Virtualization technology keeps growing. While virtualization brings agility to your environment, it also brings extra security considerations.
Traiditional anti-virus software could protect your virtual infrastructure, but it would require you to install an endpoint protection software on all of your virtual servers. This will cause extra resource consumption that can be better spent for your infrastructure.
Not only would traditional anti-virus software will require much resources in comparison to a virtual security solution, but it would also dramatically decrease visibility for your management by cluttering your dashboard with a lot of servers. Virtualization security allows you to simplify management for your virtual infrastructure by consolidating much of the servers by using a Security Virtual Appliance (SVA).
Virtualization security, alongside with securing your virtual infrastructure much like a traditional anti-virus would, also includes feature called Virtual Patching. Virtual patching allows the security product to use Intrusion Prevention System to shield vulnerabilities before they can be exploited. While virtual patching does not actually patch your virtual servers, it prevents malicious third parties to gain access to your system by exploiting unpatched vulnerabilities as the virtualization security platform will intercept and stop the malicious traffic before it reaches the operating system.
vShield must be used in order to enable protection for VMware based virtualization solutions . VMware vShield Endpoint enables organizations to manage anti-virus and anti-malware policies for virtualized environments. vShield Endpoint strengthens virtualization security with enhanced endpoint protection by offloading AV processing to a secure virtual appliance supplied by VMware partners such as Kaspersky Lab and Trend Micro.
VMware vShield; Improves consolidation ratios and performance by eliminating anti-virus “storms.” , automates anti-virus and anti-malware deployment and monitoring, and satisfies compliance and audit requirements with anti-virus and anti-malware activity logs.
Agent Based vs Agentless Security
Due to the fact that installing a full agent that handles all the security is akin to installing a fully functional endpoint security software on a server, Agent based virtualization security is not a preferred approach any more. Traiditional, agent based security will consume extra resources that might better be spent elsewhere.
Agentless security works by installing a layer between the virtual machines and the host they reside on. This layer is provided by a Security Virtual Appliance (SVA), a virtual appliance that works on VMware. VMware vShield provides the framework for the Agentless security to reside on. While undeniably effective resource-wise, this approach lacks the advanced security features that a corporation might need.
Light-agent based virtualization security approach combines the effectiveness of Agentless security with advanced security features of Agent-based security. Protection is provided by a Security Virtual Appliance (SVA) and a lightweight agent residing on machines. This solution is generally preferred due to its balance between security and performance for virtual environment.