- Security teams should educate themselves on the options available specifically to protect virtual servers and desktops
- Security teams should seek to get involved in virtualization projects early in the planning process
Chief information security officers (CISOs) and security teams should educate themselves on the growing array of threat management products aimed specifically at securing virtual server and/or virtual desktop environments. Why? Because traditional security methods do not scale nor do they match the flexibility required in virtualized environments, or directly protect the hypervisor from breaches. At the same time, the first generation of virtualized endpoint protection, firewalls and other threat management products take up too much overhead, which greatly diminishes the benefits of virtualization that most organizations are seeking. They require an instance of their scanners per-VM, taking up critical CPU and memory, and when multiple signature scanners in a single physical host all update signatures at the same time, it creates a scan storm that can bring a server to its knees.
Continue reading “The Virtualization Bulldozer and Security: Time to Get Your Head Out of the Sand”