor

HOW IT WORKS SVCE protects virtual machines that are running in private or public clouds. It provides proactive behavioral analysis and exploit protection that efficiently identifies and blocks modern malware and exploit attempts. To optimize performance for virtual environments, resource-intensive malware scanning is offloaded to a dedicated F-Secure Scanning and Reputation Server. To prevent modern attacks, F-Secure security products are based on multi-layer protection. Each layer addresses a particular aspect of the threat landscape and works with other layers to provide a complete solution. Here is what this protection looks like when installed on a physical machine: Physical Machine Browsing protection Behavioral analysis Advanced heuristic analysis Web and Email scanning Exploit protection Compound object scanning File reputation analysis Signature-based scanning

When traditional security products are installed on multiple virtual machines that are running on the same hypervisor, they may compete for hardware resources and eventually decrease the performance of the whole environment. Offload Scanning Agent and Scanning and Reputation Server can optimize performance to provide the best protection possible: Virtual Machine Browsing protection Scanning and Reputation Server File reputation analysis Web and Email scanning Web Content Reputation File reputation analysis Signature-based scanning Behavioral analysis Advanced heuristic analysis Exploit protection Compound object scanning Offload Scanning Agent

HOW TO OPERATE VIRTUAL SECURITY? The administrator uses F-Secure Policy Manager to centrally manage F-Secure security products that are installed in the network. F-Secure Policy Manager is available for Windows and Linux platforms. F-Secure Client Security and F-Secure Server Security products are installed on physical or virtual desktops and servers. They download and install software and database updates automatically, and send status information and alerts to F-Secure Policy Manager. To minimize the impact on performance on virtual machines, F-Secure Client Security and F-Secure Server Security offload the malware scanning and content reputation checking to a dedicated server that runs F-Secure Scanning and Reputation Server. F-Secure Scanning and Reputation Server is a virtual appliance that is based on a hardened Linux platform and provides malware scanning and content reputation services. Deployment and installation The solution can be easily deployed in a virtual environment, as well as mixed and hybrid environments with different combinations of virtual and traditional machines. Being hypervisoragnostic, it supports all popular virtualization platforms, including VMware, Citrix, and Microsoft Hyper-V. You only need to install the client software once on a virtual machine template. Scanning and Reputation Server offers easy deployment with a preconfigured virtual appliance.

PROTECTION FEATURES FOR PHYSICAL AND VIRTUAL DESKTOPS Use the following table to choose the features for F-Secure Client Security and F-Secure Anti- Virus for Workstation installation packages that you can deploy on physical and virtual desktops.

Product feature / setting Offload scanning agent Real-time malware scanning Scan network drives DeepGuard (behavior based protection) Use RTPN to improve DeepGuard detection DeepGuard advanced process monitoring DeepGuard exploit protection E-mail scanning Web traffic scanning Use RTPN on web traffic scanning Browsing Protection F-Secure Firewall (Internet Shield) Application Control Automatic Updates Database update check randomization Software Updater Device Control Microsoft NAP plug-in Physical desktop Virtual desktop install Do not install Installation recommended (see the notes) Installation not recommended (see the notes)

NOTES 1. You can turn off network drive scanning if the relevant file servers have real-time antivirus protection. 2. Turn on DeepGuard advanced process monitoring if users can install their own applications on virtual desktops. Otherwise, turn it off. 3. Turn on E-mail scanning if users can read their e-mails from untrusted or unprotected e-mail servers. Otherwise, turn it off. You should consider using F-Secure E-mail and Server Security or F-Secure Internet Gatekeeper to handle e-mail scanning on the mail server or gateway. 4. Turn on Web traffic scanning unless all HTTP traffic goes through a gateway where it is scanned (for example, with F-Secure Internet Gatekeeper). 5. Install or turn on F-Secure firewall if you need to protect virtual desktops against network-based attacks and intrusions that may come from within the virtual infrastructure, for example if you do not have full control of the host environment. You can turn off F-Secure firewall if your network has network control and intrusion prevention in place, or if you are using Windows firewall on virtual desktops. 6. Turn on Application Control if users can install and run their own applications on virtual desktops. Otherwise, turn it off. 7. You do not need to install Software Updater (SWUP) on every virtual desktop. To deploy virtual desktops without SWUP, install it on the virtual desktop template to identify and install missing OS and thirdparty updates, after which you can uninstall it before you deploy virtual desktops from the template. 8. Install the Microsoft NAP plug-in only if you use Microsoft Network Access Protection.

