I am off to Infosec this week to deliver a joint presentation with McAfee, I have a session focused on securing your virtual environment. The session is typically brief as they tend to be at Expo’s but the subject is massive.
The session is going to cover VMSafe, the opportunities afforded by VMware and how the security vendors are leveraging this framework albeit slower than envisaged.
We all know the security issues on virtualisation platforms such as VM Sprawl, Management, Performance of multiple scans and the inefficient manner of patching and maintaining all these consolidated machines. This is before we even touch on virtual desktops and linked clones and the issues they bring with reboots.
I think as an industry we have to go further and extend this vision of intelligent hybrid security controls to offline VMs as well.
All of these functions (and more) need to be seamlessly performed on offline VMs:
- AV scanning
- Patching
- Software distribution
- Configuration management / changes
- AV signature updates
- Host firewall and host-based IPS rule updates
- Dynamic White listing.
While it might be possible to batch up all of this and apply these when the VM is mounted, this could potentially result in hours of processing before an offline VM could be put into production.
The best-designed security (and management) products will handle offline VMs as easily as online VMs (and without requiring a separate product to do this).
If you want to know how McAfee can help you start to achieve the above and more then please contact us on 0845 260 575 and ask for Charles, or pop along to the McAfee stand on Thursday for a chat.