Page 53 - cdm-2014
P. 53
In fact, doing so may result in security gaps, increase IT costs and introduce system
inefficiencies.
What’s Your Best Option?
For virtualization security, there’s no one size fits all solution. The optimum approach for your
organization – and the unique architecture of your IT infrastructure – will depend on a number of
factors, including the level of risk you’re likely to encounter, the value of the data that your
systems store and process, the consolidation ratios that you’re aiming to achieve, your
organization’s virtual environment (both your servers and desktops) and your virtualization
hypervisor vendor (VMware, Citrix or Microsoft).
When considering security solutions optimized for virtualization, it’s important to evaluate
agentless solutions as well as small footprint/light agent security products. For example, if you
operate a VMware-based virtual environment, agentless security, which is only available today
in VMware environments, can help you to achieve high consolidation ratios and significant ROI
increase due to its ease of deployment and simple management.
If you run a Citrix-based or Microsoft-based virtual infrastructure, light agent products may
provide the best security solution. If you are using a wide-range of guest operating systems
(Linux, MAC and Windows) or you’re running a less common hypervisor, a virtualization-aware
full agent solution may be your best option.
In general, it’s important to perform some due diligence and understand the options that exist.
In most cases, security that’s optimized for virtual environments is most desirable as it will offer
the most attractive performance, consolidation and operating cost benefits.
More Sophisticated Environments Require Deeper Protection
For some businesses, a mixture of both agentless and light agent security products may be
appropriate. For example, in a tightly controlled data center environment – where servers are
performing work that doesn’t require them to be constantly connected to the Internet – an
agentless security solution may provide adequate protection.
However, for a virtualized desktop environment – where there’s much less control over how the
virtual desktops are being used by employees –deeper levels of protection are important to
consider. Light agent security products include additional security technologies, such as
application control, device control, and web control features as well as firewall, HIPS and
memory scanning capabilities that provide more robust security that is purpose built to secure
virtual environments.
! " $ !
! # ! "
