Free security for VM computing within the cloud

by Steve Ragan - Mar 2 2009, 17:00

Here’s something useful for those companies who run virtual machines in public or private cloud environments, free layered security. As more and more companies shift to a virtual environment and place some of those environments in the cloud, such as using Amazon’s EC2, the need for security increases. Here are some tools that can help.

Third Brigade, the company who brought you Deep Security 6, offers a free tool for up to 100 virtual machines that layers Firewall, IDS, integrity monitoring and log inspection tools in to a single agent. Third Brigade’s VM Protection offers easily implemented layers for VM isolation and protection. It integrates with vCenter Server, offering up centralized management, and has out-of-the-box setups for Windows and Linux servers.

The goal is to offer additional protection for the server on which VMs are running and the applications running in VMs when multiple VMs from different organizations are deployed together on the same server.

“Whether businesses want to expand their IT infrastructures into internal private clouds or leverage off-premise compute clouds, combining the VMware platform with partner security solutions like those offered by Third Brigade gives them the flexibility and comfort to deliver business-critical applications when and where they want, while enhancing IT agility and security,” said Wendy Perilli, director of product marketing at VMware.

In addition to the tools offered by Third Brigade, there are other free resources available as well. Each one of them is worth a look.

The Catbird Compliance Enforcer – CCE conducts analysis of all virtual machines, virtual networks and the hypervisor management network itself, quarantining questionable machines and traffic, and generating reports on anomalous conditions that would be in violation of established regulations. (HIPAA, FISMA, GLBA, SOX, etc.)

Tripwire ConfigChec - A free utility to assess the security of your VMware ESX host configurations, according to the VMware security hardening guidelines.

While not directly related to security, one handy tool is SolarWinds VM Monitor. This monitor gives an awesome amount of information as it monitors ESX Server and its virtual machines. As you move to deploy VM systems, make sure you are using this to monitor them all.

Around the Web