With the recent successes scored by EMC spin-off VMware®, we can safely say that virtualization is the hottest thing in computing in decades. According to IDC, "the virtualization market will more than double over a five-year period, growing from $5.5 billion in 2006 to $11.7 billion in 2011." In fact, most Fortune 100 companies are already using virtualization in some fashion.

The breakthrough technology offered by VMware and other virtualization vendors allows an average administrator to configure up to 20 virtual servers on a single physical server—and they can all run different operating systems. Virtualization offers tremendous benefits from an IT and business standpoint, including the flexibility to support niche requirements for testing, support, and specialty applications; easier management; and less money and administrator time funneled into physical hardware.

The industry is expecting the leading technology players to leverage virtualization in new and safe ways that benefit everyone. As the pre-eminent player in these overlapping spaces—security and virtualization—McAfee brings its strengths to bear to provide unmatched security within today's virtualized environments (VEs).

Virtualization is a real boon, but introduces additional security challenges.

With the breakthrough advantages of virtualized environments come an array of security risks and challenges. For many organizations that have adopted virtualization technology, security is an afterthought. A recent survey indicates that only one in eight organizations that deploy virtualization have a formal security / information protection strategy in place that addresses the specific needs of the virtualized environment.
_{[SOURCE: Information Week, Sep 1, 2007—Survey of 343 customers]}

Security is Often an Afterthought
Many of the issues are the same as those encountered in physical systems, but there are security complexities that are unique to virtualization. Setting up more than a half a dozen virtual machines (VMs) on a single physical server is like setting up a new data center and, as with any data center, all the assets need protection—inside and outside of the data center. But virtual environments are transient in nature. Servers go online and go offline at unscheduled times, so there's a huge potential for denial-of-service (DoS) or other attacks on potentially vulnerable virtual systems that can cripple entire virtual server farms. It’s a real challenge to keep hibernating systems updated with the latest patches.

Traditional computing platform threat vectors are still a concern—malware, worms, spyware, Trojans, and other attacks targeting software vulnerabilities and creating buffer overflows, for example. However, the risk of propagating infections is even higher if you don’t have measures in places to ensure the integrity of virtual machines. One of the greatest vulnerabilities of virtual environments is the fact that there is a single point of attack, the hypervisor, the virtualization platform that allows multiple operating systems to run on a host computer at the same time. The hypervisor can be vulnerable to "hyperjacking" rootkit attacks designed to take control of all the virtual machines under management.

To lock down your virtual environment, it’s critical to address all aspects of security—on the server, the desktop, and the network. While some vendors address one aspect of the virtualization platform, McAfee offers security and compliance solutions for both traditional and virtualized environments that are scalable, centrally managed, and comprehensive—spanning all three. Your first line of defense for your virtualized environment is the network layer, and that is where McAfee IntruShield® comes into play.

McAfee IntruShield's multidimensional, multi-vector integrated network security and intrusion prevention (IPS) appliances are unique in the industry. IntruShield's integrated protection and ASIC-based, easy-to-use platform delivers broad physical and virtual asset protection, maximized business availability, reduced liability, and security cost avoidance.

The award-winning IntruShield architecture integrates patented signature, behavioral/anomaly, and denial-of-service detection on a single virtualized appliance. IntruShield's highly accurate intrusion prevention technology provides built-in, proactive protection against a wide range of network threats and attacks, including:

• Zero-day attacks, cyber attacks, and malware
• Spyware, phishing, and other unwanted programs
• DoS, distributed DoS (DDoS), and SYN flood attacks
• Encrypted attacks, worms, Trojans, and evasions
• Instant messaging and peer-to-peer applications
• Voice over IP (VoIP) threats and vulnerabilities
• VMware threats and vulnerabilities

The IntruShield platform also consolidates additional security technologies in a one integrated console, including:

• Virtual IPS
• Virtual internal firewall
• Built-in physical/virtual host quarantine
• Protocol-based dynamic rate limiting / QoS

And, to further increase detection and prevention accuracy, IntruShield's architecture employs a combination of threshold-based and patented self-learning, profile-based detection techniques.

What are the components of an ideal network security solution for your virtualized environment? As we see it, comprehensive secure virtualization demands the following elements:

• Protection for the assets of the "data center" and the rest of the environment
• Protection for the most dynamic devices: offline, online, or transient
• Protection for both physical and virtual stacks
• Proactive protection of unpatched virtual machines
• Specific protection for virtualized environments
• The ability to isolate infected hosts
• Ability to manage and limit traffic/bandwidth to virtualized environments
• The ability to discover active hosts on the network regardless of usage
• Secure virtualization that doesn’t impact network performance or flexibility of virtualized environment
• Ease of use and ease-of-deployment

McAfee IntruShield's high-performance, purpose-built platform treats virtual environments (VEs) holistically, and as part of the network infrastructure—just like any other physical device. IntruShield secures virtual environments by attacking the problem from four directions: (1) security management, (2) containment, (3) threat prevention, and (4) compliance and control.

Conclusion
As organizations eagerly embrace the revolutionary advances of virtualization, it's only a matter of time before they see the need to start implementing a security risk management strategy for this new uncharted territory. In fact, the safer your virtual environment, the more you’ll be able to take advantage of the operational and economic efficiencies of this breakthrough technology. A deep understanding of virtualization security challenges combined with solid performance in network security and intrusion prevention makes McAfee a wise choice for safeguarding your virtual environment. And, the award-winning, high-performance McAfee IntruShield IPS solution is a smart choice as the first line of defense for every virtualized network environment.