Security firms plug virtual security holes

New tool helps security companies and businesses protect against the threats they can't see as well as the ones they can.

Security key

Security firms have a new weapon in the war against internet threats as a proof of concept tool is now being made commercially available.

It's called VMsafe and it provides software developers with a greater level of control and monitoring capability than was previously thought possible with either physical or virtual servers.

Advertisement - Article continues below

The increasing popularity of virtual servers has introduced new security challenges. While they provide significant benefits, with busy data centre staff being able to bring new systems online in seconds rather than minutes or hours, these same luxuries also have their downsides. Rushing out new servers can mean periods during which those systems are left unpatched and otherwise vulnerable to attack.

VMware, the company behind one of the most prevalent virtual systems, has provided developers with low-level access to its products via the VMsafe API. In practice this means that companies specialising in internet and host-based security can produce software capable of doing things that were previously unheard of.

VMsafe was first announced as a concept in 2008 but has only been available for a few months. Now, vendors including Trend Micro are rolling out products that use this API to monitor multiple systems without the overhead of traditional anti-virus software. Other uses may involve automatically checking the working status of systems, their logs and the integrity of their files.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Blake Sutherland, vice president of strategic markets and alliances at Trend Micro, told IT PRO that his team have been working on technology that will not only improve security but also cut costs too.

"The number of virtual machines (VMs) exceeds the number of previous physical servers. This is good for consolidation but, if you are using host-based security, the cost rises. You're being charged for each installation of the product, but we don't do that with our virtual security model," he said.

The VMsafe API has also allowed Trend Micro to develop a vulnerability blocking system that would, Sutherland claims, run more effectively and with less load on the servers than traditional intrusion detection (IDS) and prevention (IPS) systems.

"Running software on the server uses resources like the CPU and most particularly memory. We cannot take the network appliance approach because this would involve an ever-increasing signature list [of threat descriptions] and appliances have their own hardware to handle that. We use VMsafe to inspect the packet stream between systems on an ESX server and if there's a vulnerability on a VM we'll block all attempts to attack it."

Advertisement - Article continues below

What happens if some malicious code enters the servers regardless of this protection? Bill McGee, Trend Micro's development director, responded saying "malware can still turn off security software. However, our application runs at Hypervisor level and will notice that the protection from the guest system has gone. We don't know of any other developers who are doing this."

It's still early days for this type of approach to security and there may be as many problems as successes while vendors work to put useful implementations in place. Sutherland acknowledges that there's still a long way to go before the full potential of this type of technology is realised. "It's the art of the possible versus the art of the practical in the short term."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020