Few reports have surfaced of security breaches in virtual-server environments, but the potential looms large.
"Every single platform we have had in IT eventually gets compromised. There is no reason for us to think that the hypervisor is going to be any different," says Pete Lindstrom, a senior analyst with Burton Group. "While hypervisors seem to pose a fairly small attack-surface, as they multiply across a network, so do the attack surfaces. It is a huge unknown."
That's why companies widely adopting virtualization today must have a solid strategy for securing these environments, industry watchers say.
"During the 'Gold Rush' mentality of this server virtualization craze -- the more you deploy, the more you save -- the cost of securing the virtual environment has not been weighed," says Phil Hochmuth, a senior analyst with Yankee Group. "At the same time security has become an afterthought, researchers are publishing rootkits and people are thinking of ways to hack hypervisors -- it has to raise some eyebrows in the security world," he says.
Problems include unsecured virtual-machine-to-virtual-machine communications, poor visibility into hosts' server traffic, and virtual-machine configuration and patch management. As concern grows, established security vendors are adding virtualization features to their product road maps and newcomers are delivering purpose-built technology for the virtual realm.
Here are four virtualization-security companies that should be on every network-security manager's radar:
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Keeping your SQL Server Going 24x7
Top 10 Ways to Increase IT ROI Without Adding Staff
The business justification for data security
A Platform for Master Data Management to Help You Know and Trust Your Data
IDC Report: Managed Communications - Delivering on a Holistic ICT Vision
Secure Remote Access
5 steps to getting started with data loss prevention
Best Practices in Lifecycle Management
Zones provide focussed content from Computerworld and leading technology partners.














Comments
Post new comment