Security and compliance are the principal objections affecting virtual and cloud rollouts. Legacy security monitoring and compliance tools cannot reliably protect increasingly complex and dynamic IT environments created by virtualization. Catbird has pioneered a new class of automated security that is context-aware and adaptive to the fluid and mobile nature of virtualized data centers. vSecurity 5.0 integrates directly with the hypervisor to provide comprehensive and automated control, visibility and efficiency. Its vCompliance® engine monitors and enforces virtualized data center compliance with PCI, FISMA, NIST, HIPAA and other standards for regulated industries looking to take advantage of virtualized infrastructure for their mission-critical computing.

"Virtualization has revolutionized all aspects of data center computing, including security. With Catbird's vSecurity 5.0, our customers benefit from the economic and technical advantages of virtualization," said Edmundo Costa, CEO of Catbird. "From the U.S. Department of Defense to some of the largest credit card processors in North America, vSecurity automates the security and compliance process, enabling broader and deeper use of virtualization and cloud computing. Catbird customers can virtualize more assets, virtualize more quickly and improve virtualization ROI."

"Catbird vSecurity 5.0 gives us control over our entire virtual infrastructure and network, which is crucial to the security management of the whole county," said Irvin Metaj, Network Engineer of Indiana's Madison County Government Center, Information Technology Systems. "We manage IT for all branches of government: law enforcement, the courts, the revenue divisions and more. With Catbird, we know which departments are trying to access which network and systems, can manage who can communicate with whom and now patrol unauthorized connections. Catbird really raised our game by exposing us to best practices for virtualization security."

Catbird's award-winning next-generation approach weaves together access control, intrusion detection, secure auditing and automated protection for virtual machines, virtual networks, hypervisor management and associated physical assets.

With the release of vSecurity 5.0, Catbird incorporates features such as:

Event Viewer -Orchestrates and displays data culled from a range of controls, including nprobe, firewall, NAC, IDS/IPS and other sources, to paint a detailed picture of what each control is detecting in real-time. A key tool of IT security and operations people alike, the event viewer provides detailed analysis of the security posture of each asset, as well as the inter-relationships between assets, to determine risks and vulnerabilities.

Compliance Radar Graph - A graphical gauge of a data center's current compliance status against a particular standard that is automatically updated in real time, the compliance radar graph automates the validation of compliance while instantly alerting organizations to noncompliance.

Automated Asset Inventory -Automatic, accurate inventories of the IT environment to populate a comprehensive, reliable asset catalog for security monitoring and enforcement.

Network Flow Mapping - Network flows illustrate the communication paths between objects and groups of objects, providing a comprehensive view of protocols, connections, access lists, and more. Because the netflow mapping is integrated with Catbird's automated inventory, organizations can more effectively regulate access controls and mitigate risks from suspicious communication.

Policy Automation - Organizations can set policies and automatically administer and enforce those policies via vSecurity TrustZones(TM), logical groupings of assets that share a pre-defined, common set of policy and compliance rules. In this way, IT teams can be assured of the compliance of their own virtualized data centers against 3rd party standards or their own corporate governance.

Support for syslog CEF, the Common Event Format, an open log management standard enabling Catbird vSecurity data to be collected and aggregated for analysis by the leading enterprise management systems, including ArcSight, Splunk, and RSA enVision.

Catbird's vSecurity 5.0 is built on industry standard, network-based, security technologies for the most comprehensive set of services protecting virtual, cloud and physical networks. Catbird's controls include IPS/IDS, Network Access Control, Vulnerability Monitoring, Compliance Enforcement, Policy Management, Configuration Management and Access Control in a single solution. vSecurity 5.0 includes vCompliance® for automated, real-time compliance monitoring and enforcement with integrated workflow and reporting; VMshield(TM) for monitoring and enforcing policies and rules on virtual machines to block malicious network activity directed at the specific asset from any source; TrustZones® for ensuring the enforcement and monitoring of security policies associated with a particular virtual machine or network; and Hypervisor Shield(TM) for monitoring and controlling access, detecting malicious network activity and validating configurations of the hypervisor management network.

