The Altor Networks Virtual Network Firewall™ and Virtual Network Security Analyzer™
WHAT IS THIS TECHNOLOGY?
Virtual Network Security: Altor Networks is addressing a significant network security gap that exists in virtualized data centers. The bottom line is that virtual servers are prone to the same security vulnerabilities, threats and attacks as their physical server counterparts. But unlike physical server infrastructures that have defense-in-depth security measures operating at the perimeter, virtualized data centers do not enjoy equivalent traffic monitoring and analysis tools, let alone integrated firewalls and IDS/IPS systems that can be invoked on a per-virtual server basis. The highly dynamic nature of VMs makes this one of the greatest security challenges facing data center administrators today.
Altor Networks developed a new class of virtual network security solutions and the flagship products are the industry’s first Virtual Network Firewall™ (VNF) and VM traffic visibility and analysis system called the Virtual Network Security Analyzer™ (VNSA). Both are purpose-built to make virtualized data centers within enterprises, government agencies and large organizations in regulated industries more secure than their physical network infrastructures, Altor’s VNSA and VNF provide unprecedented visibility into virtual switch traffic and control over VMs. By locking down virtual networks, Altor’s VNSA and VNF solutions reduce VM vulnerabilities, eliminate the spread of rouge or infected VMs, improve operational efficiency and help customers meet increasingly stringent HIPAA, PCI and SOX regulatory compliance requirements.
As more servers are virtualized on multi-core systems capable of hosting dozens of VMs, CIOs and CSOs are beginning to recognize that securing the new access layer—the virtual switch running inside physical servers— is a strategic imperative. In view of the soaring adoption rates of virtualization in production data centers, Altor has a unique and considerable market opportunity to cost-effectively improve the security posture of organizations across a broad spectrum of industries.
Companies across every major industry are actively expanding virtualization deployments beyond test and development environments and into production data centers. That said, the many benefits of virtualization also introduce some fundamental security gaps into the data-center, namely a ‘blind-spot’ that makes virtual switch layer traffic ‘invisible’ and the enforcement of security policies for dynamic VMs using advanced capabilities such as VMotion® very difficult. Security best-practices for virtualized data centers must start with first lines of defense that include powerful inter-VM visibility tools and a virtual network firewall that can enforce policies on a per-VM basis.
This “virtualization security gap” can be traced to the shortcomings of traditional security solutions that include legacy firewalls, intrusion detection/prevention systems, operating system firewalls and VLANs. Aging firewalls and IDS/IPSs designed for static, perimeter-based physical networks, simply lack visibility into VM traffic and control over virtual networks—nor do they integrate easily with virtual environments. VLANs also lack virtual switch layer traffic inspection capabilities, are complex to manage, and restrict usage of VM migration tools like VMotion. And OS firewalls suffer from a lack of central management, inconsistency across differing operating systems and poor support for legacy OSes.
Altor’s Virtual Network Security Analyzer
Given the increasing adoption rates of virtualization, data center administrators must be capable of discovering inter-VM traffic for auditing, security and regulatory compliance. Altor’s VNSA delivers on these requirements by providing real-time visibility and historical views of virtual switch traffic though a centrally managed, comprehensive dashboard that integrates with existing virtualization management systems to import network, host and event information. The VNSA can also analyze virtual network traffic to identify application groupings to ensure relevant groups of users are accessing shared resources legitimately.
Unlike network security and monitoring solutions that are completely “blind” to inter-VM communications, Altor’s VNSA can alert data center administrators to security vulnerabilities and operational problems through the discovery of:
Port scans, tunneling, insecure and unwanted protocols
Configuration anomalies due to external DNS and NTP access and DHCP auto-configuration errors
Multicast and broadcast service announcements that can erode network performance
Optimize VMotion/DRS by grouping VMs based on network usage
User defined groups to monitor access to business-critical resources
Report generation for regulatory compliance
Conclusion: As organizations take advantage of consolidating physical servers running multiple ‘virtual machines’ to save capital costs, free up precious rack space and make server deployments more flexible, they are also well aware that virtual servers are just as susceptible to security vulnerabilities as physical servers. As a result, they are proactively applying Altor Networks’ virtual network traffic visibility tools to help understand what applications are communicating on an inter-VM basis to detect and isolate unusual traffic and configuration anomalies, as well as weed out unwanted protocols and connections to thwart potential vulnerabilities. Plus, they can track the movement of individual VMs being created, deleted or moved within the data center to bolster our security posture for this dynamic environment.
702 Marshall Street, Suite 614
Redwood City, CA 94063