IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Security firms plug virtual security holes

New tool helps security companies and businesses protect against the threats they can't see as well as the ones they can.

Security key

Security firms have a new weapon in the war against internet threats as a proof of concept tool is now being made commercially available.

It's called VMsafe and it provides software developers with a greater level of control and monitoring capability than was previously thought possible with either physical or virtual servers.

The increasing popularity of virtual servers has introduced new security challenges. While they provide significant benefits, with busy data centre staff being able to bring new systems online in seconds rather than minutes or hours, these same luxuries also have their downsides. Rushing out new servers can mean periods during which those systems are left unpatched and otherwise vulnerable to attack.

VMware, the company behind one of the most prevalent virtual systems, has provided developers with low-level access to its products via the VMsafe API. In practice this means that companies specialising in internet and host-based security can produce software capable of doing things that were previously unheard of.

VMsafe was first announced as a concept in 2008 but has only been available for a few months. Now, vendors including Trend Micro are rolling out products that use this API to monitor multiple systems without the overhead of traditional anti-virus software. Other uses may involve automatically checking the working status of systems, their logs and the integrity of their files.

Blake Sutherland, vice president of strategic markets and alliances at Trend Micro, told IT PRO that his team have been working on technology that will not only improve security but also cut costs too.

"The number of virtual machines (VMs) exceeds the number of previous physical servers. This is good for consolidation but, if you are using host-based security, the cost rises. You're being charged for each installation of the product, but we don't do that with our virtual security model," he said.

The VMsafe API has also allowed Trend Micro to develop a vulnerability blocking system that would, Sutherland claims, run more effectively and with less load on the servers than traditional intrusion detection (IDS) and prevention (IPS) systems.

"Running software on the server uses resources like the CPU and most particularly memory. We cannot take the network appliance approach because this would involve an ever-increasing signature list [of threat descriptions] and appliances have their own hardware to handle that. We use VMsafe to inspect the packet stream between systems on an ESX server and if there's a vulnerability on a VM we'll block all attempts to attack it."

What happens if some malicious code enters the servers regardless of this protection? Bill McGee, Trend Micro's development director, responded saying "malware can still turn off security software. However, our application runs at Hypervisor level and will notice that the protection from the guest system has gone. We don't know of any other developers who are doing this."

It's still early days for this type of approach to security and there may be as many problems as successes while vendors work to put useful implementations in place. Sutherland acknowledges that there's still a long way to go before the full potential of this type of technology is realised. "It's the art of the possible versus the art of the practical in the short term."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

The secure cloud configuration imperative
Whitepaper

The secure cloud configuration imperative

7 Mar 2022
The secure cloud configuration imperative
Whitepaper

The secure cloud configuration imperative

7 Mar 2022
Trend Micro Worry-Free Business Security review: Great cloud-managed malware protection
endpoint security

Trend Micro Worry-Free Business Security review: Great cloud-managed malware protection

7 Dec 2021
Access brokers are making it easier for ransomware operators to attack businesses
cyber security

Access brokers are making it easier for ransomware operators to attack businesses

1 Dec 2021

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022