Catbird vSecurity 5.0 is available immediately. To download a free evaluation version, go to http://www.catbird.com/demo .

Related posts:

1. Catbird Security Honored by SC Magazine as Virtualization Security Innovator of the Year
2. WatchGuard Enhances Security for Virtualized and Cloud Infrastructures
3. Cloud Guard Extends Unified Security to On-Premise Virtualized Networks

Virtualization has helped organizations reduce capital and operating costs, while driving greater levels of application availability. It has also yielded benefits in flexibility, agility and control. However, even as virtualization has helped reduce the number of physical servers, the number of virtual servers continues to rise, resulting in increased complexity and server personnel management costs.

Making virtualization easier With this new release, Sophos reduces the complexity of a virtual environment by integrating its unique managed appliance experience to deliver an industry-first on-premise managed service. Sophos Managed Appliances include remote monitoring and automated maintenance at no additional charge. This approach combines the benefits of virtualization and on-premise control with the cost savings of a managed service, reducing overhead and complexity. The Sophos Virtual Web Appliance also automates the update and upgrade process and provides proactive monitoring and support -- further simplifying network management.

Streamlined provisioning and management The Sophos Virtual Appliances streamline the provisioning and management processes with pre-configured performance profiles, built-in load balancing and an intuitive management console. Users can manage several virtual appliances within a single console, increasing performance and capacity while reducing management time and complexity.

Complete web protection everywhere By integrating web appliance protection with the Sophos Endpoint security solution, the company delivers unmatched protection and management visibility into users' web activity -- wherever they go. Administrators can quickly and easily set policies, report on activity and protect users, even beyond the secure perimeter of the corporate network. This is all possible without the need for costly and complex backhauling or added gateway infrastructure.

Sophos provides industry-leading web protection due to a unique three-stage filter which combines URL reputation filtering, advanced real-time malware scanning with behavioral analysis and content control to guard against the latest threats. Sophos appliances also include advanced capabilities such as HTTPS scanning, dynamic anonymizing proxy blocking and call home detection to cover essential blind-spots.

"With virtualization taking over the modern IT infrastructure, we are excited to have an offer that leverages virtual infrastructures," said Pete Greco, vice president of sales and technology, Productive Corporation. "Customers are asking for it, Sophos delivers it. A new way to deploy an already great product is an easy sell for us."

"Organizations are increasingly looking to squeeze more out of less by further leveraging their investment in virtualization, but simply implementing virtualized versions of the same maintenance-heavy applications only helps to a limited extent," said Chris Kraft, vice president of product management at Sophos. "Our Virtual Web Appliance allows IT departments to not only leverage all the benefits of virtualization, but also those of a managed service, all the while keeping their data on-premise and preserving complete control."

Trials are available free of charge and licensing is simple, based on a per user, per year basis with no additional charges for the number of virtual servers.

Related posts:

1. Sophos and Virtual Computer Form Alliance to Secure Virtual Environments
2. Virtualization and security – Sophos
3. Trend Micro Launches Endpoint Protection With OfficeScan 10.5

Catbird's groundbreaking vSecurity® platform was recognized for in-depth compliance monitoring while providing essential functionality for virtual security, especially in cloud environments. The honor further notes Catbird's leading role in helping its value-added partners guide their customers in the role of trusted advisers in the virtual security space, citing Catbird's greatest strength as coming from extensive experience securing both virtualized and physical data centers.

"Catbird early on recognized that cloud-based data centers require a new approach to meet security and compliance requirements. vSecurity was designed from the ground up to help customers address their compliance concerns as they move to cloud and virtualized infrastructure," said Edmundo Costa, CEO of Catbird. "The data centers of some of the largest card processors in the world rely on Catbird to meet the stringent security and compliance requirements of PCI DSS 2.0. Our customers know they can safely virtualize all of their mission critical applications, even under the careful watch of the regulators."

The SC editorial team highlights that innovation is not something that comes from sales or marketing alone. It is comprised of the technology along with the way the business is conceived. For its annual look at the industry's foremost innovators, SC Magazine looked for companies that have "vision, imagination and creative management" along with the ability to make sense of and thrive in a new computing paradigm by delivering viable technology.

