Is Your Virtual Machine Invisible To the Security Eye?
Virtualization has become a key ingredient in the IT recipe of most companies today. Data centers and enterprises are increasingly turning to some form of virtualization to meet their requirements of scale and operational efficiency.
Desktop or client virtualization lets a company or user segregate physical machines from the desktop ecosystem, and it allows access to the resultant virtualized desktop even from a remote location. Using a virtualized desktop, the user’s business is not limited by geographical boundaries. Any device equipped to operate in a virtualized infrastructure can give the user access to all his data and applications, regardless of location.
Although this approach has advantages like remote access, flexibility of operations, and minimal downtime, concern is increasing regarding the security software for a virtualized infrastructure.
A hosted virtual desktop system is not automatically immune from viruses simply because its original (“real”) system has protection. The VDI, or virtual desktop infrastructure, faces a mammoth task in being “detected” by security tools like malware protection and anti-virus software. To put it simply, such software tools have not been programmed to seek, locate, and protect VMs (virtual machines). The software protection is programmed to vie for resources only at the network, storage, and CPU levels. In a virtualized system, a single physical server can support several desktops at one time. So, when the software is vying for “attention,” it can put huge pressure on the machine.
Performance and operations can thus become lethargic. As Brian Madden of SearchVirtualDesktop.com says, desktop virtualization is more difficult than server virtualization because the user needs to have the same flexibility that a physical machine would provide him. Desktop virtualization also cannot be done with half measures and cannot have restrictions on the types of devices that can support them or even on the amount of work that can be done offline.
The security risks can be exacerbated if the network is improperly managed. Consider a scenario in which a VDI system goes through a previously scheduled scan. By placing an extra load on the CPU, such a scan can slow down the entire network. A client in need of swift operations at that time may be tempted to remove the security systems from their VDI ecosystem. Such a disastrous move will leave that client’s desktops vulnerable to all kinds of attacks.
A company also needs to be wise to the different options available for protecting its VDIs. Depending on whether it is operating at the enterprise level or smaller-size-business level, the company can choose virtual-machine-based security software or agent-based desktop virtualization security software.
A pertinent question is where exactly the security software would run in a virtualized network. For instance, would it run on the primary operating system, the guest operating system, or some combination of both? Each of the three solutions has a downside
A company can resort to one simple way of addressing this concern. As Richard Sheng, regional director for Trend Micro’s Asia Pacific business, states, “treat your VDI desktop on the same platform as you would your physical laptop.” This means that the same security measures and steps, like data backup and management, need to apply to the virtualized desktop, too.
Trend Micro offers wide-ranging desktop virtualization protection technology. The company’s latest product is Trend Micro OfficeScan 10.5, which is a “virtual desktop aware” package. This software can also work in association with a virtual desktop infrastructure put into place by Citrix or VMware. It offers management of up to 20,000 physical and virtual desktop endpoints from one console.
As the company’s product marketing manager, Joerg Schneider-Simon, states, with the VDI-aware anti-virus package, a company can even “double the number of desktop hosts with no lowering of performance.”
Companies like VMware and Citrix are working on security software for virtualized networks as well. Citrix has been working with McAfee on the latter’s MOVE-AV which is an anti-virus package built specifically for virtualized surroundings. VMware is confident that the future belongs more to the virtualized desktop rather than the virtualized server, and the company states that a virtualized desktop is even more secure than the conventional personal computer.
TrackBack URI for this entry
Subscribe to this comment's feed
DCJ Digital Magazine
What drives a Data Center? Want to know more about Cost vs Efficiency in Data Center Design?
To find out and to read more great articles in this issue, CLICK HERE!
DCJ SpotlightON
SpotlightON series continues!
The Data Center Journal has the pleasure of presenting it's interview with Lior Bilk, CFO of Hoboken University Medical Center. Lior discusses his thoughts on DC cooling as well as thoughts on design and efficiency. To read the the entire interview please make sure to open today's newsletter. Not subscribed to the newsletter? Scroll down on this page and submit your email address. It's that easy!!!!!
Register Today!
Get the NEW & IMPROVED DCJ Bi-Weekly eNewsletter! Sign up below!
Latest Comments
Latest Vendor Entries
Latest Events
| Sun Sep 12 @ 8:00AM - 05:00PM Data Center Insights Summit |
| Sun Sep 12 @ 8:00AM - 05:00PM BICSI Fall Conference and Exhibition |
| Tue Sep 14 @ 9:00AM - 10:00AM Cisco Data Center Architecture The Power to Say Yes |
| Thu Sep 16 @ 8:00AM - 05:00PM DataCentre Expo |
| Mon Sep 20 @ 8:00AM - 05:00PM Data Transfer & Data Breach Notification Briefing |
| Sun Oct 03 @ 8:00AM - 05:00PM AFCOM Data Center World |
| Tue Oct 19 @ 8:00AM - 05:00PM Grreen Data Centers: NY |