Virtual machine (VM) security still a work in progress

Catbird, Hytrust, TrendMicro and Dome9 all offer interesting approaches, but no one product does it all

Trying to protect your expanding virtual machine (VM) empire will require a security product that can enforce policies, prevent VMs from being terminated or infected, and deliver the virtual equivalents of firewalls, IPS and anti-virus solutions.

We last looked at this product category nearly three years ago, testing five products. At that time, we said that no single product delivered all the features we desired. That’s still true today even though the market matured some. This time around we tested three vendors who were in our previous test -- Catbird, Hytrust and Trend Micro – plus a newcomer, Dome9.

All represent solid approaches to improving your VM security, but coming from different places.

Today, vendors are looking to support hybrid cloud deployments and offer ways to mix protection on Amazon Web Services (AWS) with VMware ESX hosts. Both Trend Micro and Hytrust have expanded support for multi-tenant situations. All of the products include a wider array of protective features, something that was sorely needed when we looked at them earlier. They have gotten easier to use, although harder to install. Their user interfaces are cleaner and more readily operable by unskilled staff, which is also welcome.

But there is still no single product that can do all things in all situations, and you will find that you’ll need multiple products to protect your VMs, just as in 2011. (Watch a slideshow version of this story.)

-- Hytrust still remains the leader in securing access rights to the VMs as a hypervisor proxy. If having one of your VMs shut off inadvertently can bring down your entire VM infrastructure and applications stack, this remains an important tool to have.

To continue reading this article register now