Catbird vSecurity's multifunction approach to virtualization security and compliance includes automated protection for network infrastructure such as virtual machines, virtual networks and the hypervisor management network. vSecurity integrates directly with the hypervisor to provide comprehensive and automated control, visibility and efficiency. Its vCompliance® engine monitors and enforces virtualized data center compliance with PCI, FISMA, NIST, HIPAA and other standards for regulated industries looking to take advantage of virtualized infrastructure for their mission-critical computing.

Related posts:

1. Webinar: State of Cloud Security at the Five Year Mark
2. Virtual Security Appliance Market up 57% in 2011, Driven by Cloud and Data Center Buildouts
3. Trend Micro Broadens Virtualization Security Strategy

The mobile health sector has matured significantly in recent years, with new technologies providing greater access to health services and information, from tablets to smartphones to healthcare apps to remote patient monitoring – all geared to improve the quality of care and practice management.

echoBase’s Resonate solution provides a single mobile interface to all electronic medical record, practice management, clinical and financial systems that allows clinicians to interact with electronic patient data real-time, with or without an Internet connection. This helps to reduce errors, costs and data processing time by collecting and validating patient information at the point of care – or anywhere.

Through integration with Resonate, Gazzang’s ezNcrypt solution provides high performance, transparent data encryption for Linux, MySQL and other open source applications and services without requiring changes to the existing database or application code. This enhances security of sensitive patient information, without impeding the ability to provide time-sensitive – and sometimes life-saving – medical care. It also ensures critical compliance with regulatory mandates, including HIPAA, HITECH and Meaningful Use guidelines.

“Security of patient information is an absolute requirement for our customers. You can’t handle this information ‘casually’ when people’s health and medical care is at stake,” said Brent Miller, President of echoBase. “That’s why we turned to Gazzang to provide an impeded layer of infrastructure for all of our mobile interface offerings. Gazzang’s ezNcrypt solution was easy to implement and integrate as the critical security fabric for our Resonate solution.”

“echoBase is leading innovation in health care management as mobile technologies become an increasingly dominant platform,” said Larry Warnock, CEO of Gazzang. “I believe their product will be a key catalyst in changing the way clinicians access and update medical records, from anywhere, at anytime – accelerating the speed and quality of today’s patient care. We are honored to provide critical data encryption services to such a cutting edge company, and to ensure the security of patient’s sensitive electronic medical records.”

Gazzang ezNcrypt uses dual authentication keys and protects critical data from being accessed even by Linux root-level administrators.

Additional benefits for healthcare organizations include:

• Fulfills HIPAA compliance requirements related to the access, authentication, storage, auditing, and transmittal of electronic medical records
• Protects against rogue employees
• Alleviates concerns related to storing data in a shared cloud environment
• Protects sensitive or propriety intellectual property
• Requires zero modification to the application or database

In addition to echoBase, Gazzang healthcare customers include the Children’s Hospital of Boston, Hartford Hospital, J7 Group, MobilePRM.com, The University of Pittsburgh Medical Center, RevenueMed, Signature Genomics, Ubiqi Health, and UC Irvine Healthcare, among others.

Related posts:

1. Medical University Deploys Oracle’s Sun Ray Clients, Improves Nursing Staff Productivity, Mobility and Security
2. Dell Sees Continued Growth in Cloud-Based Medical Archive
3. Patients First | Successfully Deploys VDI with Xiotech’s Intelligent Storage Element

ANALYST NOTE

“The adoption of server virtualization within wiring closets and data centers at organizations of all sizes and the rollout of infrastructure to deliver IT services in the cloud is driving significant change in the technical requirements for security solutions, presenting unique challenges. Some of the more vexing challenges include solving the inter-virtual machine threat problem without falling into the expensive trap of installing security software on every single virtual machine, deploying security technology that protect the broad range of applications running in virtualized environments, and navigating the complex web of vendors, standards, APIs, and architectures in play for securing virtual environments. These challenges represent key drivers for the virtual security appliance market and reflect why the market is growing so fast,” explains Jeff Wilson, principal analyst for security at Infonetics Research.

