Three Security Options That Can Jeopardize Your Virtual ROI

Similar documents
Kaspersky Security for Virtualization Frequently Asked Questions

security for VIRtUALIZAtIon: GettInG the BALAnCe RIGht global security intelligence

Ensure Virtualization Security and Improve Business Productivity with Kaspersky

SMASHING THE TOP 7 VIRTUALIZATION SECURITY MYTHS

Ret h i n k i n g Security f o r V i r t u a l Envi r o n m e n t s

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

Symantec Endpoint Protection

LIGHT AGENT OR AGENTLESS

Endpoint Security and Virtualization. Darren Niller Product Management Director May 2012

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

The McAfee MOVE Platform and Virtual Desktop Infrastructure

NetDefend Firewall UTM Services

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

The 2017 State of Endpoint Security Risk

Securing the Software-Defined Data Center

THREAT PROTECTION FOR VIRTUAL SYSTEMS #ILTACON #ILTA156

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Expand Virtualization. Maintain Security.

Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition

Securing the Modern Data Center with Trend Micro Deep Security

Copyright 2011 Trend Micro Inc.

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

The threat landscape is constantly

Cisco ASA 5500 Series IPS Edition for the Enterprise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

A Guide to Closing All Potential VDI Security Gaps

FIREWALL BEST PRACTICES TO BLOCK

That Set the Foundation for the Private Cloud

Symantec Endpoint Protection 12

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

whitepaper: Whitelisting Without The Complexity

Symantec Enterprise Solution Product Guide

5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS

BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY

Securing Your Amazon Web Services Virtual Networks

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

Executive Summery. Siddharta Saha. Downloaded from

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

AT&T Endpoint Security

Virtualization & On-Premise Cloud

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

Mapping traditional AV detection failures. October 2017

Securing Your Microsoft Azure Virtual Networks

SOLUTION OVERVIEW. Enterprise-grade security management solution providing visibility, management and reporting across all OSes.

Trend Micro Deep Security

Trend Micro deep security 9.6

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

Agenda. Today s IT Challenges. Symantec s Collaborative Architecture. Symantec TM Endpoint Management Suite. Connecting Symantec Technologies Today

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Securing Today s Mobile Workforce

Accelerating the Business Value of Virtualization

Securing the Data Center against

The vsphere 6.0 Advantages Over Hyper- V

CS 356 Operating System Security. Fall 2013

Kaspersky Managed Service Providers Program

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

SYMANTEC DATA CENTER SECURITY

Symantec Endpoint Protection

Shavlik Protect: Simplifying Patch, Threat, and Power Management Date: October 2013 Author: Mike Leone, ESG Lab Analyst

Symantec and VMWare why 1+1 makes 3

BUFFERZONE Advanced Endpoint Security

The Convergence of Security and Compliance

Securing Your Environment with Dell Client Manager and Symantec Endpoint Protection

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

To Renew or Change? Cloud-based Antivirus for Busy IT People

Dynamic Datacenter Security Solidex, November 2009

Carbon Black PCI Compliance Mapping Checklist

Isla Web Malware Isolation and Network Sandbox Solutions Security Technology Comparison and Integration Guide

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

Intelligent, Collaborative Endpoint Security

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

AKAMAI CLOUD SECURITY SOLUTIONS

ForeScout CounterACT. Automated Security Control Platform. Network Access Control Mobile Security Endpoint Compliance Threat Prevention

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Symantec Reference Architecture for Business Critical Virtualization

SentinelOne Technical Brief

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Vectra Cognito. Brochure HIGHLIGHTS. Security analyst in software

Cognito Detect is the most powerful way to find and stop cyberattackers in real time

Symantec Endpoint Protection 14

AS Stallion. Security for Virtual Server Environments. Urmas Püss

The Cognito automated threat detection and response platform

Evolved Backup and Recovery for the Enterprise

CounterACT VMware vsphere Plugin

Industrial Defender ASM. for Automation Systems Management

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Redefining IT distribution. The Portfolio. The Nuvias vendor portfolio

TRAPS ADVANCED ENDPOINT PROTECTION

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

White Paper. The impact of virtualization security on your VDI environment

Datacenter Security: Protection Beyond OS LifeCycle

Getting Started Guide. This document provides step-by-step instructions for installing Max Secure Anti-Virus and its prerequisite software.

