LESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/typography.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/template.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/responsive.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/k2.less

Follow Me Icons

 

Follow @KendrickColeman on TwitterConnect on LinkedInWatch My Videos on YouTubeFollow me on FacebookCheck Out My Projects on GitHubStay Up To Date with RSS

Search

BSA 728x90 Center Banner

Hey Security Guys, VMworld Is Hitting Your Playground

vShield App, Edge, and Endpoint Security

The legacy way of doing things are going to slowly fade away. VMware wants to start hitting all those air gaps within the VI and are going to make security people re-think administration.

Currently, you have to secure yourself on all areas. A firewall on the perimeter isn’t enough. In addition to firewalls you can have VPN concentrators, IDS devices, and load balancers. Internal security can be done via subnet or VLANs and interior firewalls such as a windows firewall. End point security is done via Desktop anti-virus agents and other types of host based intrusion. You can’t realize the full benefit of security in virtualization without worrying about vlan or firewall rules sprawl to take care of security. There are always holes.

 

 

 

The new vShield products are all about securing the private cloud from end-to-end. vShield edge is designed as a classic firewall, but specifically designed for the edge of your virtual datacenter. It’s not made to replace your Cisco ASA, but it can be leveraged to do so in an SMB environment. It’s all about securing that internal private cloud. vShield App and Zone are there to create segmentation between types of workloads.  Instead of utilizing VLANs for security, you can use this appliance. The vShield Endpoint is an enabler of the VMsafe API for other vendors. It’s there to offload anti-virus processing that was once done with an agent on every guest. vShield Manager is your centralized management of all the vShield appliances and security products. It has also has a nice vCenter plug-in that looks much better than the original vShield Zones. All management is looking to be fully-automated with on-the-fly rules and processing.

vShield Edge Features

Multiple services in one appliance such as a stateful inspection firewall, NAT, DHCP, Site-to-site-VPN using IPSEC and a Web Load balancer. Detailed netflow stats for use by chargeback. Policy management through UI or APIs. Along with auditing using basic standard syslog format.

 

vShield App

It’s now being introduced to tackle the visibility into VM to VM traffic and reduce VLAN sprawls and network complexity. This VM will have to be installed on each ESX server. It’s considered a “hypervisor-level” firewall so inbound and outbound traffic is controlled at the vNIC. This is basically vShield Zones being rebranded. Even if VMs move from host to host, it’s still contained within this elastic boundary.  Network packets are monitored to help define and refine firewall policies, helping you identify botnets and secure business processes by watching the type of traffic. Think of this as being able to group your VMs as Servers, Extranet, DMZ, VDI, etc and create firewall rules between them so they don’t talk.

vShield End-point using VMsafe

It’s really what I’ve been waiting for. This is, in my opinion, the biggest announcement of this VMworld. VMsafe was debuted with vSphere, but nothing has ever been done. We are finally seeing some traction in this space. The vShield End-Point appliance will offload file activity to a security VM to handle scanning. You can manage your AV service across VMs in a uniform fashion and enforce remediate using a driver in a VM. At the same time there is a compliance feature that logs all AV file activity. This has the strongest leverage for virtualization in my opinion. Traditional agents are resource intensive and not optimized for virtualized environments and can lead to storms that can cause CPU contention. Now that we can leverage the hypervisor to offload AV functions into a dedicated security VM, it frees up all those valuable resources.

VMware is working with lead partners such as Trend Micro and Symantec. It collaborates a hypervisor-based introspection. Scanning engines and virus definitions are offloaded to a security VM and this action is scheduled. This type of delivery makes it easy to scale.

The current version will have a thin agent that has to be installed on each guest, but uses 95% less resources than conventional agents. The roadmap is to go completely agentless in the next release. At this current moment it’s only being deployed for windows guests, which is completely fine in my eyes for an early release.  Look for Trend Micro to debut their product in September.

vShield Zones is still going to be a part of any licensing advanced and beyond, but they are pushing VMware vShield App and Edge for complete datacenter use and will most likely be an extra cost on top of it all. These releases really have a lot of potential with great amounts of future innovation strategies. Let’s hope we see more security companies jump on this bandwagon.

 

Watch the Keynote I recorded on the flip:


Watch Steve Herrod's Keynote in Entertainment |  View More Free Videos Online at Veoh.com

Related Items

Related Tags

LESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/styles/blue.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/styles/green.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/styles/orange.lessLESS ERROR : load error: failed to find /home4/kacole2/public_html/templates/tx_zenith/less/styles/purple.less