According to research company, IDC, the virtualisation market will more than double over a five-year period, growing from $5.5 billion in 2006 to $11.7 billion in 2011. With this type of growth imminent, it is expected that security technology companies will begin to use virtualisation in newer and safer ways.
In fact, technologies such as virtualised security management, instantaneous network access control (NAC) protection and network-wide compliance monitoring as well as risk remediation are already giving companies a competitive advantage in terms of equipment costs, deployment time and user security - forming "technology pillars" which support a growing arsenal of security tools within virtualised computing environments.
Firstly, the connectivity pillar of NAC for virtual machines (VMs) leverages virtualisation to better control access and force compliance within the enterprise. To combat today`s highly aggressive attacks, organisations must go beyond traditional security measures and add a solution that enforces security policies when endpoints try to access the network.
Companies are expected to provide access to critical applications anywhere and at anytime, but must also deliver exacting security and business continuity. That`s not only good business practice - it is increasingly becoming a matter of law. They need to make sure that any device connecting to their networks is configured correctly, possesses up-to-date patches and has no high-risk viruses or worms.
Another is the pillar of offline VM scanning which enables virtualisation`s greatest strengths of instant operating system (OS) image replacement. The ability to scan offline or dormant VM images with current anti-virus, anti-spyware and vulnerability tools, as well as remediate them, is key in yielding great savings in launch time by delivering offline analysis of vulnerable or compromised images, eliminating the need to perform these tasks at the moment the image is needed.
The pillar of unfettered security monitoring provides broad, virtualisation-enabled security technologies required to reach into VMs in silent, yet omniscient ways to detect and eliminate OS threats. By extending virtualisation host technologies, fundamental enabling capabilities become available. Some of these include call backs that notify third-party software when monitored memory is accessed, or when inspection of data and parameters take place or when registration changes during runtime. Additionally, the ability to filter monitoring at the virtualisation host side can be very useful.
The multi-faceted pillar of scalable security management provides the ability to hold a wide, multi-node system together for monitoring, auditing and control in order to accommodate the rapid expansion of protected nodes and users as well as handle component failure. Virtualisation techniques can contribute to the security architecture`s ability to reliably meet the needs of the corporate user and customers.
Lastly, the pillar of virtualised risk management supports IT managers in pulling all these components together into a well-oiled system that leverages virtualisation to even more effectively manage inventory assets, protect assets, audit for compliance and remediate the system - truly a main focus in today`s enterprises.
When each of the technology pillars is employed, a process-based approach to security risk management is fully realisable in any enterprise. This ensures a continuous prioritisation of system asset discovery, protection, compliance auditing and monitoring, and remediation.
Security and virtualisation are most certainly on convergent evolutionary paths, and we are starting to see the first evidence of this intersection right now. McAfee and the world`s leading virtualisation vendors together have the vision of keeping their customers simultaneously flexible and efficient, yet safe with secure virtualisation. The evolutionary paths are converging right here and now, and the future couldn`t look any brighter.
Share