Transcription:

White Paper Three Security Options That Can Jeopardize Your Virtual ROI Be Ready for What s Next.

Three Security Options That Can Jeopardize Your Virtual ROI According to VMware, more than 97% of Fortune 1000 and 94% of Global 500 companies are using some form of virtualization. According to Forrester research, 85% or companies either have, or are planning to implement x86 server virtualization. While its popularity has grown, securing virtual environments (particularly from the threat of malware), has lagged for a variety of reasons: A perception that a virtual machine is more secure than a physical one Performance and protection issues arising from traditional agent-based anti-malware solutions operating in virtual environments Inadequate protection and increased management overhead in agentlessless anti-malware solutions Let s face it; the options for securing virtual machines from malware have all involved an unpleasant compromise of protection, performance, or management. Kaspersky Lab now offers a better alternative. Introducing Kaspersky Security for Virtualization, the newest addition to Kaspersky s protection portfolio that empowers IT organizations to effi ciently protect and manage security for all their endpoints, whether physical, virtual, or mobile; and all from a single console. Reversing the Benefits of Virtualization with Security Virtualizing servers and desktops can bring enormous business benefi ts: Cost Containment: Reduces the overall hardware footprint, reducing hardware expenditures, fl oor space, power consumption, management requirements, etc. Speed: Increases the speed of IT by delivering new capacity on-demand. This agility can ultimately result in greater competitiveness of the entire business. Stability: Simpler, standardized, redundant systems lead to greater resiliency, ensure better system availability, which enables employees to be more productive whenever and wherever they work. Centralized Management: Virtual systems can be created instantly, and managed and confi gured centrally reducing administrative and support costs. OS Migrations: In virtual environments, these are easier and faster, and ultimately require less ongoing maintenance.

Cybercrime s focus has begun to shift from consumers to corporations. Unfortunately, many businesses undercut the inherent benefi ts of virtualization when they fail to properly implement anti-malware solutions to protect from data loss and cybercrime. In truth, some AV implementations can bog-down the virtual infrastructure, reducing consolidation ratios and limiting ROI. So, what can the prudent IT manager do to maintain an effi cient yet wellprotected virtual environment? In this paper we ll discuss four security approaches, their effect on achieving virtual ROI, and how Kaspersky Lab provides The Right Option for protecting your virtual, as well as physical and mobile environments. Option 1: NO-PROTECTION There is a pervasive myth that virtual machines are inherently more secure than physical machines. The truth is that while virtual machines may be less prone to threats like spyware, and ransomware; they are just as vulnerable to malware in the form of malicious email attachments, drive-by-downloads, botnet Trojans and even targeted spear-fi shing attacks. These threats persist while the virtual system is active and in use. According to the National Institute of Standards and Technology: Virtualization adds layers of technology, which can increase the security management burden by necessitating additional security controls. Combining many systems onto a single physical computer can cause a larger impact if a security compromise occurs. Further, virtualization systems, which rely on a shared resource infrastructure, create a dangerous attack vector in which a single compromised virtual machine impacts the entire virtual infrastructure. Additional risks to the virtual environment are: Infection on one virtual machine has the ability to infect data stores that other virtual machines, spreading the infection and compromising additional systems and data. One virtual machine can be used to eavesdrop on another virtual machine s traffi c Malware has historically been created to avoid virtual systems. Now malware creators are writing code that targets both physical and virtual machines Some malware is designed to survive the tear down of a non-persistent virtual machine allowing it to return when the virtual machine is re-commissioned Cybercriminals have begun to shift their focus from consumers to corporations. According to Roel Schouwenberg, Senior Researcher for Kaspersky Lab, for the past 15 months there has been a real focus on corporations with valuable data that can be monetized. Cyber-gangs are targeting businesses.

