Now that the VENOM vulnerability has been dealt with, it’s time for technologists to seriously consider how ready they are for virtualization security.
Especially if you’re working in an organization with a significant investment in the cloud, this is one area you can’t afford to ignore any longer.
The VENOM vulnerability was discovered last May in an old string of code used in a majority of modern day virtualization hardware. The glitch allows an attacker to login to a virtual machine from the front door (e.g. buying space on AWS) and then “escape,” gaining code execution ability on the host, as well as any other VMs operating on that machine.
And while the threat was neutralized almost immediately with a series of patches, the story underlines a sad state of security in the virtualized world. As is the case with all major technological advances, security has lagged behind for years in the world of virtualized computing.
And it’s the IT department – not a lack of technology – that is to blame for the hold up.
Nearly 75% of organizations running virtualized environments have not deployed a security solution specifically tailored for virtual environments, according to a 2014 global survey conducted by Kaspersky. Just think of how much of our daily computing needs rely on cloud infrastructure, and that figure becomes quite alarming.
In a blog post detailing all the approaches to securing virtual workloads, Eugene Kaspersky, CEO of his namesake company, highlights what seems to be a confusion throughout the industry about how to best tackle this situation:
“To protect or not to protect virtual machines – that was the question…
But the more crucial question [now] is how to protect,” he said. (Emphasis added)
So what can you do?
The first thing to note is the many of the traditional, agent-based antimalware products are not well suited to virtualized environments. This, pehaps, is what has slowed down adoption.
Virtualization is all about maximizing the utilization rates for the IT infrastructure — in order to maximize return on investment. But agent-based antimalware products usually require the antivirus software and signature database to be installed on every virtual machine, which soaks up resources, and therefore partly defeats the object of virtualization.
Which is why one approach that accomplishes your strategic goals while keeping your VMs safe is to install an antimalware product tailored exclusively for virtualized environments.
Enter Kaspersky Security for Virtualization
When speaking with our clients, Softchoice often suggests Kaspersky’s security solutions for virtualization. While it’s not the only solution, it stands out for a number of reasons.
For one, Kaspersky Security for Virtualization (KSV) is built to stay lean. It protects virtualized IT environments as either an agent-less or “light agent” anti-malware solution. This a more efficient way to protect your virtualized infrastructure — with greater performance and less impact on virtualization density.
The Agentless solution is VMWare only and works best for server scenarios such as data centers. It requires no deployment to VMs and provides best performance. Light Agent, while requiring a deployment of a small agent to every VM, is vendor-agnostic and brings full stack of Kaspersky security technologies to virtualization domain, allowing efficient application in VDI scenarios.
Another really important factor in choosing KSV is its seamless integration with VMware, the most popular of the virtualization providers. Kaspersky often touts its industry unique position of having the only solution built specifically for VMware.
Although it does work with the other major providers, too.
Want to find out more about Kaspersky Virtual Security or virtualization security in general? Our team of agnostic experts will make recommendations on your needs.
Feel free to also attend one of Kaspersky’s weekly demos. The webinar will give you a chance to ask your questions about virtualization security and the specifics around the KSV solution. Sign up here.