Bridging the Gap between Virtualization and Security Administration

By on Apr 12, 2016

This blog post was written by Teresa Wingfield.

Applying core administration and security to the management and protection of a large-scale private cloud deployments can be hard.  This is particularly true given that virtualization administration and security administration involve distinct skills.

Virtualization administration is concerned with architecting, designing and deploying virtualized infrastructure.  This involves hypervisor and advanced disk management as well as configuration and tuning of virtual machines. Plus there’s ongoing monitoring to avoid or fix issues impacting service.

Security administration, on the other hand, involves understanding system access control and security aspects of critical systems in a virtualized environment.  This includes protection, detection and responding to security vulnerabilities and threats.

The Challenge: Managing Two Jobs at Once

Security administration and virtualization administration roles are increasingly converging in many private cloud deployments. Unfortunately for some virtualization administrators, security management is not their core strength. And, conversely, some security administrators don’t have deep skills in virtualization. Even for those gifted enough to be proficient at both roles, many are having a hard time getting everything done.

Given the skills and time challenges involved in virtualization administration and security administration, perhaps you are trying to figure out how to be more successful at managing both roles in your own organization.

The Solution: Automation

McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus deployed with VMware NSX helps bridge the gap between virtualization administration and security administration.

Let’s look at three key features in MOVE AntiVirus to see how they help automate administration:

Automated Malware Scanning

MOVE AntiVirus can automatically deploy a Security Virtual Machine (SVM) for each hypervisor to offload malware scanning since it’s tightly integrated with VMware NSX Manager. Administrators start by choosing the NSX deployment option in McAfee ePolicy Orchestrator (McAfee ePO). Then they can enable the guest introspection service which is part of VMware tools in just one click and select clusters to protect. After this, all present and future hypervisors in the cluster are automatically protected!

Automated Policy Synchronization

MOVE AntiVirus automatically synchronizes policies created in McAfee ePO, a centralized console for managing McAfee solutions, with rules assigned in VMware NSX for a seamless user experience. VMware NSX Manager, the centralized management component of NSX, supports the concept of security groups and security policies. When a security policy is applied to a security group, NSX Manager takes care of policy assignment and reports the policy to the McAfee Virus SVM. Policy enforcement is then handled by McAfee ePO and the SVM. McAfee ePO exports all MOVE AntiVirus policies to NSX and also reflects the assignments done using NSX manager.

Automated Tagging of Vulnerable Virtual Machines

Discovering vulnerable virtual machines doesn’t haven’t to be a time consuming manual process. MOVE AntiVirus automatically tags vulnerable machines with no anti-malware protection or with malware for immediate quarantining through the VMware NSX firewall.

We hope that you see the value in automating virtualization administration and security administration to make your job a lot easier. If you’re interested in learning more click here.

About the Author

McAfee Enterprise

McAfee offers industry-leading cybersecurity solutions for all business and enterprise needs. See our blog to stay up-to-date with the latest security trends

Read more posts from McAfee Enterprise

Subscribe to McAfee Securing Tomorrow Blogs