|
 |
Enterprises spend painstakingly long time & resources to ensure and enforce Network & Computer security for every asset owned by the Enterprise. Every time an unauthorized physical computer is brought-in, it opens up the Enterprise environment for all sorts of compliance & security risks. The threat of unathorized VMEs is far bigger because of the ease of creation & deployment of virtual machines. Just like physical computers, enterprise needs to enforce strict policy on usage of such VMEs & VMs within them.
With abundant availability of free Virtualization products such as VMWare Server, WorkStation, Player, Microsoft Virtual PC and Sun xVM Virtual box, organizations are rushing to adapt this new, exciting & efficient technology. However unplanned and unauthorized Virtualization platforms cause as much IT and Security related issues as unauthorized physical computers in the organization.
Deployment of Virtualization in any Enterprise organization should be controlled & policy-driven roll-out like any other Computer platform, software or application.
1) Risks of Uncontrolled Virtual Machine Environments: Beside the technological complexity, multiple factors could cause compromised Enterprise environment due to uncontrolled usage of virtualization. These risks include poor capacity planning, superficiality in host and guest operating systems' configuration, missing policies for virtual machines provisioning, lack of knowledge for needed third-party tools and poor investigation in supported configurations. All of these elements could lead to disappointing performance, virtual machine sprawl and increased efforts in IT administration & management.
2) Eliminate Compliance Risks & Security Exposure: With increasing scrutiny in Enterprises governance, Enterprises have to comply to lots of different types of regulations depending the primary business focus. HIPAA in Healthcare, Sarbanes-Oxley, FFIEC, Besel II, PCI & other regulations for financial industry & a host of regulations like FISMA, FIPS & other directives for Govt bodies, every industry has standards based compliance reporting requirements. Unauthorized virtualization can easily thwart compliance measures by violating reporting and enforcement guidelines if IT doesn’t aggressively go after securing virtualized resources.
3) Protect Type-1s, Restrict Type-2s: Virtualization Environments commonly known as Hypervisors are available in two different modes. Type-1 hypervisors work “bare metal” i.e. directly on top of the physical hardware of the computer while Type- hypervisors run as a process within another Host OS. Majority of the freely available hypervisors are of type-2. Therefore in order to control their usage in the enterprise environment, security solutions used to prevent such use, need to seat within the Host OS where the Type-2 hypervisor could be installed or already installed.
|
RedCannon VM Firewall is a comprehensive Enterprise solution for VM security through a combination of network & end-point enforcement from within the Hypervisor, if it’s Type-1 or from within a VMHost if the VME is Type-2. In the Type-1 case, VMFW has a VM appliance that resides within the VME to do network, Host & VM enforcement. In the Type-2 case, VMFW has a policy enforcement agent that resides on each computer within the organization. Through centrally configured VM enforcement policies & integrated VME enforcement module along with a network firewall and IDSP/IPS, VMFW can protect each individual VM Server & Workstation from vulnerabilities as simple as unauthorized VM Sprawl
to much more sophisticated network attacks such as OS or Application vulnerability exploits.
VMFW components include 3 enforcement modules, VM Enforcer, VME Blocker & NW Enforcer, which together provide a Layered approach to enforcing compliance on Virtualization within the Enterprise. The layered protection includes
- VME Vulnerability Monitoring & Intrusion Prevention
- VME Install Blocker
- VM Run-time Policy Enforcement
- VME-based VM Isolation
From Compliance enforcement perspective, once the policies are configured & VMFW components are deployed, all enforcement becomes automatic. Any new VME or VM added in to the environment would be swiftly assessed against the Enterprise compliance policy. Any VMEs or VM found to be unauthorized would be immediately removed/stopped & all actions would be logged for compliance reporting. Any VMs or VMEs found to be authorized would be modified to adhere to the specified Enterprise compliance policy, thus eliminating any risk of Compliance violation
Notice: This document is for informational and advertising purposes and is not intended and should not be interpreted as legal advice or a definitive explanation of any compliance related regulations.
|