Kaspersky now sees an average of 70,000 new threats every day. 1 in every 14 web downloads now contains malware. Malware threats continue to rise at an alarming rate. In early 2011, Kaspersky Lab was tracking 35 million threats in our master database. One year later that database has nearly doubled to over 67 million. Kaspersky now sees an average of 70,000 new threats every day. 1 in every 14 web downloads now contains malware. Both physical and virtual machines alike are susceptible. There has never been a more serious need for premium protection, both in the physical and the virtual world. Option 2: AGENT-BASED PROTECTION Many organizations have implemented a traditional, agent-based AV methodology. This involves loading a full copy of antivirus software on each virtual machine. While this approach can provide robust protection, there is typically a steep cost in deploying redundant software across a shared resource. As the antivirus software and signature database is loaded on each virtual machine, the underlying redundant resource requirements negatively impacts memory, storage, CPU availability; increasing hardware utilization and decreasing performance. Specifi c symptoms include: Resource contention - Scanning Storms When multiple virtual machines begin scheduled scans simultaneously, processing power of the host machine can be drained resulting in host utilization and performance issues (even potentially crashing the host). - I/O storms Similar to a scanning storm, this may occur when all virtual machines with local signature databases download updates simultaneously. - Duplication/redundancy Duplication of signature databases and redundant fi le scanning unnecessarily consumes valuable system resources. Instant-on gaps - VMs can be easily taken off-line and go dormant for long intervals. When they are brought back on-line (awakened), the VMs may have security gaps, such as un-patched software vulnerabilities and outdated virus signature databases. VM Sprawl and Security Visibility - Virtual machines can be created in minutes, often without the IT department s knowledge or consent. Visibility becomes an issue; security managers can t protect VMs that they cannot see. Agent-based AV in virtual environments, particularly with virtual desktops, can hamper ROI as it impedes the performance of the guest, limits the density of the virtual cluster and allows for unnecessary risk.

Kaspersky has integrated our superior best of breed anti-malware technology with powerful controls such as Web content filtering, Application controls and Granular Device Controls Option 3: AGENTLESS PROTECTION With the growth of the virtualization market, anti-malware vendors have begun creating antivirus software specifi cally designed to operate in virtual environments. A virtual appliance provides AV protection to many virtual machines. This improves performance by offl oading the AV processing from all the individual virtual machines, dramatically reducing the overall memory footprint, extending the physical hardware capabilities and increasing consolidation ratios (density). This agentless approach, while driving better ROI, can create two problems that should be addressed: Narrower Protection: Modern agent-based AV software may include layered protection modules such as Application Control, Web Filtering, Host Intrusion Protection, Personal Firewall and more. Agentless AV solutions designed for virtual environments have a narrower scope, providing traditional antivirus protection only. Without these robust tools, the remaining antivirus detection engine should be the best available in order to compensate for shortcomings that may have otherwise relied on additional protection layers. If the agentless solution has poor detection rates (as qualifi ed by a third-party testing organization) the organization might be unknowingly accepting unnecessary risk. There also may be circumstances where critical systems, may require agent-based AV applications. This creates a mixture of both antivirus protection methods that must be administered and maintained, increasing administrative costs. Physical and Virtual System Management: All companies that have deployed virtualization maintain both physical and virtual environments. Today this requires multiple management consoles as both types of systems must be managed and maintained separately, doubling administrative overhead and increasing cost. Agentless AV solutions are defi nitely a solid step forward in effi ciency, but the wrong agentless solution can negatively impact the ROI you originally had hoped to achieve! THE RIGHT PROTECTION Realizing the challenges of both agent-based and agentless based virtual AV solutions, and convinced that having no antivirus protection is not an option, Kaspersky Lab has created the right option for Virtual Protection Kaspersky Security for Virtualization!

