Some security appliance vendors now offer security software products within virtual machines, with the goal of...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
making configuration and deployment easier. Can you explain why this seems to be a growing trend, and what are the implications, both good and bad, for enterprise security?
A problem common to all software vendors is ensuring their products are installed and configured correctly and don’t disrupt existing applications and services on the customer’s computer. A virtual security appliance is a pre-built, pre-configured, ready-to-run application solution packaged along with an optimized operating system. This type of operating system is referred to as JeOS (just enough operating system), pronounced “juice.” (The difference between a virtual machine (VM) and a virtual appliance is the appliance comes with a pre-configured OS and application stack, whereas a VM has neither.)
A JeOS contains only the programs and components required to support the specific workload it runs. It occupies a much smaller footprint compared to a general purpose operating system, and therefore has a smaller attack surface. It is also much easier to maintain and manage since fewer updates are required for a slimmed down OS. This smaller attack surface and simplified patch management make virtual appliances more secure than applications installed on top of a regular OS. Vendors can also concentrate solely on developing their product without having to spend time trying to make it work on a variety of system configurations.
There are other advantages, particularly for system administrators of large enterprise systems. Since the software application arrives packaged in a run-to-ready format, pre-installed and pre-configured with its own operating system, it removes many of the problems associated with rolling out an application across many diverse configurations. By simply downloading and powering on the virtual appliance file, the application is instantaneously available.
Maintenance is also easier. Virtual appliances are a unified offering and are supported by patches and service packs provided directly by the software developer. This means an administrator has a single point of contact instead of having to test and manage patches, service packs and upgrades from multiple vendors. There are no compatibility problems, either, as all patches and updates are pre-tested and delivered by the vendor.
The rapid rise in the number of virtual appliances at the VMware virtual appliance market place shows how popular this form of software product is becoming. Any product that is pre-configured and ready-to-run on a slimmed down pre-configured OS has to be good for overall system security.
Dig Deeper on Virtualization security issues and threats
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.