Emerging Technologies: How to secure new products


This article can also be found in the Premium Editorial Download "Information Security magazine: CISO survival guide: 18 of the best security tips."

Download it now to read this article plus other related content.

Virtualization (continued)

    Requires Free Membership to View

It may be more complex than that. Maintaining--or even knowing--the correct configuration requirements may be problematic.

"There could be conflict when I change configurations and patch, given the complexity of SAN, virtualization software and the OS," says Dennis Moreau, CTO of Configuresoft. "Best practices have focused on each layer in isolation, but what's best for storage may not be for an application."

This means thinking in terms of dynamic situations, in which one gold standard for a given OS or application doesn't necessarily apply.

"IT has to connect dots across the components," says Moreau. "How do virtual components impact each other?"

"Security is not a problem perceived by customers; they're focused on performance and achieving consolidation," says XenSource's Crosby. "The bad guys are not paying attention yet, but this will increase as the number of virtual machines increases."

Neil Roiter is Information Security senior technology editor.

Virtual World Tools

Just a handful of vendors are offering specialized VM-specific security products, anticipating what may be a growing market. They include:

Reflex Security
Reflex Virtual Security Appliance (VSA) profiles virtual network state, assets and communications, providing antivirus/antispyware protection, network discovery and network policy enforcement for VMs on the host machine.

Blue Lane
Blue Lane VirtualShield takes a different approach, protecting unpatched, out-of-date and offline VMs. It discovers VMs, ports, applications and protocols, and applies corrective action against traffic that could exploit vulnerabilities.

StrataGuard Free IDS/IPS is available free of charge as a VMware virtual appliance. Its Cobia Unified Network Platform is an open-source software platform that provides multiple security services across physical and virtual networks. It can be installed on standard servers or as a VMware virtual device.

This was first published in July 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: