Virtualised desktops, servers, data centres and cloud computing solutions should be afforded the same level of security as physical machines, is the word from global security specialists Trend Micro.
According to Trend Micro country manager, Gregory Anderson there are a number of challenges with agent-based security solutions, with particular emphasis on the fact that they are not architected with a virtual environment in mind. In this case, should undue pressure be placed on the ecosystem, a number of significant operational security issues may occur.
‚”The only real solution for cloud computing and virtual environments is agentless security solutions,‚” states Anderson. ‚”Agentless technology enables the user to take advantage of what we term ‚”better-than-physical‚” protection, where a single platform integrates all security technologies and in turn is able to resolve any operational issues that may arise in the virtual environment.‚”
Anderson adds that when a physical agent is in place for each virtual machine (VM) one runs the risk of unnecessary resource consumption. Traditional security agents occupy a significant amount of memory in each VM, especially when multiple security agents are installed on each VM to provide differing protection. The end result is a reduction in VM consolidation ratios and increased CAPEX and OPEX.
Another threat to the agent-based environment is that of ‚”security storms‚”. These occur when agent-based devices that are used to protect VMs, do not realise they are in a shared resource environment, and suddenly attempt to run scans or scheduled updates simultaneously. The result is an unwanted load on the system that then reduces the overall performance of the entire environment.
‚”A VM specific security threat is that of instant-on gaps, where VMs are activated and inactivated in rapid cycles. What happens here is that it becomes decidedly difficult to consistently provision security to all virtual machines and keep them all up to date,‚” mentions Anderson. ‚”A real risk here is that dormant VMs will eventually deactivate so far from the baseline that simply powering them on introduces massive security vulnerabilities.
‚”Another issue we see is that of the abuse and misuse of operational overheads as administrators need to provision security agents in new VMs, continually reconfigure these agents as the VMs move around or change state, and rollout pattern updates to them on a regular basis. This can be extremely time consuming and result in security gaps,‚” he adds.
It is against this backdrop that Anderson urges customers who operate in a virtual or cloud-based environment to strongly consider the use of agentless security solutions.
‚”An agentless security solution can provide you higher density by offloading security scans from individual VMs to a single security virtual appliance as well as enable you to optimise your resources by eliminating security storms and resource contention from multiple security agents. In short an agentless environment also simplifies the management of the site by removing physical agents and in turn the need to configure and update each one.
‚”The end result of agentless security solutions for your VMs and your virtualised environment is stronger security that is provided by a solution that provides instant-on protection for new VMs and tamper-proof security coordinated by the dedicated security appliance,‚” ends Anderson.
With Deep Security, organisations can consolidate all server protection onto one platform, knowing that the product was designed from the start to protect physical, virtual, VDI, and cloud to help address the challenges of virtualization, the disruptive and costly patch management operations through vulnerabilities shielding and address the challenges of complying with internal/external regulations and mandates.
* Follow Gadget on Twitter on @GadgetZA