VDI Growth Brings Need for Endpoint Protection for Virtualization
- 03 December, 2012 15:36
"Our existing customer base and every customer we talk to is doing some sort of virtualization," says Piero DePaoli, director of Product Marketing for Endpoint, Messaging & Web Security at Symantec. "They don't want to buy another security solution to do that. But a security solution that is not optimized for virtualization can end up backfiring because it can dramatically affect performance."
"As a Symantec technology partner, one of the trends that continues to persist among our customers is the growing adoption of virtualization technology," adds Feris Rifai, founder and CEO of Bay Dynamics, an information security and risk management firm with strong OEM ties to Symantec. "Virtual servers and desktops are becoming more than just a novelty, they are changing the way businesses function. With a vast amount of benefits-including cost-savings and greater efficiency—more and more businesses are increasing their investment in virtualization deployments."
VDI Market Growing?
It may be growing, but VDI remains an immature segment of the overall virtualization market, says Jon Olstik, senior principal analyst with Enterprise Strategy Group (ESG). So what's behind the interest in supporting it? Symantec, after all, is actually a late-mover among its competitors: Trend Micro has OfficeScan with a plug-in along with Deep Security Agentless Protection; McAfee offers McAfee Management for Optimized Virtual Environments (MOVE); and Kapersky has Kapersky Security for Virtualization.
"It's important for a couple of reasons," Olstik says. "The competition is going that way and you don't want to be the one vendor that's asking to continue to put an agent on every virtual machine. And we do see people starting to require this technology. They want to maximize and tune the performance for their applications. It's a better architecture for virtualization."
"While [the desktop virtualization market] is not real mature, what is true is that large organizations are finding a niche where it makes a lot of sense," Olstik adds. "People who carry around laptops, power users, those people aren't virtualized and probably never will be. But for people who are tethered to a desktop, it makes sense. That has a lot of momentum."
Mixed Environments Create Security Headaches
Mixed environments-with large numbers of physical machines and some portion of virtualized desktops (or even point-of-sale and similar devices)-are making management of security in these organizations a serious headache.
"Virtualization presents a particular challenge as businesses are looking to secure both physical and virtual environments simultaneously; previously, this would require organizations to implement and manage a slew of point products to address their security needs," Rifai says.
And those products could take a drastic toll on performance in virtual environments. Two issues affect performance in virtual environments: resource contention and disk I/O. For instance, imagine six virtual machines running on the same piece of hardware, each running a security scan-often of the same files. At the same time, you can't ignore security on virtual desktops. Virtual machines have the same security issues as physical machines. Both kinds need antivirus protection and more advanced protections, like host and network intrusion prevention systems (IPS).
As a result, even large, sophisticated organizations that have implemented desktop virtualization in portions of their business have been slow to adopt virtual security controls, preferring to manage virtual desktops as they do their physical machines, Olstik says.
"They really have stuck to physical controls," Olstik says. "But I think that era is coming to an end because of the density of virtual servers and virtual desktops."
The various virtualization-optimized endpoint protection solutions seek to resolve those problems. For instance, SEP implements one feature called Shared Insight Cache, which is essentially file scan deduplication that checks each file to be scanned against a scan cache. That way, SEP only scans a file once, drastically reducing the total number of files scanned.
"By integrating with vShield Endpoint, Symantec Endpoint Protection 12 offloads antivirus and anti-malware agent processing to a dedicated secure virtual appliance which streamlines deployment and monitoring in VMware environments," explains Michael Marfise, director of Product Management for Symantec Endpoint Protection. "Bottom line: Symantec improves your consolidation ratios."
The upgrade, immediately available to all existing customers free of charge, integrates SEP 12 with VMware vShield Endpoint.
Symantec says it has also made improvements to its SONAR behavioral engine-increasing the number of behaviors monitored for out-of-the-ordinary activity from 400 to nearly 1,400-to improve protection against zero-day threats. Additionally, Symantec has added new management capabilities that allow IT administrators to automatically remove existing security software and then use client wizards to seamlessly deploy SEP. Symantec has also added platform support for Windows 8, Windows Server 2012 and OS X Mountain Lion.
Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for CIO.com. Follow Thor on Twitter @ThorOlavsrud. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Thor at firstname.lastname@example.org
Read more about security in CIO's Security Drilldown.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
CIOs to Become In-House Brokers -- and That's a Good Thing
The future of computing
10 Hot Hadoop Startups to Watch
The future of computing
An enterprise resource planning (ERP) software solution provides the ability to access the right information, from the right source, at the right time, empowering all users throughout the supply chain. This report explains how your solution can identify the resources needed to capture, produce, ship, and account for customer orders, while supporting the various manufacturing processes.
IBM X-Force Threat Intelligence
In the second half of 2013, the advancement of security breaches across all industries continued to rise. Within this report, we’ll explain how more than half a billion records of personally identifiable information (PII) such as names, emails, credit card numbers and passwords were leaked in 2013 - and how these security incidents show no signs of stopping.
Journey to the Future-State framework
Defining the future role and cataloguing the competencies that would take CIOs there was only the first step. In 2009 Council members pushed for more – they wanted to help the IT profession make the journey from Functional Head (where IT is inevitably viewed as a cost centre) to a Business Strategist (where IT is externally focused and viewed as an organisational ‘game changer’). Although a single prescription for advancing the role is impossible because CIOs circumstances are all different, members wanted a general roadmap and guidelines.