News

eIQnetworks Adds Protection of Virtual Services to Security Product

• By Dian Schaffhauser
• 10/09/09

eIQnetworks has updated SecureVue, its security, log management, and compliance product, to address security in virtual and cloud computing environments. Version 3.2 integrates with VMware-based hypervisors to receive information from virtual hosts, which can be used to evaluate IT security.

SecureVue allows the administrator to analyze multiple network sources, including logs, vulnerabilities, configuration, asset, availability, netflow, and other security-relevant data from network devices, security devices, and servers, to gain a view of the overall state of network security and to monitor compliance to regulatory and institutional policies. According to the company, the new features provide visibility into a number of issues that are unique to virtual servers and cloud computing environments:

• Identifying virtual machines: SecureVue can now identify virtual machines and provide a picture of which virtual machines are operating on various physical hosts. This identification is necessary to remediate the virtual machines if evidence indicates they're vulnerable to attack or being targeted.
• Managing configuration information from virtual machines: SecureVue monitors that virtual machines are configured according to enterprise and/or best practice policies and can create reports on the configuration of virtual machines, in the cloud, in the same manner as for physical machines. The data from cloud infrastructures can be included in all standard or custom SecureVue dashboards and reports.
• Correlating data from virtual machines to identify malevolent activity: SecureVue can identify vulnerabilities or evidence of an attack on virtual machines within the cloud based on a view of overall network activity.

"You've got hybrid applications, a hybrid technology stack--some in the control of the premise, within the data environment; then you've got other stuff that may be served up within the business partner or a private or public cloud service," said Mike Rothman, senior vice president of strategy, in a podcast posted to the company's blog. "End to end, who has control of that data, what's being done, are there specific attacks happening? That's going to be the aspect of success or failure within any type of cloud computing environment."