Protecting Virtual Servers From Modern Attacks

By Gert Hansen, Chief Software Architect

More and more companies start to use virtualization every day. VMware is aiding companies moving to virtualization by offering two free products to support. Many users start off by using virtualization for evaluation purposes. And as they realize the benefits of virtualization they plan to move to production use later.

However, one reason why users are hesitant to virtualize their production servers is the lack of network security in such an environment. By using physical servers you can place dedicated firewalls between the servers and/or the Internet for protection. This has not yet been possible in virtual environments. VMware addressed this need in their new vSphere product by adding "vShield Zones," an integrated, stateful firewall which solves basic network security needs.

But this offering has two problems.

First, it is only available in the upper, more expensive vSphere editions, which leaves SMB customers that can only afford the entry editions in the dark. Second, trying to address state of the art malware and attacks with this is like trying to use chainmail to protect police offers in their fight against modern gangs with advanced automatic guns. Basic protection does not withstand modern attacks. In order to protect your IT infrastructure, physical or virtual, you need state-of-the-art enterprise security products to detect and neutralize modern malware, botnets and other attacks.

Besides a stateful firewall, which is a good start, you need a proven intrusion prevention system (IPS) as well as malware and reputation filters to protect the common attack vectors of web surfing and email, including encrypted ones. Especially small and mid-sized businesses need an affordable, easy to use yet complete security solution which is able to run within a virtual environment.