VIRTUAL SECURITY APPLIANCE MARKET HIGHLIGHTS

• After more than doubling in 2010, in 2011 the global virtual security appliance market easily passed the half-billion-dollar mark for the first time, expected to hit about $670 million, up 57% year over year
• In the 5 years from 2010 to 2015, Infonetics forecasts the virtual security appliance market to more than quadruple, to $1.75 billion
• Since Juniper Networks’ acquisition of Altor Networks, virtually all of Juniper’s major competitors have increased their product development and marketing focus for virtual appliances, including Trend Micro, Cisco, Check Point, F5, Blue Coat, Citrix, IBM, Symantec, HP, IBM, Enterasys, Fortinet, and Watchguard
• Specialists like Vyatta and Catbird are still making waves in the virtual security appliance market, and the virtualization platform vendors themselves (VMware, Citrix, and Microsoft) are also in the mix for security solutions

VIRTUAL SECURITY REPORT SYNOPSIS

Infonetics’ Virtual Security Appliances report provides worldwide and regional market size and forecasts for licenses, revenue, and revenue-per-license for the 4 main security technologies most widely available in a virtual appliance form factor: content security gateways, firewalls and virtual private networks (VPNs), Secure Socket Layer (SSL) VPNs, and intrusion detection and intrusion prevention systems (IDS/IPS).

Related posts:

1. McAfee Highlights Discrepancy Between Data Center Security Perceptions and Reality
2. First Data Storage Appliance Focused on Virtual Desktops Released
3. LogLogic Releases First Full Service Virtual SIEM Appliance

“The powerful firewall, integrated threat management and application control, and bundled easy-to-use business-focused management suite that define WatchGuard XTM have helped hundreds of thousands of organizations run their businesses securely. Now, WatchGuard will enable those companies to leverage the consolidation savings and business agility of virtualization and private clouds with the same level of confidence,” said Roger Klorese, Director of Product Management at WatchGuard Technologies. “The response to the extension of WatchGuard XTM security to virtual infrastructures has far exceeded our expectations, with hundreds of partners and customers requesting early access.”

WatchGuard XTMv
XTMv is now available in beta version to meet the needs of small, midsize and large-scale distributed environments. XTMv provides the same type of high security offered by WatchGuard XTM series hardware appliances, including Application Control, Reputation Enabled Defense, intrusion prevention, gateway anti-virus, web blocking traffic shaping, and more. “WatchGuard has been a vital component of our enterprise infrastructure for over 12 years now,” says James Bender, Director of Technical Services, MCA. “Their offering application layer capabilities in the late 90’s sealed our decision to market their firewall to our customers as our security appliance solution. Being a customer first, I appreciated the ease of management, friendly interface, and bundled features on the box that other vendors charge an arm and a leg for. This beta release has me very excited. The virtualized XTM solution allows us to spin up virtualized firewalls that leverage our high performance and highly available, x86/x64 infrastructure. XTMv provides us with scalable access control solutions to protect specific virtual machines and make our cloud offerings a reality.”

WatchGuard XTMv series can manage traffic passing within the virtual infrastructure and across internal networks between virtual machines in the same cluster or on the same server; thus XTMv is well suited to implement security policies between applications, user communities or tenants. WatchGuard XTMv will be initially supported on VMware vSphere.

Additional beta testers will be added to the program in January 2012. Users may request access through this application: https://watchguard.wufoo.com/forms/sign-up-for-the-watchguard-xtmv-beta-program/

Related posts:

1. Cloud Guard Extends Unified Security to On-Premise Virtualized Networks
2. Juniper Introduces Virtualized Security for Private and Public Clouds
3. Northrop Responds To Federal Agency Needs For Stronger Cloud Security

“It’s astounding that almost two-thirds of our respondents say that their management is in the dark about their true security status,” said Dan Olds, principal analyst at Gabriel Consulting Group. “This is something that should cause a lot of thought both in the executive suite and in the data center. Management needs to seek out the truth when it comes to IT security, and data center management needs to be frank and honest when discussing the strengths and weaknesses of their security mechanisms. Obviously, it’s far better to discuss potential security issues before they’re exposed by a breach.”

