Catbird launches virtual security service

Security vendor Catbird Monday announced the availability of a security service the company says will protect virtual machines from unauthorized access and malicious attacks on the hypervisor.

HypervisorShield, a new service of Catbird's V-Security suite, extends security protections to the hypervisor layer in a virtual environment. The service monitors hypervisors for specific vulnerabilities, known attack signatures and guest-machine access to protect customer environments. Company executives say despite the lack of any widely publicized attacks against virtual servers and hypervisors, the technology creates new security vulnerabilities that IT security managers must guard themselves against.

"I talk to customers virtualizing very critical components in their environment, servers that contain employee or client medical data for instance, and I see this kind of blasé attitude regarding securing the virtual machine," says Michael Berman, Catbird CTO. "I haven't experienced this attitude from security people since I was talking to them about firewalls and why they needed them 12 or 14 years ago. Some people ask, 'Why do I need a security device in a virtual environment?' And I have to say, 'Because you are totally exposed.'"

Among the potential threats to virtual environments is unauthorized access. For instance, Catbird's HypervisorShield would ensure that only authorized users can contact services in VMware's hypervisor by setting up policies and enabling network-access-control features that could lock down the hypervisor when unauthorized access attempts are made. In addition, the service continuously runs intrusion-detection and -prevention scans to make sure external attacks are prevented.

HypervisorShield connects to customer networks from Catbird's security operations center (SOC) via an SSL VPN. Agent software installed inside customer networks would communicate with the management console installed at the SOC. Catbird has virtualized its physical agent and for the HypervisorShield service, the agent technology runs as a virtual guest on customer hypervisors. Berman says the more visibility IT security staff can get into the virtual realm, the better protected the environment will be.

"The agent monitors in a continuous fashion activities on the virtual network, system, host and hypervisor," Berman explains. "We can see if the hypervisor is copying out to the Internet, and the service can also see virtual-machine-to-virtual-machine traffic."

Catbird comes from a traditional security background, but says its service-based approach to security works well for virtual environments. Competitors such as Blue Lane Technologies and Reflex Security also have emerged to protect virtual machines and hypervisors in virtual server environments.

Catbird's HypervisorShield service is available now and costs $18 per month, per virtual machine secured. The agent technology is provided free. Customers also can buy the technology for a one-time price of $3,250. Existing customers can get the service as an additional application in their existing contracts.