Skip Links

Clear Choice Test

Virtualization security

Introduction | Slideshow | Test methodology
Scorecard | Test archive

New security tools protect virtual machines

5-product test reveals differences between Reflex, Catbird, Beyond Trust, Hytrust and Trend Micro

By David Strom, Network World
March 07, 2011 12:00 AM ET

Network World - As enterprises move towards virtualizing more of their servers and data center infrastructure, the security technologies that are plentiful and commonplace in the physical world become few and far between.

While few direct attacks on virtual machines have been observed, it is still good security practice to protect VMs from potential vulnerabilities that exist only in the virtualized world.

For example, physical firewalls aren't designed to inspect and filter the vast amount of traffic originating from a hypervisor running 10 virtualized servers. And because VMs can start, stop, and move from hypervisor to hypervisor at the click of a button, protective features have to be able to handle these movements and activities with ease. Finally, few hypervisors have the access controls that even the most basic file server has: once someone can gain access to the hypervisor, they can control all of the VMs that are housed there.

In response to these concerns, a number of new vendors have created virtualization security tools. And the pace of mergers and acquisitions has picked up as the established vendors try to augment their offerings and integrate products. For example, VMware purchased Blue Lane Technologies and incorporated Blue Lane's software into its vShield product line. Juniper Networks purchased Altor Networks Virtual Firewall and is integrating Altor into its line of firewalls and management software. And Third Brigade is now part of Trend Micro's Deep Security line.

5 key virtual management questions | Test methodology

For this test, we sent invitations to all of the major players. The five who accepted are: Beyond Trust Power Broker Servers for Virtualization, Catbird vSecurity, Hytrust Appliance, Reflex Systems Virtualization Management Center, and Third Brigade/Trend Micro Deep Security. Declining were CA for its Virtual Privilege Manager, Juniper/Altor, Fortinet FortiWeb VM (which was just announced in January) and VMware's vShield.

We found that no single product can do everything well, or even more than a few things. While it would be nice if we could buy a VM-equivalent of a unified threat management tool, none currently exists.

Since the products have different sets of capabilities, they are not directly comparable. We developed a scorecard that indicates which vendors do a better job in various categories, but we're not naming an overall winner. In fact, a few of these vendors have teamed up to provide combined solutions. This coupled with the active mergers mentioned above means that this is a very dynamic category and you should expect further consolidations and changes.

If you are new to virtualization, these products might seem confounding as they use an entire new vocabulary, such as the word "hosts" to indicate the physical hypervisor servers that run individual VMs. And obviously, you will need some experience with vCenter and ESX to understand how to deploy and use these products.

Of the five products, Reflex's Virtual Management Center is the most comprehensive, with modules in three broad areas that we examined -- auditing/compliance, firewall/intrusion detection, and access controls. These modules are knit together with separate reporting and management consoles. That is a lot to handle, to be sure.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News