Sourcefire embraces VMware

Sourcefire Monday said its intrusion-prevention technology now can help safeguard virtualized servers running VMware software.

The Realtime Network Awareness (RNA) passive-discovery tool, used as part of the Sourcefire 3D system for intrusion-detection and -prevention, continually monitors to discover network services, machine operating systems and applications, including their configuration and behavior. 

Sourcefire says the RNA 4.8 release now available will be able to scan VMware-based ESX server assets with the same thoroughness RNA would scan traditional server assets. In addition, Sourcefire expects to ship a “virtual appliance” version of RNA by year-end that will combine ESX and RNA so RNA can run in VMware’s virtual-machine server platform.

RNA 4.8 will not support virtualization technology from such VMware rivals as Microsoft and Citrix Systems, though Sourcefire could add support to later versions, says Michele Perry, Sourcefire’s chief marketing officer.

Sourcefire has observed corporations shifting to virtual-machine environments at a fast clip to gain the advantages of server consolidation and power supply, but there’s often a frenzied “Wild West or dot.com feel to it,” Perry says. Frequently the security trust-levels established in traditional physical-server configurations are being abandoned without suitable substitutes, she points out.

Security auditors who may not have been informed about the changes wrought by virtual machines will have an impact in the coming year as they look at the virtual-machine networks that have sprung up and issue security findings and decisions about them, Perry predicts.