Ensure Virtualization Security and Improve Business Productivity with Kaspersky
Kaspersky Security for Virtualization Agenda Virtualization Overview Kaspersky Virtualization Review New Virtualization Product Overview Frequently Asked Questions Summary
3 Virtualization Perspective
Virtualization Overview
Virtualization Business Benefits Trends that have moved virtualization into the spotlight: Hardware being underutilized Data centers running out of space Increased energy costs (Green) System administration costs mounting
Virtualization Conceptually Consolidation Typical Consolidation Ratios Server 1:6 Desktop 1:25 (wider variance) Hardware Virtualization Trends 8
Benefits of Virtualization 3-Year Cost Savings / Workload Fewer Servers to Manage Less Power required Less Space needed Less Cabling required + + + Server Hardware $5,816 Power Costs $759 Cooling Costs $949 Data Center Real Estate Network Infrastructure $431 $296 TOTAL $8,251 11
Virtualization The New Normal Virtualization has eclipsed physical in new server shipments By 2014, IDC forecasts that VMs will out-ship physical servers more than 2:1. By 2013, more than twothirds of installed workloads will be virtual. More than 75% of virtualization customers have a virtualization first policy in place. PAGE 12
Virtualization Impacts VMs are stored simply as files on disk instead of being installed on a disk/server. VMs may sit indefinitely offline and become progressively out of date with software patches and updates. Consolidation of workloads means that workloads share resources, but this introduces prioritization and service level management issues Dormant Active New App AV OS App ESX Server PAGE 13
Virtualization Impacts VMs are software objects that can easily be created and destroyed, which improves dynamic scaling, but introduce VM sprawl issues VMs can also be dynamically moved from server to server which creates a dynamic environment that many current solutions simply weren't designed for. (vmotion) Active AV App AV App AV App OS OS OS Host Host PAGE 14
Virtualization Impacts Virtualized desktops change the desktop paradigm compute model completely. but introduce new issues as desktop workload patterns are very different from server workload patterns e.g., dealing with daily morning boot storms as employees start up their desktops at the same time.
Virtualization - Security Considerations Agent Duplication per VM leads inefficient use of resources. Each agent is running independently which can lead to scenarios where multiple agents on a host server each begin to kick off signature updates or anti-virus (AV) scans simultaneously, starving resources and affecting the operation of other VMs on the host. These are often called AV storms. VMs are typically provisioned using templates. Agents must be inserted into every template, and IT needs to enforce agent inclusion in the template-creation process. The difficulty of controlling the templating process leads to VMs not being protected because the agent does not get installed. PAGE 16
Virtualization - Security Considerations Offline VMs, assuming they contain the agent, will not be able to update themselves, leading to out-of-date AV signatures or an out-of-date agent. When these VMs come online again, there will be a window of time that they are running with incomplete protection (Instant-On Gaps). Quick and easy creation of VMs, leads to an unprecedented scale of logical servers being run. This also leads to an increasingly staggering number of software objects (including security agents) that must be managed. Sprawl PAGE 17
Kaspersky Security for Virtualization What is Virtualization? Source: CDW Small Business Server Virtualization Roadmap
Kaspersky Virtualization Overview
Kaspersky Security for Virtualization Virtualization - Business Objectives To secure and protect the virtualized environment along with its assets Apply a security solution that does not negatively impact performance Easily protect and manage virtual assets Integrate with existing security policy management and reporting
Kaspersky Virtualization isn t new An Evolving Story Kaspersky virtualization solutions include: Agent-based (EP8)»Virtual Awareness Vmware, Citrix, Microsoft Agentless (KSV)»KSV is a complementary offering via VMware partnership»av only solution Virtualization Roadmap includes: Augment KSV with add l VMware integration» NetSec» KSN Integration Thin client implementation KASPERSKY KASPERSKY KASPERSKY
Virtual-Aware Security Virtual Awareness Unified Management of Physical and Virtual Infrastructure Efficient Installations & Updates Randomized or serialized VM VM VM VM Hardware Inventories Software Inventories Vulnerability Monitoring Patch Management
Product Overview
Why Kaspersky for Virtualization? Enable our customers to consume Virtualization at their pace Comprehensive Infrastructure Management Agentless AND agent-based virtual solutions Virtual, physical & mobile Designed to provide easier administration Organic code and light resource footprint
Kaspersky Security for Virtualization Move malware scanning out of agents that run in every VM and consolidate it into a single VM that runs alongside the other VMs on the host. Security VM is deployed as a virtual appliance. Dormant Security VM ESX Server VMsafe APIs (EPSec) PAGE 26
Kaspersky Security for Virtualization Dormant Security VM ESX Server VMsafe APIs (EPSec) VMs are always protected Resources are used more efficiently Offline VMs are instantly fully protected when they come online AV storms are eliminated PAGE 27
KSV - Agentless anti-malware protection Key features include: Integrates with VMware vshield Endpoint for consolidated, agentless protection of all VMs on a vsphere (Server) or View (Desktop) host Utilizes the Kaspersky AV engine and frequent signature updates Light resource footprint Manual or on-demand scanning of VMs Caching to prevents re-scanning of files that have already been checked PAGE 28
KSV - Agentless anti-malware protection management Key features include: Centralized management console uses Kaspersky Security Center 9.0 to provide a single view of virtual, physical and mobile environments, and the ability to generate reports. Integrates with vcenter to present information using the VMware constructs of clusters and resource pools. Security-profile functionality provides the ability to have different security profiles for different groups of VMs; policies follow the VM even in the event of a vmotion. PAGE 29
Kaspersky Security for Virtualization Product Overview 1 Virtual Environment 2 Virtual Host Kaspersky solution is installed as a virtual appliance Provides a single database and engine for all virtual machines No need to install agents on each virtual machine Uses VMware s vshield API to allow interaction with the virtual machine infrastructure
Kaspersky Security for Virtualization Product Overview vshield vshield Virtual Host Instant protection is applied via vshield endpoint element of VMware vshield enables Kaspersky virtual appliance to access the virtual machine Protects new virtual machines instantly When created When restored from back-up or another virtual host
Kaspersky Security for Virtualization Frequently Asked Questions
Kaspersky Security for Virtualization Frequently Asked Questions What does my prospect/customer need to run this product? 1. Your customer needs to be running VMware ESX 4.1 or 5.0 with vsphere 5 to power the infrastructure they want to protect 2. If you are unsure of compatibility, engage Kaspersky team to assist with qualification through the pipeline.
Kaspersky Security for Virtualization Frequently Asked Questions Why do we need a vshield Endpoint license to deliver KSV? This component allows us to talk to the virtual machines, without installing an anti-virus agent on each computer. This is a complementary product offering available through a strategic partnership between VMware and Kaspersky Lab
Kaspersky Security 8.0 for Virtualization Summary
Unified Management Kaspersky Security Center Single-Pane for administrators Physical, Virtual, Mobile Broad platform coverage Intuitive deployment, management & reporting Laptop Kaspersky Security Center Agentless Virtual Deployment Agent Based Virtual Deployment Desktop Smartphone
Kaspersky Security for Virtualization Summary So What? Protect against emerging and increasingly sophisticated threats with leading anti-malware technology Designed to provide immediate protection to existing and future virtual infrastructure Virtualization at your pace Unified management of physical and virtual environments Centralized management and reporting via Kaspersky Security Center
Thank You