The report also found that although nearly half of the respondents feel that virtualization and private clouds pose a unique security challenge, the majority of respondents are using the same tools to secure both physical and virtualized systems. McAfee’s approach to data center security is backed by a belief that advancements with traditional security models need to occur industry-wide in order to properly secure data centers and cloud environments. Both private and public cloud computing architectures rely on the virtualized data center to deliver increased business agility and scale. As organizations continue to adopt virtualization and cloud computing, security technology is often replicated from physical resources, which results in various obstacles, such as inconsistent network policies and security loopholes.

Other key findings from the GCG report include:

• Nearly half of the respondents reported that they are constantly finding new security holes
• More than 40 percent of respondents feel that their organization’s security pace isn’t keeping up with threats
• Approximately 70 percent of respondents are skeptical of public cloud security
• Forty percent of respondents report that day-to-day security does not conform to the standards required by their official polices

“The move to virtualized data center requires organizations to consider their approach to security early in the design cycle,” said Greg Brown, vice president of Network Security at McAfee. “Using network and system security solutions that are optimized for virtualized environments ensures continuity of data center operations, without interfering with performance. McAfee's solutions provide seamless security management across conventional and virtualized data center resources.”

McAfee continues to broaden and enhance its unified security portfolio spanning network, servers, data, and storage, and controls across physical, virtual and cloud infrastructures. Next-generation data center teams can optimize security for each function and efficiently manage and monitor security across rapidly changing infrastructure. By working with McAfee, IT can enable secure, elastic, on-demand services, without compromising on compliance or jeopardizing availability.

Related posts:

1. Intel completes McAfee acquisition
2. McAfee and Citrix to Make Virtual Desktop Security Simpler and More Scalable
3. Cloud Survey Highlights IT Pros’ Optimism, Concerns

For step-by-step instructions on installing and configuring Backup Exec or the Agent for VMware Virtual Infrastructure, consult the Backup Exec Administrator’s Guide.

This feature brief will help technical personnel as they make design and implementation decisions for Backup

Exec and the Agent for VMware through the exploration of the following topics:

• How Backup Exec integrates with the VMware platform
• Technical requirements of certain key features
• Best practices
• Pitfalls and things to avoid
• Performance factors
• Agent limitations
• Example configurations

Related posts:

1. New PHD Virtual Improves Backup Performance and Scalability
2. Top 10 Backup Mistakes in Virtual Environment
3. Got a Virtualization Infrastructure backup strategy yet?

Virtualization is being rapidly adopted for green IT and server consolidation initiatives, but software licensing models are lagging behind, and security is still an open debate. Third Brigade, a security software company specializing in host intrusion detection and prevention systems (IDS/IPS), today announced a new licensing model designed to address the accelerated adoption of virtual environments and help customers achieve the lowest total cost of ownership for virtualization security.

Promoting adoption of the highest level of security, Third Brigade licensing now allows for an unlimited number of virtual machines to be protected per physical server. Third Brigade also introduced a new, coordinated approach to intrusion defense for virtualized environments that will deliver better data protection than can be achieved by virtual security appliances.

"Two years ago we began consolidating our mission-critical data center servers into virtual environments. Because we manage sensitive employee data for our Fortune 100 enterprise customers, security is always a top priority," said Mike Gioja, CIO, Workstream. "Since the beginning, Third Brigade has been delivering virtualized security to our data centers. This approach enables us to scale while keeping security at the forefront of our customer solutions. In addition, Workstream gains a competitive advantage over the security and virtualization architectures I have seen from other vendors."

When asked why Third Brigade’s approach to virtualization security is better, Wael Mohamed, President and CEO, Third Brigade said, "The biggest threat left exposed by omitting virtual machine-based security, or relying solely on virtual security appliances, is the potential for one compromised virtual machine to be used to launch an attack against another virtual machine. An appliance or gateway model can’t see, and prevent, the malicious traffic between the VMs; Third Brigade can." Mr. Mohamed continued, "We also believe sophisticated security coordination will be required between a security agent on a virtual machine and a security agent leveraging the VMsafe APIs, when they are available. We have created an attractive licensing model that will enable customers to take advantage of these advanced features."

