Sourcefire to ignite new offerings for virtualisation security

By Ron Condon, UK Bureau Chief 03 Jul 2009 | SearchSecurity.co.uk

Enterprise IT news roundup Digg This!     StumbleUpon     Del.icio.us

Network security firm Sourcefire Inc. plans to launch new features to help companies manage virtualised environments.

Version 4.9 of the Sourcefire 3D system will allow companies to inspect traffic between virtual machines and also help deploy and manage traffic sensors at remote sites.

The new software, which will be released in the last quarter of 2009, is intended to work with machines running VMware Inc.'s virtualisation software, but Sourcefire said other virtual environments, such as those from Citrix Systems Inc. and Microsoft, may be supported later.

While virtualisation offers companies the chance to reduce the number of physical servers they need, and thereby reduce infrastructure costs, it creates a fluid environment in which virtual machines can be dynamically reassigned to different physical locations. This can make it more difficult for the system to keep track of events, and therefore make security harder to enforce.

Sourcefire's answer is to create virtual appliances that can be deployed alongside every new virtual machine and thereby be able to monitor traffic between the virtual machines, and provide control through its Virtual Defence Centre, which acts as a central correlation engine that can pick up unusual or dangerous traffic patterns.

"We are bringing intrusion detection into the virtual world," said Graham Welch, managing director of Sourcefire in Europe. He added that the new product will introduce policy layering, allowing companies to create different intrusion policies for each VLAN, network segment, or even at the user level.

Sourcefire will offer both virtual and physical appliances to handle intrusion detection and prevention. Users will be able to deploy Virtual 3D Sensors on VMware ESX and ESXi platforms to inspect traffic between virtual machines, while also using physical 3D Sensors to inspect traffic going into and out of the VMware virtual environment.

A security manager at a large company I know was trying to get in on the conversation, while management were just ploughing ahead regardless. Their attitude is 'We'll worry about security later'. Jon Collins CEO, Freeform Dynamics Ltd

"Deployed as software running within VMs, the Virtual 3D Sensor will make it easier to inspect traffic on remote segments of the network where local IT security resources may not exist," Welch said.

Jon Collins, head of Freeform Dynamics Ltd, a U.K. research company, said he welcomed any product that could tighten security in virtualised environments.

"A lot of companies seem to be embracing virtualisation willy-nilly, without necessarily thinking about the security consequences," he said. "A security manager at a large company I know said he was trying to get in on the conversation, while senior management were just ploughing ahead regardless. Their attitude is 'We'll worry about security later.'"

Collins said he expected the new Sourcefire products initially to be of greatest interest to service providers, which need to manage large virtual estates holding systems from multiple clients.

"I certainly welcome any company that recognises that the physical and virtual worlds have to work in harmony," Collins said. "From an IDS/IPS point of view it is a recognition that VMs are just as vulnerable as physical servers -- probably more vulnerable, because they can be easily relocated from one server to another that may not be properly protected."

He also warned that the challenges posed by virtualisation are likely to increase, especially if companies adopt the cloud computing model.

"Security companies will have their work cut out as things move forward," he said. "It's not just a question of protecting machines, but knowing where they are in order to protect them."

"Most companies have a problem with asset management today, just keeping a tally of what is out there, and what are the patch levels of different servers," Collins added. "That problem grows by an order of magnitude when the machines could be anywhere in the world. It is a nightmare from the IT manager's perspective."

Tags: Virtualisation Technology Solutions and Strategy,  Data Protection Solutions and Strategy,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Virtualisation Technology Solutions and Strategy Market snapshot: PC virtual desktops on a USB Microsoft Virtual PC zero-day flaw weakens virtual sessions Four things to remember about server virtualization security concerns PCI virtualization SIG closer to proposing changes to standard Security fundamentals remain focus of virtualization deployments Wake up to virtualisation security risks, experts say A preview of PCI virtualization specifications Will using virtualization software put an enterprise at risk? Virtualization eases patch management pain Data Protection Solutions and Strategy Pros and cons of Skype security for encrypted phone calls NHS smart card devices enable secure access to health care apps Company files at risk of employee data theft McAfee-Intel: Why the McAfee acquisition is being met with scepticism Mobile digital pad/pen helps secure patient data collection Hard-disk erasure: Using HDDerase and Secure Erase hard-drive eraser In any given app for smartphone, security risks are being neglected First of data loss prevention vendors touts downloadable DLP software Ministry of Justice asks for input on UK privacy laws PCI PTS: Understanding PCI PIN security requirements

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Data Protection Act 1998  (SearchStorageUK.com) Information Commissioner's Office (ICO)  (SearchStorageUK.com) UK Identity Cards Act  (SearchSecurityUK.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary