Virtualization Security Has Finally Arrived, but a Skills Gap Threatens its Success

Paula Musich
Paula Musich

Summary Bullets:

  • Enterprise IT now has a healthy array of choices for protecting virtual machine-based applications and data
  • What’s missing are the IT skills necessary to adequately support security for virtual environments

In the last month it’s become abundantly clear that virtualization security is alive and well, and quickly moving toward mainstream status – at least from the vendor side.  Real competition has arrived when it comes to specifically protecting virtualized applications and data, thanks to this year’s serious entry into the growing market by three of the four largest anti-malware providers – Symantec, McAfee, and Kaspersky – along with innovative new startups such as Bromium. (Trend Micro, the third-largest anti-malware provider, has been in the market for a few years now with a very capable contender.)  There is now finally a healthy array of host-based anti-malware, encryption, network security and threat management products geared specifically toward securing virtual servers and cloud-based data. That means there are plenty of options to choose from, different approaches to streamlining the resource utilization of scanning, and varying levels of maturity in virtualization security products. Now what’s really needed is education.  Continue reading “Virtualization Security Has Finally Arrived, but a Skills Gap Threatens its Success”

The Virtualization Bulldozer and Security: Time to Get Your Head Out of the Sand

P. Musich
P. Musich

Summary Bullets:

  • Security teams should educate themselves on the options available specifically to protect virtual servers and desktops
  • Security teams should seek to get involved in virtualization projects early in the planning process

Chief information security officers (CISOs) and security teams should educate themselves on the growing array of threat management products aimed specifically at securing virtual server and/or virtual desktop environments. Why? Because traditional security methods do not scale nor do they match the flexibility required in virtualized environments, or directly protect the hypervisor from breaches. At the same time, the first generation of virtualized endpoint protection, firewalls and other threat management products take up too much overhead, which greatly diminishes the benefits of virtualization that most organizations are seeking. They require an instance of their scanners per-VM, taking up critical CPU and memory, and when multiple signature scanners in a single physical host all update signatures at the same time, it creates a scan storm that can bring a server to its knees.
Continue reading “The Virtualization Bulldozer and Security: Time to Get Your Head Out of the Sand”