"An ideal licensing model for virtual environments offers choice, and does not impact mobility or inflate costs," said Chris Wolf, Senior Analyst, Burton Group. "Key to the success of an ideal licensing model is the ease of compliance. License management complexity and total cost of ownership should be a factor in all software purchasing decisions."

Third Brigade customers that have already embraced virtualization are deploying over 10 virtual machines (VM) per physical server. The new licensing model helps accelerate mission critical virtual deployments and removes any barriers to delivering best-of-breed security capabilities to every VM by allowing an unlimited number of VMs to be protected per physical server. For customers that are moving to, or have mixed physical and virtual environments, Third Brigade licenses are portable as a server is transitioned from the physical to virtual world. Pricing is also available for individual virtual machine instances for enterprises that have unique security requirements.

According to the CIO of Harvard Medical School, John Halamka, "Virtualization is a double-edged sword when it comes to healthcare. We need it for our green IT initiatives and it keeps costs down, but it re-opens vulnerabilities that we had already addressed in the traditional, physical world." Mr. Halamka continued, "We’re exploring the use of Third Brigade security to protect our virtualized environments. Putting protection on individual virtual machines and coordinating security with agents built using new VMsafe APIs that plug into the hypervisor will ensure our virtualized servers are well protected."

Through hundreds of discussions with customers, prospects and industry experts, Third Brigade recognized that green IT and consolidation cost savings are driving virtualization, but there has been hesitation to move mission critical systems to the potentially insecure virtual world. The February, 2008 announcement of the VMsafe APIs from VMware has improved overall confidence that the security market will be able to meet the future security requirements of virtualized systems; however, VMsafe technology will only be available in a future release of VMware Virtual Infrastructure products. Enterprises and governments want a security solution today, that will help them transition to a fully-virtualized environment in the future, with cost certainty.

Third Brigade’s coordinated and adaptive approach for data center virtualization protects virtual machines today, and is ready to take advantage of VMware’s VMsafe APIs when they are available in the future. This virtual intrusion prevention system offers a multi-layered approach that protects virtualized environments in a way that offers greater security than that delivered by virtual security appliances—such as protecting against encrypted attacks. Sophisticated security coordination will ensure maximum protection, optimal performance and coordinated reporting for your virtualization security deployment.

At the RSA Conference, April 7-10 in San Francisco, attendees will be able to visit Third Brigade’s booth to see a demonstration of a VM to VM attack in progress, and watch as Third Brigade’s virtual intrusion prevention system is used to detect and prevent the attack that is attempting to exploit vulnerabilities in the operating systems and applications running on virtual machines.

Download Third Brigade white papers and solution profile on virtualization security.

About Third Brigade
Third Brigade best-of-breed host intrusion defense systems protect critical data and applications, including those on virtual machines, from attacks that bypass or penetrate network defenses, and target vulnerabilities in operating systems, and enterprise and web applications.

Related posts:

1. Sophos and Virtual Computer Form Alliance to Secure Virtual Environments
2. McAfee and Citrix to Make Virtual Desktop Security Simpler and More Scalable
3. Trend Micro Broadens Virtualization Security Strategy

Intel said that with the completion of the deal, McAfee becomes a wholly owned subsidiary of Intel. McAfee will continue to sell security products and services under its own brand.

The Santa Clara, California-based Intel, whose processors power nearly 80 percent of computers worldwide, announced its plan to purchase McAfee, one of the world's largest anti-virus software companies, in August.

The acquisition received the green light from the Federal Trade Commission in December and from European regulators in January.

"Intel has added security as a third pillar of what people demand from their experiences with personal computers and other connected devices," Intel senior vice president Renee James said in a statement.

"The acquisition of McAfee adds not only world-leading security products and technologies to Intel's computing portfolio, but also brings incredibly talented people focused on delivering products and services that help make connecting to the mobile Internet safer and more secure," James said.

Related posts:

1. McAfee and Citrix to Make Virtual Desktop Security Simpler and More Scalable
2. Intel Selects Joyent for the Intel Cloud Builders
3. Intel earnings soar with rise of cloud computing