Welcome!

Security Authors: Adrian Bridgwater, Sharon Barkai, Imran Akbar, Elizabeth White, Lori MacVittie

Related Topics: Virtualization

Virtualization: Article

Apani Launches a Security Solution for Protecting Virtualization Environments

EpiForce VM Enables Enterprises to Fully Deploy Server Virtualization and Realize the Benefits It Offers

Apani announced the launch of EpiForce VM, the single-platform security solution for protecting both virtual and physical machines.

Enterprises are deploying server virtualization to realize benefits associated with increased operational flexibility, improved utilization, avoidance of unplanned downtime and a reduced carbon footprint. The rush to virtualize has caused many to overlook security best-practices common in a physical environment. According to Gartner, through 2009, 60 percent of virtual machines used in production will be less secure than their physical counterparts. While the benefits of server virtualization are clear, security challenges force enterprises to make trade-offs between broad deployment and security that is robust enough to protect their business. By offering robust virtual and physical machine security, EpiForce VM enables enterprises to fully deploy server virtualization and realize the benefits it offers.

Apani EpiForce VM is a software-based alternative to security appliances that operate only in a virtual environment and to internal network firewalls and VLANs used for physical segmentation within the corporate network. The concept behind EpiForce VM is to enable a single platform that isolates both virtual and physical servers, endpoints and business-critical data into logical security zones, regardless of their platform or physical location on the network. Communications between these zones is strictly controlled by authentication of all machine-to-machine traffic and selective encryption based on policy.

"To exploit virtualization to its fullest, and become vastly more agile in responding to changing business requirements and opportunities, IT needs to embrace security tools that can fully cope with servers that move from place to place within or among data centers, that change MAC and IP addresses along the way, and that may exist for only a few hours at a time," said John Burke, principle research analyst, Nemertes Research.

"The challenge today is that physical solutions like VLANs and internal network firewalls are based on physical connections and don't mesh well with virtualized servers," said Scott Ferguson, vice president of product management at Apani. "And addressing server virtualization security as if it were a separate network adds yet another layer of management, which negates one of the reasons for deploying server virtualization in the first place -- operational flexibility."

EpiForce VM uses on-demand policy distribution to offer enterprises the ability to manage and deploy policy to thousands of virtual or physical servers and endpoints with no impact to the network, application, or user. EpiForce VM offers a centralized management console that enables a consolidated view to manage all EpiForce VM-protected machines -- whether they are virtual or physical, without regard to their physical location on the network. Persistent security allows administrators to utilize VMotion or Virtual Center to migrate EpiForce VM-protected virtual machines from one physical host to another with no disruption of security policy, minimizing unplanned downtime and maximizing operational flexibility.

EpiForce VM offers enterprises running VMware ESX Server 3.0 many benefits, including:

  • Protect virtual machines and physical servers and endpoints with a single solution
  • Manage all EpiForce VM-protected machines through a single management console, regardless of platform or physical location and without the need to reconfigure the network
  • Migrate virtual machines using VMotion or Virtual Center without compromising security policy
  • Protect virtual machines from vulnerabilities introduced through VM sprawl
Other EpiForce VM features include:
  • Cross-platform support secures complex, heterogeneous environments
  • Network layer transparency offers deployment in days rather than months
  • On-demand policy distribution deploys policy to tens or hundreds of thousands of machines without impacting network performance
  • Distributed architecture eliminates bottlenecks and single points of failure
  • Manage policy from virtual or physical administrator consoles – or both
  • Robust audit, logging and reporting enable full administrator visibility
  • Role-based delegation of administrative privileges accommodates almost any organizational process

"The industry is rushing toward virtualization and many vendors are rapidly introducing virtual-only point products," continued Ferguson. "We made a strategic decision based on the reality that enterprises have a mix of legacy systems, virtualized servers and everything in between. We offer a more practical approach -- the same, simple-to-use security application, any platform, any location. It's the way securing a virtualized environment should be."

Committed to the industry movement toward virtualization, Apani is part of the first group of companies to be selected to participate in VMware VMsafe Developers Program. The VMsafe Developer's Program consists of  high technology companies building a new class of open, interoperable and cross-platform innovations for virtual machines. Apani is also a member of the VMware Technology Alliance Partner (TAP) program as a Select Partner.

More Stories By Virtualization News

SYS-CON's Virtualization News Desk trawls the news sources of the world for the latest details of virtualization technologies, products, and market trends, and provides breaking news updates from the Virtualization Conference & Expo.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.