Notes from VMworld: Securing the Virtualized Enterprise
Security vendors at VMworld came prepared to show the latest in solutions to the security problems of virtualized and software defined networks. The key to many of those solutions, as to SDN and SDDCs themselves, is the abstraction of security away from physical appliances. That abstraction can potentially bring increased flexibility, scalability, automation, and orchestration to bear against threats.
"Software secured networks" from Halon
Swedish security vendor Halon enables "software secured networks" via three products, all available for virtualization platforms like VMware, KVM, Xen, and Hyper-V. The email security solution features in-line scanning and processing of emails in lieu of quarantining. Questionable emails are rejected outright, preventing recipients and enterprises from ever assuming liability for malicious emails, a company spokesperson told me. The Halon load balancer comes with a full-featured dual-stack v4/v6 firewall, a router with OSPF, VRFs, equal-cost multi-path routing, and SOAP APIs. Halon also offers an IPv6-capable security router with firewall and load balancing capabilities. According to the Halon spokesperson, all of the company's products are open, fully configurable, and SDN-ready with flexible APIs.
Catbird's software-defined security
Former Gartner Cool Vendor Catbird takes the software defined concept to the next level by claiming first-to-market honors for its vSecurity solution. The company calls vSecurity the first 100 percent software-defined security architecture, thanks to its automation and orchestration capabilities and its scalability, flexibility, portability, and abstraction from physical security gear. These features allow greater access and visibility than traditional security applications and appliances, a Catbird spokesperson told me, because the software lives in the virtualization fabric itself. Assets within the virtual network carry their policies with them wherever they go, and the software allows for real-time alerting and response that exceeds what's possible with siloed security infrastructure. In some ways, it's reminiscent of Net Optics' Security-Centric SDN approach, which we previously covered.
NSX gives Alert Logic better intelligence and visibility
Alert Logic leverages its VMware NSX integration to enhance its Security as a Service cloud offering. What NSX provides, according to Alert Logic VP of Business Development Rohit Gupta, is access to network traffic without having to insert network agents and duplicate the traffic. This agentless security is vital to virtualized networks, Gupta told me, not only because agents can be disabled, but also because agents on VMs that go dormant may be out of date when those VMs are brought back. Additionally, the real-time event information that the NSX integration provides enhances Alert Logic's 24/7 managed security service, which the company offers with its software. More data monitored and more intelligence gathered means greater protection across the vendor's installed base.
Hardware isolation and micro-VMs from Bromium
Outside the VMworld doors, meanwhile, other vendors are also working on new solutions to new security problems. Bromium, a 2013 Gartner Cool Vendor, protects endpoints and networks from threats using "micro-virtualization." In a departure from the software sandboxing approaches taken by companies like Invincea, Bromium's vSentry creates hardware-isolated micro-VMs for every single untrusted task, effectively quarantining individual browser tabs, file accessing operations, or other activities. This model focuses on protection rather than detection and response, according to Bromium co-founder and CTO Simon Crosby, and protects systems from the vulnerabilities of software sandboxing. Software sandboxes, Crosby told me, have serious architectural flaws ripe for exploitation, as the company demonstrated at Black Hat EU and USA this year.
As the virtualized landscape grows, so does the threat landscape. A plethora of companies promise innovative new solutions to enterprises' security problems. Which sound most promising to you? Let us know in the comments.
Jude Chao is executive editor of Enterprise Networking Planet. Follow her on Twitter @judechao.