Virtualisation needs new security models

PC Advisor reports.

Steve Quane, CPO and executive VP with security vendor Trend Micro, said many companies had rushed into server and desktop virtualisation with the best of intentions - but quickly found themselves in trouble as conventional scanning-based security architectures created competition for finite server resources.

IT World says that, in the absence of an architecture that can accommodate the architectural differences of a virtual environment - namely, that large numbers of virtual machines will initiate CPU and hard disk-draining security scans without regard for other VMs simultaneously doing the same - the result is often severely compromised performance that negates the business value of the virtual infrastructure.

"They're all reaching into the same infrastructure that is now shared," Quane explained, "as if it was their own in the old physical world. We've seen that very quickly; traditional security architectures started bringing virtual security architectures to a halt.”

In an organisation that may have just spent millions on a server virtualisation project, Quane warned, poor performance can put IT executives in a difficult situation; many simply disable security altogether and hope for the best, CIO states.

Performance isn't the only problem; keeping security consistent in such virtual environments has proved problematic, with many companies having to take on more technical staff just to keep up with the management of hundreds or thousands of virtual machines.