Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Catbird launches virtual security service

New service extends security protections to the hypervisor layer in a virtual environment
By Denise Dubie , Network World , 01/14/2008

Security vendor Catbird Monday announced the availability of a security service the company says will protect virtual machines from unauthorized access and malicious attacks on the hypervisor.

HypervisorShield, a new service of Catbird's V-Security suite, extends security protections to the hypervisor layer in a virtual environment. The service monitors hypervisors for specific vulnerabilities, known attack signatures and guest-machine access to protect customer environments. Company executives say despite the lack of any widely publicized attacks against virtual servers and hypervisors, the technology creates new security vulnerabilities that IT security managers must guard themselves against.

"I talk to customers virtualizing very critical components in their environment, servers that contain employee or client medical data for instance, and I see this kind of blasé attitude regarding securing the virtual machine," says Michael Berman, Catbird CTO. "I haven't experienced this attitude from security people since I was talking to them about firewalls and why they needed them 12 or 14 years ago. Some people ask, 'Why do I need a security device in a virtual environment?' And I have to say, 'Because you are totally exposed.'"

Among the potential threats to virtual environments is unauthorized access. For instance, Catbird's HypervisorShield would ensure that only authorized users can contact services in VMware's hypervisor by setting up policies and enabling network-access-control features that could lock down the hypervisor when unauthorized access attempts are made. In addition, the service continuously runs intrusion-detection and -prevention scans to make sure external attacks are prevented.

HypervisorShield connects to customer networks from Catbird's security operations center (SOC) via an SSL VPN. Agent software installed inside customer networks would communicate with the management console installed at the SOC. Catbird has virtualized its physical agent and for the HypervisorShield service, the agent technology runs as a virtual guest on customer hypervisors. Berman says the more visibility IT security staff can get into the virtual realm, the better protected the environment will be.

"The agent monitors in a continuous fashion activities on the virtual network, system, host and hypervisor," Berman explains. "We can see if the hypervisor is copying out to the Internet, and the service can also see virtual-machine-to-virtual-machine traffic."

Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.

Download the white paper.

Unauthorized applications: Taking back control

Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?

Download the white paper.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.

Whitepapers

Advancing the Economics of Networking

Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...

Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch Offices

This paper reviews the problem of creating a network where the dynamic availability of services is...

Enterprise Data Center Network Reference Architecture

Using a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...

Webcasts

PoE Plus: Impact on the PoE Market

The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...

Harnessing the power of communications to increase workplace performance

Due to the convergence of IT and telecommunications technologies, the business workplace has been...

Stay out of the headlines: Detecting and preventing network intrusions

How do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...

Special Reports

The Evolution of Network Security

We have so many holes punched in our firewalls today that many industry insiders question the value...

IP address management in 2008 - six things to know

Read this Network World Special Brief to learn how Enterprise IT managers must update their...

The self-managed network

We aren't there yet, but advances in network and systems management tools are making it possible to...