Smarten up your virtual security posture
Securing virtualised environments
Virtualisation is now widely acknowledged as an important development in enterprise computing with forecasts of rapid growth for both server and storage virtualisation.
It is also widely acknowledged that managing a virtualised environment is more difficult than managing a traditional one.
"The increased complexity which comes from introducing virtualised environments to the enterprise has consequences in system management. The extra layers of technology make it more difficult to ensure proper control and this has implications for security and compliance," says Dennis Moreau, chief technology officer at system management tool builder Configuresoft.
He goes on to point to security vulnerabilities which are specific to virtualised environments and says system managers need ways to detect and deal with them: "We all know that virtual environments are not perfect. VMWare ESX, for example, has had 10 to 12 new vulnerabilities each year for the past three years. You need to know they exist and you need to know what you can do about them."
Moreau says Configuresoft Intelligence for Virtualisation, his company's latest product release, uses business intelligence and decision support techniques to give system managers a clear view of their virtualised environments. It uses a Virtual Security Posture Dashboard to give snapshots of an organisation's security and compliance status so potential problems can be identified quickly and appropriate action taken to solve them.
Configuresoft's monitoring software tracks between 60,000 and 80,000 configuration settings in a typical virtualised environment. Moreau notes that the monitoring methods also take account of system performance: "You can't make security changes without considering the impact on system performance so we can show the effects of changes in security settings and managers can choose the options they want." ®