Product Review: Altor Networks' Virtual Network Security Analyzer (VNSA) 1.0 - Information Security Magazine - Page 1

Product Review: Altor Networks' Virtual Network Security Analyzer (VNSA) 1.0

VIRTUALIZATION


Virtual Network Security Analyzer (VNSA) 1.0
REVIEWED BY PETER GIANNACOPOULOS

Altor Networks

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.


Price: Starts at $1,500 for Altor Center Enterprise and $500 per agent

The explosive growth of virtualized x86 environments over the past several years has challenged traditional security vendors to adapt their appliance/server mentality to a radically different computing environment. The existing approaches to network segmentation, intrusion detection and traffic monitoring have to be rethought. It is an especially daunting task to secure potentially hundreds of virtualized switches sitting on dozens of physical servers connecting hundreds, if not thousands, of virtual machines when there is no guarantee that these virtual switches have any sort of physical connection to the enterprise data center.

Altor Networks seeks to address this problem with Virtual Network Security Analyzer (VNSA) product. Altor has an intriguing concept with VNSA and the as yet unreleased Virtual Network Firewall (VNF), but while it works very well as far as it goes, the concept is not yet ready for prime time.


Installation/ConfigurationA  

Altor is clearly aiming at enterprise-level VMware deployments and requires a VMware Virtual Infrastructure 3 (VI3) install. This makes sense, given the market dominance of VMware, but you'll have to search for a Citrix XenServer or Microsoft Hyper-V solution.

Installation is almost childishly simple and consists of simply creating a port group in promiscuous mode on the virtual switches you wish to monitor (to allow network sniffing by the VNSA appliance) and the installation of a VM with the complete Altor VNSA application. You can install the VM either by unpacking a complete image from a standard zip archive or by downloading an Open Virtual Machine Format (OVF) file directly from within Virtual Center.

Once the VM is installed, you must assign the VNSA NICs to the preconfigured promiscuous mode port groups, then power on the VM to perform the expected basic network configuration (IP address, time zone, etc) and assign passwords to the local Altor accounts. The entire process takes minutes and is a perfect example of how virtual appliances should be packaged and distributed.

Altor worked like a charm and didn't cause any conflicts with our existing setup.

This was first published in September 2008