The first several years were discussions with clients on how to deploy virtualization securely.
Over the past 2 years, I’ve had an increasing number of calls on the virtualization of security controls such as firewalling/segmentation and intrusion prevention systems.
More recently, there’s been an increase in calls on using virtualization to do things better than we can do today. One great example is the notion of “single instance security”. I originally wrote about using virtualization to radically transform security back in 2008 (in this research note for clients).
Today, there are many offerings coming to market that use virtualization to make the security protection of multiple virtual machines more efficient and effective. One example is Trend Micro’s agentless AV solution (Deep Security) which uses VMware’s vShield Endpoint set of hypervisor-level APIs to offload AV scanning from multiple VMs to a single “security VM” – or, in other words, single instance security. You don’t have to use VMware’s APIs to transform security. Note that McAfee’s MOVE technology and offerings do this in a way that is hypervisor-neutral.
You can imagine the same approach being used for security policy enforcement such as behavioral monitoring, host-based intrusion prevention, application control and data loss prevention.
Single instance security in a virtualized environment provides the best of both worlds: the insight and context of a host-based agent combined with the single instance ease of management of a network-based approach.
These approaches are so powerful that we project that 40% of security controls used within data centers will be virtualized in 2015 up from less than 5% at YE2010.
Category: Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMsafe, VMware, vShield, vSphere