Virtual Security Gets a Boost

• By Dian Schaffhauser
• 04/21/08

How secure is your virtual environment? Recent US-CERT Cyber Security Bulletins list several vulnerabilities for versions of software from VMware that allow attackers to cause denial of service attacks, generate buffer overflows, expose password logging and gain unauthorized privileges that can be used to hijack processes. The exposures have been addressed in patches by the company, but concern has been growing that virtual machines may get less security-related attention from IT staff than physical boxes.

Reflex Security, which develops virtual security software, has enhanced access control functionality and device visibility in its Virtual Security Appliance (VSA). VSA discovers virtual assets and maps them so users can attain a visual view of the virtual infrastructure that is being secured. The new functionality, expected in the next couple of months, will allow users to drill down into the virtualized network infrastructure.

The software profiles the virtual network state, assets, services and communication flows dynamically and provides anti-virus, anti-spyware, network discovery and network policy enforcement services. VSA supports VMware ESX Server, XenSource and Virtual Iron.

"Reflex VSA's ability to expose the virtual network to the security manager and protect it from threats is a proven asset, and the first of its kind in the industry," said Hezi Moore, CTO of Reflex. "Our development is building upon VSA's visibility functionality to add virtual server access control which will invoke permission-based controls for users that can add or remove virtual machines and virtual network components."