virtualization – securing the future name/title. virtualization is the future “virtualization is...
Post on 29-Jan-2016
226 Views
Preview:
TRANSCRIPT
Virtualization – Securing the Future
Name/Title
Virtualization is the Future
“Virtualization is having a huge impact on infrastructure architectures, processes and operations, people and skills, and the business. It is the most important and impactful trend in infrastructure and operations through 2012 - changing how you manage, how/what you buy, how you deploy, how you plan, how you charge.“ Dave McClure, Gartner
“Server virtualization is the 'killer app' for the datacenter and has forever changed IT operations.” Michelle Bailey, IDC
What is Virtualization?
• Separation/decoupling of application environment from hosting computing, network, and storage hardware Logical resource different from physical Liberates single hardware piece (i.e. a server) to
support multiple applications
• Computer virtualization: one computer acts like multiple• On a desktop: Virtual PC, VMware Fusion, Parallels, etc.• On servers (“virtual infrastructure”): VMware vSphere,
Microsoft Hyper-V, Citrix XenServer
Snapshot of the Virtualization Market
Total System Infrastructure Software (SIS) market accounted for: $85B in revenue for 2010, up 9.7% from $77.5B in 2009 VMware has 29.87% SIS market share by revenue (50-
60% of virtual infrastructure) >40% of x86 architecture workloads virtualized on
servers Installed base projected to grow four-fold from 2010
through 2015
Primary Approaches to Server Virtualization
Virtualization
On-premise Cloud Hybrid
Virtual Networking: How VMs Use Networks• Some physical – multiple VMs per physical NIC• Some private – no physical net
Can be used to increase security without adding infrastructure
Advantages of Virtualization
Improves Operational Efficiencies
Fewer physical servers
Lower server hardware &
maintenance costsReduced power &
cooling costs
Meet Green IT targets (cooling, consumption, carbon emissions)
Lower licensing costs (AV, OS, data
back-up)
Vastly improved server utilization rates
Bolsters Data Back-up and Disaster Recovery
• A system may be copied to a remote location, permitting businesses to consolidate data centers at another data center
Less
Down
Time
More Agile Business and Technological Flexibility
Justify purchas
e of server
Order Server
Receive server
Install server
Configure & test server
Days / Weeks
Provisioning of a Traditional Server
Provisioning of a Virtual Server
Minutes
Implementation of Virtualization by Small Businesses
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Not consider-ing 30%
Discussion / planning
stage24%
In trials19%
Implementa-tion 17%
Have im-plemented
10%
70%
Symantec. “Small B
usiness
Virtualiza
tion Poll. “ August 2
011.
Survey of 650 sm
all busin
esses w
orldwide.
Evolving Business
Security Needs
IP network growth (VoIP, WLAN, etc.)
Demand for SaaS / Cloud
services
New applications
Emerging threats and
attack vectors
Compliance & accountability
New Technologies & Threats Shape Security Needs
Virtualization Poses New Security ChallengesTr
adit
ion
al S
ecu
rity
• Perimeter enforcement is fundamental
• Security implemented by interposing physical devices on the wire
Vir
tualiz
ati
on
• Blurs notion of “perimeter”
• Applications may not run on same physical servers
• Security and auditability required between entities of share virtual infrastructures
• Physical appliances cannot offer in-line protection
• Shared infrastructure susceptible to malware infections via mobile users
Security Implications of Virtualization
Physical Network
Firewall sees & protects all traffic between servers
Virtual Network
Physical security is blind to traffic between virtual machines
VM 1 VM 2 VM 3
Hypervisor
VS
Host
Unprotected Virtual Machines Make Bad Neighbors
WatchGuard: From Prediction to Protection
Increased reliance on virtualization reawakens need for virtual security
Virtualization Spurs New Security Modalities
"The adoption of server virtualization within wiring closets and data centers at organizations of all sizes and the rollout of infrastructure to deliver IT services in the cloud is driving significant change in the technical requirements for security solutions, presenting unique challenges... These challenges represent key drivers for the virtual security appliance market and reflect why the market is growing so fast," Jeff Wilson, principal analyst for security at Infonetics Research.
Hurdles to Adoption of Virtualization?
Security IssuesPrivacy & Compliance Issues84
%85%
Top-Cited Obstacles to Securing a Virtual Environment?
Lack of budget for virtual-environment specific security solutions
Lack of staff expertise
Licensing, deployment & support models of security vendors not optimized for virtual environments
Limited visibility provided by traditional security management consoles into virtualization environment
Increased management complexity
51%
48%
40%
35%
29%
Small Businesses Still Harbor Virtualization Concerns
60% System Performance
56% Backup 56% Security & Patch Management
Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.
Service Providers Investing in Virtual Network Security
Infonetics Research, “Service Provider Security Drivers, Spending and Vendor Leadership: Global Survey. Dec. 2011.
Protect against theft of customer
data
Increase uptime Data center consolidation /
upgrade
#1
#2 #3
Top Drivers
How Organizations Assess their Management of Cloud Server Security
Good/Excellent: 27%
Fair: 27%
Poor: 25%
No Comment/Not Sure: 21%
Managing Firewall Risks in the Cloud: Survey of U.S. IT & IT Security Practitioners. Independentlyconducted by Ponemon Institute LLC. Sponsored by Dome9 Security. November 2011.
Virtual Servers Deployed by Small Businesses that are
<40%
Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.
Visibility of Virtual Networks is Key
“…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you'd use on a physical server, inside that network, you don't see what's going on." Neil MacDonald, security and infrastructure analyst at Gartner.