Kaspersky has fused these technologies under a consistent, organic code architecture which provides the organization with deeper protection, comprehensive manageability and high system performance. Kaspersky Security for Virtualization (KSV) is a virtual appliance that integrates into VMware s vshield Endpoint to provide real-time anti-malware scanning capabilities for all guests on a physical host. As illustrated, a virtual security platform using VMware vshield Endpoint includes three components: 1. vshield Manager (a module installed via vshield Manager into the vsphere Hypervisor on physical boxes) 2. vshield Endpoint - A stub agent that is automatically installed in each VM to capture fi le event context. 3. Kaspersky Security for Virtualization (or another thirdparty anti-malware vendor s security appliance that supports vshield Endpoint APIs.). vshield Endpoint uses vsphere 4.1 or 5.0 plumbing to deliver the fi les for inspection to Kaspersky Security for Virtualization. The Kaspersky solution does not interact directly with VMs of the same host. Kaspersky Security for Virtualization provides a remedy to the issues outlined above for both agent-based and agentless security solutions: Manageability/Visibility/Agility/Flexibility: Kaspersky Security for Virtualization is managed by the Kaspersky Security Center, providing IT administrators a single-pane view of all protected machines (whether virtual or physical). Allowing IT professionals to benefi t from easy management. Protection status, security events and reports are presented clearly and intuitively. Kaspersky Security Center (with Kaspersky Security for Virtualization vcenter integration) also gives administrators visibility into the logical and physical structure that resembles familiar VMware management tools. This allows them to effectively manage security operations and take quick actions (such as remediation, diagnostics or forensics). Advanced anti-malware engine provides superior detection and effective malware remediation: Kaspersky Security for Virtualization is based on the same core Kaspersky anti-malware engine found in our agent-based solution, Kaspersky Endpoint Security 8 for Windows. In circumstances where agent-based solutions are required, Kaspersky has the right option as well. Kaspersky Endpoint Security 8 for Windows, is already in use in the physical and virtual environments of over 400,000 customers worldwide. Kaspersky has integrated our superior best of breed anti-malware technology with powerful controls such as web content fi ltering, application controls and granular device controls. Uniquely, Kaspersky has fused these technologies under a consistent, organic code architecture which provides the organization with deeper protection, comprehensive manageability and high system performance.

Kaspersky Lab is the only vendor today that delivers outstanding protection and management of physical, virtual, and mobile devices from one management console. Efficiency: Kaspersky Security for Virtualization delivers protection in the agentless form with a centralized anti-malware engine and signature database. There is no redundancy and duplication of the antivirus engine or database. In addition, this form factor addresses the redundancy and resource contentiousness issues associated with agent-based antivirus. Automatic protection, ease of deployment/compliance: Kaspersky Security for Virtualization provides automatic and up-to-date protection to all guest VMs. The combination of vshield Endpoint Security and Kaspersky Security for Virtualization provides automatic protection for VMware virtualized environments. Once Kaspersky Security for Virtualization virtual appliance is deployed on a host, all guest VMs (whether current or newly-created) will be automatically protected with the latest signatures. (a centralized signature database means protection is always up-to-date, regardless of whether the VM was previously off-line.) This also addresses many compliance issues. Integration of security policy enforcement: With tight integration with VMware s platform and tools, Kaspersky security for Virtualization protection (and security settings) seamlessly follows the workload as it moves from one host to another. There is no interruption in protection and the security settings remain the same. Additionally, it provides IT professionals the fl exibility to confi gure and apply different security settings to selected virtual machine groups and perform deep scans on selected VMs. Companies are intrigued by the attractive value proposition that virtualization presents. However, the challenges related to managing both agent-based and agentless virtual assets signifi cantly limits potential benefi ts. Kaspersky Lab has created the optimal choice for Virtual Protection Kaspersky Security for Virtualization - enabling you to implement virtualization on your terms! Conclusion Kaspersky Lab is the only vendor today that delivers outstanding protection and management of physical, virtual, and mobile devices from one management console. Kaspersky truly is the RIGHT OPTION, optimized for virtual systems. Learn more about Kaspersky Lab at www.kaspersky.com/beready For more information please contact our Inside Sales Team at 866-563-3099 or corporatesales@kaspersky.com www.kaspersky.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback