VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY

Similar documents
VIRTUALIZATION SECURITY IS NOT AN OXYMORON. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

VIRTUALIZATION SECURITY IN THE REAL WORLD

SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE

INTRODUCING: KASPERSKY SECURITY FOR VIRTUALIZATION LIGHT AGENT

Captaining datacenter security: putting you at the helm

How To Protect Your Cloud From Attack

VDI Security for Better Protection and Performance

Kaspersky Endpoint Security and Virtualization

OUR MISSION IS TO PROTECT EVERYONE FROM CYBERCRIME

Kaspersky Security. for Virtualization 1.1 and Trend Micro Deep. Security 8.0 virtual environment detection rate and performance testing by AV-Test

Trend Micro Deep Security

Two Great Ways to Protect Your Virtual Machines From Malware

Total Cloud Protection

Agentless Security for VMware Virtual Data Centers and Cloud

VIRTUALIZATION SECURITY: UNDERSTANDING THE DIFFERENCE

Secure Virtualization in the Federal Government

Cloud and Data Center Security

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

Virtual Desktops Security Test Report

The first agentless Security, Virtual Firewall, Anti- Malware and Compliance Solution built for Windows Server 2012 Hyper-V

IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE. Part I: Reducing Employee and Application Risks

How To Protect A Virtual Desktop From Attack

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

The Challenges of Securing Hosting Hyper-V Multi-Tenant Environments

Bitdefender GravityZone Sales Presentation

When Desktops Go Virtual

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Security and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser

Securing Your Journey to the Cloud. Thomas J. Miller Executive Vice President

Solution Paper. Virtualization security solutions provide a competitive advantage to service providers IaaS, PaaS and SaaS

Trend Micro Enterprise Security

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Strategies for Protecting Virtual Servers and Desktops

Protecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure

What Do You Mean My Cloud Data Isn t Secure?

Server Virtualization A Game-Changer For SMB Customers

Endpoint protection for physical and virtual desktops

Virtualization Essentials

Devising a Server Protection Strategy with Trend Micro

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Devising a Server Protection Strategy with Trend Micro

Network Access Control in Virtual Environments. Technical Note

INTRODUCING isheriff CLOUD SECURITY

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Virtualization Journey Stages

Comprehensive security platform for physical, virtual, and cloud servers

Endpoint protection for physical and virtual desktops

for businesses with more than 25 seats

COULD YOUR BUSINESS SURVIVE A CRYPTOR? Learn how to guard against crypto-ransomware. #SecureBiz

Server-centric client virtualization model reduces costs while improving security and flexibility.

WHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY

Symantec Endpoint Protection

Netzwerkvirtualisierung? Aber mit Sicherheit!

CuTTIng ComplexITy simplifying security

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY

SECURITY OF VIRTUAL INFRASTRUCTURE IT SECURITY RISKS SPECIAL REPORT SERIES

Enterprise-class desktop virtualization with NComputing. Clear the hurdles that block you from getting ahead. Whitepaper

Make Optimizing Security Protection in Virtualized Environments a Priority

IBM Endpoint Manager for Core Protection

Optimize VDI with Server-Side Storage Acceleration

OVERVIEW. Enterprise Security Solutions

10 BENEFITS THAT ONLY AN INTEGRATED PLATFORM SECURITY SOLUTION CAN BRING

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

VMware Virtual Infrastucture From the Virtualized to the Automated Data Center

World-class security solutions for your business. Kaspersky. OpenSpaceSecurity

Top Four Considerations for Securing Microsoft SharePoint

End to End Security do Endpoint ao Datacenter

Kaspersky Security for Mobile

Networking for Caribbean Development

Virtualizing Gateway Security

Kaspersky Security for Business

KASPERSKY SECURITY FOR BUSINESS

INFORMATION PROTECTED

NetDefend Firewall UTM Services

WhitePaper. Private Cloud Computing Essentials

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU

Trend Micro Sicherheit in den Tiefen des Hypervisors. Richard Javet und Gabriel Kälin Trend Micro (Schweiz)

GO GREEN SECURITY SOLUTION PRODUCT 2014

TECH TIPS. Integer eleif end conse quat molestie morbi ac eros sagittis. ebook

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

McAfee Server Security

Top virtualization security risks and how to prevent them

Symantec Endpoint Protection

SMALL BUSINESS IT SECURITY PRACTICAL GUIDE

Security in the Software Defined Data Center

Protecting the un-protectable Addressing Virtualisation Security Challenges

NAC at the endpoint: control your network through device compliance

Deep Security 9.5 Supported Features by Platform

The evolution of virtual endpoint security. Comparing vsentry with traditional endpoint virtualization security solutions

Virtualization and Cloud Computing

Effective End-to-End Cloud Security

Virtual Machine Protection with Symantec NetBackup 7

Version Kaspersky Lab FOR INTERNAL USE ONLY

10 BenefIts. that only an Integrated platform security solution can BrIng

Automated Protection on UCS with Trend Micro Deep Security

Best Practices for Managing Virtualized Environments

WHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment

Top 5 Reasons to choose Microsoft Windows Server 2008 R2 SP1 Hyper-V over VMware vsphere 5

Transcription:

VIRTUALIZATION SECURITY OPTIONS: CHOOSE WISELY With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next

One Size Does Not Fit All 1 For virtualization security, there s no one size fits all solution and trying to fit your organization s specific needs into the wrong security product can be a costly mistake. Do you know how to pick the right option for your organization? This whitepaper describes the different virtualization security solution options conventional agent-based; agentless; and Light Agent as well as possible scenarios for aligning the right security approach to your organization s virtual environment. 2

The Virtualization Marketplace 2 Virtualization is widely deployed today. Organizations are embracing the business benefits of virtualization, including: Energy and IT cost savings Improved server provisioning Simplified application deployment Improved disaster recovery Decreased hardware costs Minimized space requirements Increased reliability Centralized management and monitoring tools Rapid launch of new services An easily-scalable, dynamic IT infrastructure Unfortunately, as the prevalence of virtualization grows, cybercriminals are increasingly looking at virtual environments as a ripe frontier for launching attacks. While today s organizations recognize the importance of securing their virtual environment, many IT professionals don t know that specialized security solutions have been designed to deliver both security and efficiency for virtual environments. In fact, according to a recent survey, approximately one out of every four IT security experts has little to no understanding of their virtualization security options. What s more concerning is that nearly half of respondents (46%) said that virtual environments can be adequately protected by conventional security solutions and 36% believe that security concerns in virtual infrastructures are significantly lower than in physical environments. 1 1 Kaspersky Lab and B2B International, Global IT Security Risks Survey 2014 Virtualization 3

Security in Virtual Environments 2 The myth that virtual machines are more secure takes its origin from the fact that virtualization-aware malware would avoid performing any malicious operations when it would detect it was launched within a virtual machine. The authors of the malware used to do this to avoid the possibility that their programs would be analyzed. This is no longer the case. While virtual machines may be less prone to threats such as spyware and ransomware, they are just as vulnerable to malware in the form of malicious email attachments, driveby-downloads, botnet Trojans and even targeted spearphishing attacks. As John Sawyer from influential technology site Tech Center points out, In the end, they re all servers and someone somewhere is going to want to break into them. 2 Another misconception is that malware doesn t specifically target virtual machines. This couldn t be further from the truth. Malware authors always seek the easiest and most expedient route to targets. If an attacker has access to VM storage, he is able to introduce changes to VMs so next time they are booted up, they are already infected! Therefore not giving virtual environments proper security consideration is highly unadvisable. Virtualization is often an important element in the IT department s efforts to do more and spend less. Whether you re running applications on physical or virtual machines, you still need to guard against the constant increase in sophisticated cyber threats that could jeopardize your day-to-day operations. Some of these threats include disrupting your business processes, stealing and exposing your confidential business information, compromising the security of your data and destroying the competitive advantage that your business gains from its intellectual property. While virtualization is ultimately beneficial for companies and is often seen as the best way to expand networks, improve efficiency and optimize data security IT managers are now facing a whole new set of challenges. While the business benefits are clear, the risks are less well documented and understood, which makes selecting the right virtual-aware anti-malware solution even more important. Performance, protection and resource issues arise from traditional agent-based antimalware solutions operating in virtual environments. Virtualization is all about maximizing your investment through optimizing your IT infrastructure. If your anti-malware solution requires that database dedicated security agent be installed on each of your virtual machines, the object of the exercise is partly defeated protection is compromising productivity. 2 Observatorio Tecnologico, Tech Insight: Securing the Virtualized Server Environment 4

Virtualization Security Solution Options 3 A great first step to securing a virtualized environment is as easy as taking your already established security and operational policies for your physical servers and desktops, and replicating them across your virtual environment. However, it is important to keep in mind that while replicating these security policies is an easy first step; this does not mean that you should use the same security technologies. In fact, doing so may result in security gaps, increase IT costs and introduce system inefficiencies. There are three options that exist for delivering security for virtual server and desktop environments. Agent-Based Security While many conventional agent-based security solutions are virtual-aware and provide excellent protection, they consume significant resources and very quickly become counter productive when scaling virtual environments. Additionally, traditional agent-based security solutions may overwhelm resources when updating or scanning as well as create gaps in security when overdue updates need to be applied. While this architecture offers advanced security options it creates inefficiencies that you should be aware of. An agent is deployed on each and every virtual machine (VM) in this host environment. Relying on this agent-based approach introduces inefficiencies related to agents deployed per VM creating excessive resource consumption. There is also the concept of scanning and update storms which occur when multiple VMs in a host environment simultaneously update the agent or scan files. Additionally, instant on gaps may occur when a non-persistent VM has been offline for some time. It won t have received updates while dormant and until an update can be applied to this machine it is more vulnerable. These things do not allow tight packing of VMs on a virtualization host and seriously lower the highest possible consolidation ratio. Instant-on gap is the time between VM boot up and when an AV solution updates its database. Given VM procurement simplicity and as a result VM sprawl, some VMs may sit in off-state for weeks and months, making them making them the #1 target the next time they are booted up. 5

Agentless Security Agentless security leverages a Virtual Security Appliance (VSA) that is deployed per host environment offloading the burden from the individual VMs. There are two key functions available in agentless security. The first is file scanning which is delivered via vshield technology, authored by VMware. In this architecture all files used by all VMs within the host are relayed to the VSA for scanning by means of vshield to ensure security. Also, importantly, this architecture ensures that a VM is instantly protected upon creation, vmotion or, in the case of a non-persistent VM, once it is re-activated. The second function available with agentless security is a network attack blocker. It leverages a Network Security Appliance (NSA), which is similar to VSA but the NSA is deployed per cluster environment and relays all the network traffic between all the VMs sitting on this host. This feature requires an additional VMware license vcloud : Networking and Security. Through interaction among the NSA, the virtual filter and virtual distribution switch, network attack blocking functionality is efficiently delivered. With agentless virtualization security, consolidation ratios are kept high. Also, this solution is extremely simple and fast to deploy and manage. The drawbacks are simple. It s for VMware environments only and having been authored by a virtualization vendor it lacks some of the advanced security functionality. 6

Light Agent Security Light agent is a new approach for securing virtual environments. Through a combination of deploying a dedicated security virtual appliance, similar to that deployed in agentless security environments, together with a small software agents (Light Agent) advanced capabilities are available for each VM. Similar to the agentless architecture, a VSA is tasked with file scanning and keeping the security profile continuously updated. Similar to agentless security the VM is instantly protected upon creation or activation though interaction with the VSA. The light agent provides the more advanced security functionality including application controls, web and device controls, advanced proactive protection, firewall, HIPS, memory scanning and vulnerability monitoring. These advanced security capabilities are not available in agentless security and represent an excellent security choice for environments with frequent internet interaction or those that are far removed from an organization s security perimeter. For example a VDI environment would be well served by a light agent security solution. This architecture allows Kaspersky to deliver efficient virtualization-security solutions to the market for Citrix, Hyper-V as well as VMware hypervisor installations while maintaining the performance advantages of a virtualization-optimized solution. Light Agent s impact on the host performance is minimal and the consolidation ratios are comparable with an agentless solution. 7

What s Your Best Option? The optimum approach for your organization and the unique architecture of your IT infrastructure will depend on a number of factors, including the level of risk you re likely to encounter, the value of the data that your systems store and process, the consolidation ratios that you re aiming to achieve, your organization s virtual environment (both your servers and desktops) and your virtualization hypervisor vendor. When considering security for virtualization, it s important to evaluate agentless solutions as well as light agent security solutions. For example, if you operate a VMware-based virtual environment, agentless security, which is today only available in VMware environments, can help you to achieve high consolidation ratios and significant ROI due to its ease of deployment and simple administration. In a tightly controlled data center environment where servers are performing work that doesn t require them to be constantly connected to the Internet an agentless security solution may provide adequate protection. 8

Citrix-based, Microsoft -based or some VMware implementations may benefit from light agent products to provide efficient and comprehensive security that keeps consolidation ratios high. For some businesses, a mixture of both agentless and light agent security products may be appropriate. If you are using a non-windows guest operating system or you re running a less common hypervisor, a virtualization-aware full agent solution may be your best option. In general, it s important to perform some due diligence and understand the options that exist. In most cases, security that s optimized for virtual environments is most desirable as it will offer the most attractive performance, consolidation and operating cost benefits. At the end of the day, businesses need to remember the most important guide to virtualization security make sure security is considered at the very outset of any virtualization project and that you understand the options that exist for securing these business critical environments. ALIGNING THE SECURITY APPROACH TO THE ENVIRONMENT Traditional Agent-Based > Works on any hypervisor > Where VM density is not critical > Windows, Linux or Mac guest VMs Agentless Security > VMware only > Allows high VM density > Windows guest VMs only > Minimal IT resources for installation and management > Typical installation would be server virtualization with controlled internet connectivity (no browsing) Traditional Agent-Based > VMware, Citrix, or Hyper-V > Allows high VM density > Windows guest VMs > Advanced security requirements: > IM, Web and Mail AV > Automatic Exploit Prevention > Application, Web and Device controls > Typical usage would be VDI and servers with critical roles 9

About Kaspersky Lab Kaspersky Lab is the world s largest privately held vendor of endpoint protection solutions. The company is ranked among the world s top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. With its holding company registered in the United Kingdom, Kaspersky Lab operates in almost 200 countries and territories worldwide, providing protection for over 300 million users worldwide. Call Kaspersky today at 866-563-3099 or email us at corporatesales@kaspersky.com, to learn more about Kaspersky Endpoint Security for Business. www.kaspersky.com/business SEE IT. CONTROL IT. PROTECT IT. With Kaspersky, now you can. * The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares (IDC # 242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012. 2014 Kaspersky Lab ZAO. All rights reserved. Registered trademarks and service marks are the property of their respective owners. 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information