One of my frequent blogging topics is virtualization security. I’ve researched the issue for years and have watched the industry and enterprises deploying virtualization mature in their processes and tools.
One area of interest from clients is for external third parties to come into an organization and assess the security of the enterprise’s virtualization deployment. The good news is that multiple vendors and service providers are stepping up to fill this specific need.
Here are some examples:
- EMC offers a service
- McAfee Foundstone offers a service
- Verizon’s Business Services offers a service
If anyone knows of others, please add them to the comments section to build the list.
Ideally, whatever vendor you are using for overall IT security assessments should be able to include virtualized infrastructure and not require a separate practice. Most organizations will require a mix of physical and virtualized computing capabilities for years to come and it doesn’t make sense to have separate vendors and assessments for our physical infrastructure versus our virtualized infrastructure. If your existing assessment vendor can’t correct assess a virtualized environment, consider using one of these point solution providers to fill the gap – or switching providers.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.