Speak to any IT manager today, and they’ll tell you they’re on a journey: a journey from a physical environment to virtualized and cloud environments. With no two IT environments the same, they’ll all be at a different stage of this journey, but the stats speak for themselves. A few years back, Gartner predicted that three-quarters of x86 server workloads would be virtualized by 2015. That same report in 2011 also forecast the number of virtual machines (VMs) to grow five-fold at a CAGR of 38% from 2010-2015.
It’s a no-brainer for most IT leaders, under pressure to cut hardware costs and run systems in a more efficient, environmentally-friendly and agile manner. Across the globe, organizations are virtualizing their physical servers and also tapping into the power of public and private clouds and all the flexibility, scalability and ease-of-management that comes with this. Yet, while virtualization and cloud computing simplifies on the one hand, it complicates on the other. Organizations usually end up running hybrid environments of physical, virtualized and cloud environments in their modern data center.
Shoehorning legacy physical security into these complex, mixed environments will not work. Instead, a new approach is necessary.
A brave new world
Virtual environments present a whole new set of security risks, and cybercriminals have already proven to be more than capable of exploiting these new vulnerabilities.
Virtual machines by their very nature are dynamic. IT managers are forever provisioning and de-provisioning them as needed, providing rapid computing resources wherever it is needed, for however long it is needed. It is difficult to consistently keep these VMs up-to-date with the latest security patches as one would in a traditional IT environment. This can mean that if VMs that have lain dormant for some time are then powered on they can introduce serious security vulnerabilities. These are called “instant-on gaps.”
Another by-product of the dynamic virtual environment is that VMs of different trust levels often end up being housed alongside each other, opening up the risk of inter-VM attacks. This is especially true of multi-tenancy public cloud environments where organizations often have little or no say over where their VMs will end up and who they’ll share infrastructure with. Traditional appliance-based IDS/IPS solutions can’t monitor this inter-VM traffic, potentially leaving the organization exposed to such attacks.
A final major issue with virtual environments involves resource contention and performance. VM densities can sometimes grow into the hundreds, so if a traditional security product is used, AV scans or other scheduled updates kick in on all machines at once. The resulting “storm” can severely impact performance, while also undermining security and compliance efforts.
A modern solution
The answer is to invest in modern data center security. That is, security tools and products that have been designed specifically with virtual and cloud environments in mind. Look for an agentless architecture which means resource-intensive tasks are handed off to a virtual appliance, combatting the risk of security “storms.” Modern data center solutions will also ensure each VM is provisioned in a fully secure state thanks to virtual patching capabilities, addressing the problem of instant-on gaps. Finally, look for a provider who can promise that each of your VMs will be wrapped in a secure perimeter wherever they go – preventing inter-VM attacks as they travel from one hypervisor to the next and out into the public cloud.
The Deep Security difference
Trend Micro Deep Security is an industry-leading security solution designed to protect organizations across physical, virtual and cloud servers. It features anti-malware, web reputation, integrity monitoring, intrusion detection and prevention, firewall and log inspection – available agentless for virtual environments.
Here are a few more benefits:
- Optimized for leading virtualization and cloud architectures including AWS, Microsoft Azure, VMware vCloud Hybrid Services.
- Deployed at hypervisor level for improved visibility, easier compliance
- Creates self-defending VMs to counter inter-VM attacks
- Virtual patching to close off instant-on gaps
- One platform for all environments eases management, lowers TCO
- Backed by threat intelligence from industry-leading Smart Protection Network