HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 6 MINUTES AGO.
You are here: Home / Network Security / Virtual Servers Need Protection, Too
Virtual Environments Need Protection from Attackers
Virtual Environments Need Protection from Attackers
By Peter Piazza / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
28
2008


Servers use only a small percentage of their capacities to store data or run applications. Virtualization technology allows multiple applications to run side by side on the same machine. This allows companies to consolidate as many as 20 servers into one machine that could be running databases, e-commerce applications, and a Web server simultaneously.

The return on investment is clear just from hardware costs and lower electrical costs (an estimated 2.5 percent of all U.S. power consumption is for data centers). At the same time, virtualization allows new servers to be put into a production environment very quickly, helping to realize savings on time and manpower.

But virtualized environments face the same threats as physical environments, plus some unique challenges. Jason Yuan, group manager for product management, at security firm McAfee told us that companies looking to realize cost savings by storing data virtually need to be aware of these risks.

Virtual Risks

"One of the benefits of virtualization is being able to create a disaster-recovery backup," Yuan said. In fact, creating a backup can be done with nothing more than a right-click of the mouse. The backup image is typically stored offline on network-attached storage (NAS) or a storage-area network (SAN) until it's needed, then it's plugged directly into the production environment. That's where trouble lies.

"On the day of the backup there might not be a vulnerability, but six months later there may be some vulnerability that was uncovered in that operating environment or the applications that are running," Yuan explained. If that happens, the network becomes attackable the moment it's brought online. Yuan has seen it happen; a backup that had a vulnerability that didn't exist three months earlier was brought online, and was immediately infected by a worm that shut down thousands of machines.

"Virtualization requires the same security as a physical system," Yuan said, including antivirus, intrusion-protection and intrusion-detection systems. It also poses some unique threats. For example, the virtualization application itself is software that can be attacked. "Last year, the number of vulnerabilities associated with the virtualization environment doubled compared to 2006," Yuan noted.

Real Protection

So before moving precious data into a virtual environment, take a look at the protection available. McAfee announced this week a host of products and services that address security issues in the virtualized environment. It's embedding VMSafe, a set of APIs from virtualization giant VMware, into its security offerings. Yuan said that will allow McAfee to provide security "underneath the operating environment, so we can monitor and protect better than the physical environment."

McAfee has also built a new Email and Web Security Virtual Appliance for the VMware platform to better protect virtualized environments while giving organizations the same cost benefits as other virtualized applications. Later this year McAfee will launch a product that will open offline images and ensure they're protected before being put into the production environment.

Yuan said McAfee is also working to integrate its other offerings, such as encryption and data-loss prevention, into the virtualized environment. IntruShield, a network-based intrusion-prevention solution, is already effective against VMWare attacks, he said.

McAfee also announced an update of its virtual infrastructure security assessment service, McAfee Foundstone Professional Services. "It's a risk-assessment service for anyone who wants to perform a virtualized deployment," Yuan said. The technology-agnostic service has already been working with Fortune 500 companies and is aggregating best-practices tips into the updated service, Yuan said.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Forrester study shows 187% ROI with Druva Endpoint Backup: In a commissioned study conducted by Forrester Consulting on behalf of Druva, Forrester found that the costs and benefits for a composite organization with 3,000 inSync users, based on customer interviews, are: 1) 187% return on investment, and 2) Total cost savings and benefits of $3.8 million. Click here to access the study now.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Using Internet-connected devices without strong passwords is inherently risky, as illustrated by reports that a Russian Web site is showing live footage from thousands of people's webcams.

ENTERPRISE HARDWARE SPOTLIGHT
Doctor Who had K-9, the robot dog that accompanied him on adventures through space. Now, Mountain View has K5, a 5-foot-tall, 300-pound robot security guard patrolling in the Bay Area.

MOBILE TECHNOLOGY SPOTLIGHT
To better its customer service, Comcast is pulling out at least some of the stops. The cable giant has launched an app so you can track the cable guy in real time. It's designed to ease customer frustration.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.