Virtualization – Securing the Future Name/Title
Virtualization is the Future Server virtualization is the 'killer app' for the datacenter and has forever changed IT operations.” Michelle Bailey, IDC "Virtualization is having a huge impact on infrastructure architectures, processes and operations, people and skills, and the business. It is the most important and impactful trend in infrastructure and operations through 2012 - changing how you manage, how/what you buy, how you deploy, how you plan, how you charge.“ Dave McClure, Gartner
What is Virtualization? • Separation/decoupling of application environment from hosting computing, network, and storage hardware • Logical resource different from physical • Liberates single hardware piece (i.e. a server) to support multiple applications • Computer virtualization: one computer acts like multiple • On a desktop: Virtual PC, VMware Fusion, Parallels, etc. • On servers (“virtual infrastructure”): VMware vSphere, Microsoft Hyper-V, Citrix XenServer
Snapshot of the Virtualization Market Total System Infrastructure Software (SIS) market accounted for: • $85B in revenue for 2010, up 9.7% from $77.5B in 2009 • VMware has 29.87% SIS market share by revenue (50-60% of virtual infrastructure) • >40% of x86 architecture workloads virtualized on servers • Installed base projected to grow four-fold from 2010 through 2015
Virtual Networking: How VMs Use Networks • Some physical – multiple VMs per physical NIC • Some private – no physical net • Can be used to increase security without adding infrastructure
Improves Operational Efficiencies Vastly improved server utilization rates
Bolsters Data Back-up and Disaster Recovery Less Down Time A system may be copied to a remote location, permitting businesses to consolidate data centers at another data center
More Agile Business and Technological Flexibility • Minutes Provisioning of a Traditional Server Provisioning of a Virtual Server
Implementation of Virtualization by Small Businesses 70% Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.
Security Implications of Virtualization Virtual Network Physical Network Host VM 1 VM 2 VM 3 VS Hypervisor Firewall sees & protects all traffic between servers Physical security is blind to traffic between virtual machines
Unprotected Virtual Machines Make Bad Neighbors Increased reliance on virtualization reawakens need for virtual security WatchGuard: From Prediction to Protection
Virtualization Spurs New Security Modalities "The adoption of server virtualization within wiring closets and data centers at organizations of all sizes and the rollout of infrastructure to deliver IT services in the cloud is driving significant change in the technical requirements for security solutions, presenting unique challenges... These challenges represent key drivers for the virtual security appliance market and reflect why the market is growing so fast," Jeff Wilson, principal analyst for security at Infonetics Research.
Small Businesses Still Harbor Virtualization Concerns Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.
Service Providers Investing in Virtual Network Security Top Drivers #1 #2 #3 Infonetics Research, “Service Provider Security Drivers, Spending and Vendor Leadership: Global Survey. Dec. 2011.
How Organizations Assess their Management of Cloud Server Security Managing Firewall Risks in the Cloud: Survey of U.S. IT & IT Security Practitioners. Independently conducted by Ponemon Institute LLC. Sponsored by Dome9 Security. November 2011.
Virtual Servers Deployed by Small Businesses that are <40% Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.
Visibility of Virtual Networks is Key “…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you'd use on a physical server, inside that network, you don't see what's going on." Neil MacDonald, security and infrastructure analyst at Gartner.
The VMware vSphere Hypervisor Environment • Most widely deployed virtualization platform • Broadly utilized by public cloud service providers, enterprises, small and medium-sized businesses • Foundation for growing virtual desktop (VDI) market • Installed base encompasses 250,000+ customers worldwide • Over 1,400 ISVs support 2,500+ applications running on vSphere • Over 5,100 global service providers leverage vSphere as foundation for their public cloud services
Diagram of vSphere in the Enterprise Source: Hany Michael . http://www.hypervizor.com/diagrams/
XTMv: Securing the Future • XTM functionality as a vSphere-compatible virtual appliance • First release based on XTM Fireware 11.5.2 • All bundles and unbundled services available • No crypto acceleration, FireCluster • “Shipped” as a downloadable vSphere-compatible Open Virtual Appliance (OVA) format file • Serial number delivered via email fulfillment
Why XTMv? • Deployed as a vApp • VM conforming to DMTF Open Virtualization (OVF) standard • Supported on servers and networking equipment on VMware vSphere Hardware Compatibility List • Supports rapid deployment • Can implement security policies on: • Inside vs. outside basis • Between organizations or applications within same infrastructure • May easily be preconfigured and deployed with the virtual machines that serve multi-component applications • Users/Customers may manage a combination of XTM and XTMv appliances from single management server
Securing Multiple Customers with XTMv • Multiple XTMv instances can be deployed on industry-standard servers at perimeter OR within DMZ • Administration via web interface or multi-device WatchGuard System Manager
Physical XTM Device Offers Complementary Security Placement at perimeter protects from major external threats
XTMv Leverages same Award-Winning Security & Business-Enablement Capabilities as WatchGuard XTM Physical Devices
XTM Cornerstone – The Application Proxy An Application Proxy checks Source IP, Destination IP, Port, Protocol If a matching rule (or service) is found: The proxy then performs deep inspection on the content of the packet, including application layer data. This is the key to finding threats that OTHER FIREWALLS MISS! Packet Reassembly – since 1996
Managing XTM Solutions: Flexibility Choose from three user interface options: Administer your way Command Line Interface WatchGuard Systems Manager Interface Web Interface
XTM Multi-Box Management Saves Time Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy because it is all very logical and straightforward. Francis Lim, IT Manager, Eurokars Group Align security policies across an organization – or apply modifications between boxes Simultaneously manage from 2 to 100’s of boxes Can manage both XTM and XTMv
Suite of tabbed tools deliver information needed to monitor and react to network status Take instant remediative action, such as adding a site to a blocked sites list Real-Time Visibility & Reporting Monitor network traffic in real-time. Real-time monitoring lets you take instant action to protect your network. 65 pre-defined reports included. Drill-down for the data you need — when you need it.
XTMv: Defense-in-Depth • Virtual Appliance • Antivirus • IPS • RED • Application Control • WebBlocker • spamBlocker • Live Security
Industry-Leading Value “The company is strong, the products able, and the pricing can’t be beat.” Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.
Why WatchGuardXTMv Wins I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected. Lucas Goh, Head of IT Operations for Asia, Berg Propulsion
Moving Security Forward with WatchguardXTMv "This beta release [WatchGuardXTMv] has me very excited. The virtualized XTM solution allows us to spin up virtualized firewalls that leverage our high performance and highly available, x86/x64 infrastructure. XTMv provides us with scalable access control solutions to protect specific virtual machines and make our cloud offerings a reality.“ James Bender, Director of Technical Services, MCA “Best-in-class” security for comprehensive protection Protection for physical and virtual infrastructures Recognized security “Trend Setter”, industry “Champion”, and “Leader” Real-time monitoring, 65 reports included Intuitive set-up wizards Multi-WAN support Market-leading value