SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS
WHY VIRTUALIZATION? VIRTUALIZATION HAS MANY BUSINESS BENEFITS, INCLUDING THE FOLLOWING: Cost containment: Virtualization reduces the overall hardware footprint, hardware costs, power consumption and management requirements. Agility: Virtualization delivers new capacity on demand to make the whole business more responsive and competitive. Stability: Simpler, standardized systems mean greater resiliency and better system availability, which in turn enables greater productivity. Centralized management: Virtual systems can be created instantly, and managed and configured centrally, reducing administrative and support costs. WHILE SOME SECURITY RISKS ARE REAL, THERE ARE SOME UNFOUNDED MISCONCEPTIONS ABOUT PROTECTING YOUR BUSINESS DATA AND INFRASTRUCTURE IN A VIRTUAL ENVIRONMENT. THIS EBOOK IS DESIGNED TO ADDRESS (AND THEN SMASH) SOME OF THE COMMON MYTHS ASSOCIATED WITH VIRTUALIZATION SECURITY.
MYTH #1: Virtual systems aren t as vulnerable as physical systems. Virtualized V-Motion Not true. Virtual endpoints look the same as physical systems to the outside world. Virtualization doesn t change the threat landscape or the impact of infiltration. VM THREATS ARE MOUNTING AND INCLUDE: Malware outbreaks. Data ex-filtration (intentional, unintentional). Insider threats. Targeted attacks (advanced persistent threats). Hacktivists. Cloud Non-persistent virtual desktops are somewhat more secure because they are wiped clean after each use. They still use roaming profiles and mapped network drives that can also be used to propagate malware, so they need to be protected, too.
MYTH #2: You have to manage virtualized and non-virtualized infrastructures separately, creating extra work for overburdened IT staff. Not if you have the right security solution! If you choose software that includes a single central management console, you can ensure that your physical, virtual and mobile endpoints are all protected and seamlessly managed through similar looking and functioning policies.
MYTH #3: Deploying a virtualization security solution is a long and painful process that uses up precious IT resources. With the right security software, you can download an appliance, switch it on and immediately be protected, so you can reap the benefits of virtualization while maintaining your security perimeter. Kaspersky Security for Virtualization (KSV) is a virtual appliance that utilizes VMware vshield technology to talk to virtual machines and automatically carry on security tasks. Once it s installed, KSV will immediately take over all the necessary security tasks through vshield. Most IT staff time will be spent creating virtual machine policies, freeing you up for other responsibilities.
MYTH #4: Reboots are a necessary hassle with virtualization security, lowering your server s uptime. When asked about server uptime, most IT professionals brag about 99.99% success. Even five minutes of downtime per year is too much. With the right security solution, you can secure your virtual infrastructure without a single reboot. Kaspersky s Security for Virtualization keeps your server up and running 100 percent of the time.
MYTH #5: In a virtualized system, growth increases your risk your security burden grows with you. It s true that with traditional antivirus software, the more virtualized machines you spin up, the more resources you use. To reduce risk in a virtual environment without slowing down your system or wasting precious host resources, select a security solution that eliminates the redundancy of going through already-scanned files, searching for infections and invariably missing some, putting your entire system at risk. With shared cache technology, most files are checked once, an immediate verdict is delivered, and the files don t have to be checked again.
MYTH #6: Reporting is too hard with virtualization IT administrators have to provide reports on their activities. Historically, security has not been part of those reports. Select a virtualization security solution that generates reports with IT security included. If everything is visible, VM administrators can see it all, track changes and growth, and keep everything protected. Protected VMs Description This report lists all protected and unprotected VMs including their last backup state. Report Parameters Scope: Virtual Infrastructure RPO period: Part 1 week(s) Exclusion mask: Job type: Backup and replication jobs Summary Information VMs Overview Total VMs: 47 Protected VMs: 1 Protected VMs VM Last Backup State Backed Up VMs: 1 46 1 1 Replicated VMs: 0 Restore Points: 2 Unprotected VMs: 46 Unprotected VM Protected VM Successful
MYTH #7: Cybersecurity is too complex in a virtual environment. How much complexity do you have? When you can t see it, you can t manage it. It s important to select a virtualization security solution that has a single-pane view of all protected machines, both physical and virtual. Visibility also reduces complexity and gives you the agility and flexibility you need to respond faster to malware. Physical Virtual Console Console IT Mobile Console
A PRACTICAL DEFENSE Agentless Security Deployment APP APP APP APP APP APP KSV To keep your data and your IT infrastructure safe, it s important to have an agentless security solution that fully protects your virtualized infrastructure and all the data it processes. Kaspersky had this in mind when it developed Kaspersky Security for Virtualization, a security platform built for the unique requirements of virtualized IT environments. KSV works via VMware s vshield Endpoint; anti-malware functions are offloaded to a virtual appliance; and security is applied instantly and automatically with up-to-date antivirus databases when a new VM is provisioned or powered on OS OS OS VMware vshield VMware ESX and ESXi Virtual Appliance Physical Host Kaspersky Security for Virtualization
ABOUT KASPERSKY LAB ABOUT VEEAM SOFTWARE Kaspersky Lab is one of the world s fastest-growing cybersecurity companies and the largest that is privately-owned. The company is ranked among the world s top four vendors of security solutions for endpoint users (IDC, 2014). Since 1997 Kaspersky Lab has been an innovator in cybersecurity and provides effective digital security solutions and threat intelligence for large enterprises, SMBs and consumers. Kaspersky Lab is an international company, operating in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide. To learn more about Kaspersky Endpoint Security for Business, call Kaspersky Lab today at 866-563-3099 or email us at corporatesales@kaspersky.com. www.kaspersky.com/business Veeam recognizes the new challenges companies across the globe face in enabling the Always-On Business, a business that must operate 24/7/365. To address this, Veeam has pioneered a new market of Availability for the Modern Data Center by helping organizations meet recovery time and point objectives (RTPO ) of less than 15 minutes for all applications and data, through a fundamentally new kind of solution that delivers high-speed recovery, data loss avoidance, verified protection, leveraged data and complete visibility. Veeam Availability Suite, which includes Veeam Backup & Replication, leverages virtualization, storage, and cloud technologies that enable the modern data center to help organizations save time, mitigate risks, and dramatically reduce capital and operational costs. Founded in 2006, Veeam currently has 29,000 ProPartners and more than 140,000 customers worldwide. Veeam s global headquarters are located in Baar, Switzerland, and the company has offices throughout the world. To learn more, visit veeam.com. Call 678-353-2140 or visit www.veeam.com 2015 AO Kaspersky Lab. All rights reserved. Registered trademarks and service marks are the property of their respective owners.