The VMware vSphere Hypervisor Environment
• Most widely deployed virtualization platform Broadly utilized by public cloud service providers,
enterprises, small and medium-sized businesses Foundation for growing virtual desktop (VDI) market Installed base encompasses 250,000+ customers
worldwide Over 1,400 ISVs support 2,500+ applications running on
vSphere Over 5,100 global service providers leverage vSphere
as foundation for their public cloud services
Diagram of vSphere in the Enterprise
Source: Hany Michael. http://www.hypervizor.com/diagrams/
XTMv: Securing the Future
• XTM functionality as a vSphere-compatible virtual appliance First release based on XTM Fireware 11.5.2 All bundles and unbundled services available No crypto acceleration, FireCluster
• “Shipped” as a downloadable vSphere-compatible Open Virtual Appliance (OVA) format file
• Serial number delivered via email fulfillment
Why XTMv?
• Deployed as a vApp VM conforming to DMTF Open Virtualization (OVF)
standard Supported on servers and networking equipment on
VMware vSphere Hardware Compatibility List
• Supports rapid deployment• Can implement security policies on:
Inside vs. outside basis Between organizations or applications within same
infrastructure
• May easily be preconfigured and deployed with the virtual machines that serve multi-component applications
• Users/Customers may manage a combination of XTM and XTMv appliances from single management server
Securing Multiple Customers with XTMv
• Multiple XTMv instances can be deployed on industry-standard servers at perimeter OR within DMZ Administration via web interface or multi-device
WatchGuard System Manager
XTMv: Managing the Virtual Environment
Traditional Firewall
Location
Network Connection
Virtual Firewall
Virtual Machine
(VM)
Zone
VM + Zone
Physical XTM Device Offers Complementary Security• Placement at perimeter protects from major external
threats
Cloud / Hosting / MSSPs
Retail / Hospitality Companies
Hospitals & Healthcare Campuses
University Campuses
K-12 School District Offices
Large Financial Institutions
Branch & Remote Offices
Target Industry Verticals
Ideal for Hosting Providers & Large IT Organizations…
Multiple instances of XTMv can run on single hypervisor
• Ability to run separate logical firewalls on same host system
Can manage traffic passing through virtual infrastructure and across internal networks – even between virtual machines in same cluster or server• Ideally suited to implement security policies between
applications, user communities, or tenants
Also Well Suited for Medium & Small Businesses
Instance of XTMv can be run on same server to protect full server consolidation environment
Offices with single server
running consolidated
workloads
XTMv Leverages same Award-Winning Security & Business-Enablement Capabilities as WatchGuard XTM
Physical Devices
An Application Proxy checks Source IP, Destination IP, Port, Protocol
If a matching rule (or service) is found:
The proxy then performs deep inspection on the content of the packet, including application layer data.
XTM Cornerstone – The Application Proxy
Packet Reassembly – since 1996
This is the key to finding threats that OTHER FIREWALLS MISS!
Fireware XTM: Making the Most of Your Network
QoS and Traffic Shaping• High-priority traffic gets bandwidth• Low-priority traffic gets available bandwidth
Multi-WAN Support• Up to 4 WAN connections supported• Traffic can use multiple WAN connections simultaneously or
on a failover
VPN Failover• Mission-critical VPN traffic keeps flowing if a remote site
becomes unavailable• Traffic automatically fails-over to another gateway
IPv6 Readiness• IPv6 Ready Gold Logo validates IPv6 routing• All XTM appliances will support IPv6
Command Line Interface
Choose from three user interface options: Administer your way
Managing XTM Solutions: Flexibility
WatchGuard Systems Manager Interface
Web Interface
• Simultaneously manage from 2 to 100’s of boxes• Can manage both XTM and XTMv
XTM Multi-Box Management Saves Time
“Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy because it is all very logical and straightforward.”Francis Lim, IT Manager, Eurokars Group
Align security policies across an organization – or apply modifications
between boxes
• Real-time monitoring lets you take instant action to protect your network.
• 65 pre-defined reports included. Drill-down for the data you need — when you need it.
Real-Time Visibility & Reporting
Monitor network traffic in real-time.
Take instant remediative action, such as adding a site to a blocked sites list
Suite of tabbed tools deliver information needed
to monitor and react to network status
XTMv: Defense-in-Depth
• Virtual Appliance
• Antivirus
• IPS
• RED
• Application Control
• WebBlocker
• spamBlocker
• Live Security
Industry-Leading Value
“The company is strong, the products able, and the pricing can’t be beat.”
Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
Why WatchGuard XTMv Wins
vs. Fortinet
• Real-time visibility tools
• 65 bundled reports vs. only 2
• Multi-WAN• Traffic shaping• VPN setup wizard• Multi-device
(physical/ virtual) management included
vs. Cisco
• Application Control• HTTPS inspection• Tightly integrated
security services• UTM performance• Simple VPN setup • Physical and virtual
switch agnostic
vs. SonicWall
• No firewall virtual appliance offered by SonicWall
vs. Palo Alto Networks
• No firewall virtual appliance offered by Palo Alto
“I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected.”Lucas Goh, Head of IT Operations for Asia, Berg Propulsion
Moving Security Forward with Watchguard XTMv• “Best-in-class” security for comprehensive protection• Protection for physical and virtual infrastructures• Recognized security “Trend Setter”, industry “Champion”,
and “Leader”• Real-time monitoring, 65 reports included• Intuitive set-up wizards • Multi-WAN support• Market-leading value
"This beta release [WatchGuard XTMv] has me very excited. The virtualized XTM solution allows us to spin up virtualized firewalls that leverage our high performance and highly available, x86/x64 infrastructure. XTMv provides us with scalable access control solutions to protect specific virtual machines and make our cloud offerings a reality.“ James Bender, Director of Technical Services, MCA
top related