PROTECTION FEATURES FOR PHYSICAL AND VIRTUAL SERVERS Use the following table to choose the features for F-Secure E-mail and Server Security installation package that you can deploy on physical and virtual servers. Product feature / setting Offload scanning agent Real-time malware scanning DeepGuard (behavior based protection) Use RTPN to improve DeepGuard detection DeepGuard advanced process monitoring DeepGuard exploit protection Web traffic scanning Browsing Protection Anti-virus for MS Exchange Spam Control Automatic Updates Physical server (Exchange) Virtual server (Exchange) install Do not install Installation recommended (see the notes) Installation not recommended (see the notes)

Product feature / setting Offload scanning agent Real-time malware scanning DeepGuard (behavior based protection) Use RTPN to improve DeepGuard detection DeepGuard advanced process monitoring DeepGuard exploit protection Web traffic scanning Browsing Protection Anti-virus for MS Exchange Spam Control Automatic Updates Physical server (Terminal, RDSH, XenApp) Virtual server (Terminal, RDSH, XenApp)) install Do not install Installation recommended (see the notes) Installation not recommended (see the notes)

NOTES 1. Offload Scanning Agent is currently used for file scanning only. Because Exchange transport and storage protection in F-Secure Anti-Virus for Exchange still uses local Content Scanner Server, you should not install Offload Scanning Agent on virtual Exchange Servers, especially if you do not have many servers and they are critical for business communication. 2. You do not need to install DeepGuard advanced process monitoring and exploit protection features if the server runs trusted software and the administrator does not browse the web from the server. 3. We recommend that you turn on DeepGuard advanced process monitoring and exploit protection features if the users can run unknown software or browse the web from the terminal or RDS server. 4. Web traffic scanning inspects all HTTP traffic, which may affect communication between Exchange and other Windows server components that use HTTP-based interfaces. You can turn off Web traffic scanning and Browsing protection if the administrator does not browse the web from the server. 5. F-Secure Anti-Virus for Exchange and Spam Control are only installed if the server runs Microsoft Exchange Server. Spam Control is only installed if Microsoft Exchange Server acts as the transport or hub server.

MANAGEMENT AND REPORTING The entire solution can be centrally managed with F-Secure Policy Manager. It handles status updates, monitoring, statistics, and licensing for the solution. Policy Manager provides a scalable way to manage the security on multiple operating systems both physical and virtual - from one central location. You can use Policy Manager to: Define and distribute security policies Install applications on local and remote systems Monitor activities of all systems to ensure compliance with corporate policies and centralized control. With Policy Manager, you can see status information from the entire managed domain. This makes it easy to ensure that the entire domain is protected, and to change the protection settings when needed. You can also prevent users from changing the security settings, and make sure that the protection is always up to date.

The Web Reporting tool that is included in Policy Manager provides detailed graphical reports that are based on the latest status information and historical trend data. You can generate reports for the entire domain, subdomains, or individual hosts and also export reports as HTML files.

THIS IS F-SECURE F-Secure is an online security and privacy company from Finland. We offer millions of people around the globe the power to surf invisibly and store and share stuff, safe from online threats. We are here to fight for digital freedom. Join the movement and switch on freedom. Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd. SWITCH ON FREEDOM www.f-secure.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information