‘Ideal’ Virtual Machine licensing model and coordinated approach jump Third Brigade ahead
Virtualization is being rapidly adopted for green IT and server consolidation initiatives, but software licensing models are lagging behind, and security is still an open debate. Third Brigade, a security software company specializing in host intrusion detection and prevention systems (IDS/IPS), today announced a new licensing model designed to address the accelerated adoption of virtual environments and help customers achieve the lowest total cost of ownership for virtualization security.
Promoting adoption of the highest level of security, Third Brigade licensing now allows for an unlimited number of virtual machines to be protected per physical server. Third Brigade also introduced a new, coordinated approach to intrusion defense for virtualized environments that will deliver better data protection than can be achieved by virtual security appliances.
“Two years ago we began consolidating our mission-critical data center servers into virtual environments. Because we manage sensitive employee data for our Fortune 100 enterprise customers, security is always a top priority,” said Mike Gioja, CIO, Workstream. “Since the beginning, Third Brigade has been delivering virtualized security to our data centers. This approach enables us to scale while keeping security at the forefront of our customer solutions. In addition, Workstream gains a competitive advantage over the security and virtualization architectures I have seen from other vendors.”
When asked why Third Brigade’s approach to virtualization security is better, Wael Mohamed, President and CEO, Third Brigade said, “The biggest threat left exposed by omitting virtual machine-based security, or relying solely on virtual security appliances, is the potential for one compromised virtual machine to be used to launch an attack against another virtual machine. An appliance or gateway model can’t see, and prevent, the malicious traffic between the VMs; Third Brigade can.” Mr. Mohamed continued, “We also believe sophisticated security coordination will be required between a security agent on a virtual machine and a security agent leveraging the VMsafe APIs, when they are available. We have created an attractive licensing model that will enable customers to take advantage of these advanced features.”
“An ideal licensing model for virtual environments offers choice, and does not impact mobility or inflate costs,” said Chris Wolf, Senior Analyst, Burton Group. “Key to the success of an ideal licensing model is the ease of compliance. License management complexity and total cost of ownership should be a factor in all software purchasing decisions.”
Third Brigade customers that have already embraced virtualization are deploying over 10 virtual machines (VM) per physical server. The new licensing model helps accelerate mission critical virtual deployments and removes any barriers to delivering best-of-breed security capabilities to every VM by allowing an unlimited number of VMs to be protected per physical server. For customers that are moving to, or have mixed physical and virtual environments, Third Brigade licenses are portable as a server is transitioned from the physical to virtual world. Pricing is also available for individual virtual machine instances for enterprises that have unique security requirements.
According to the CIO of Harvard Medical School, John Halamka, “Virtualization is a double-edged sword when it comes to healthcare. We need it for our green IT initiatives and it keeps costs down, but it re-opens vulnerabilities that we had already addressed in the traditional, physical world.” Mr. Halamka continued, “We’re exploring the use of Third Brigade security to protect our virtualized environments. Putting protection on individual virtual machines and coordinating security with agents built using new VMsafe APIs that plug into the hypervisor will ensure our virtualized servers are well protected.”
Through hundreds of discussions with customers, prospects and industry experts, Third Brigade recognized that green IT and consolidation cost savings are driving virtualization, but there has been hesitation to move mission critical systems to the potentially insecure virtual world. The February, 2008 announcement of the VMsafe APIs from VMware has improved overall confidence that the security market will be able to meet the future security requirements of virtualized systems; however, VMsafe technology will only be available in a future release of VMware Virtual Infrastructure products. Enterprises and governments want a security solution today, that will help them transition to a fully-virtualized environment in the future, with cost certainty.
Third Brigade’s coordinated and adaptive approach for data center virtualization protects virtual machines today, and is ready to take advantage of VMware’s VMsafe APIs when they are available in the future. This virtual intrusion prevention system offers a multi-layered approach that protects virtualized environments in a way that offers greater security than that delivered by virtual security appliances—such as protecting against encrypted attacks. Sophisticated security coordination will ensure maximum protection, optimal performance and coordinated reporting for your virtualization security deployment.
At the RSA Conference, April 7-10 in San Francisco, attendees will be able to visit Third Brigade’s booth to see a demonstration of a VM to VM attack in progress, and watch as Third Brigade’s virtual intrusion prevention system is used to detect and prevent the attack that is attempting to exploit vulnerabilities in the operating systems and applications running on virtual machines.
Download Third Brigade white papers and solution profile on virtualization security.
About Third Brigade
Third Brigade best-of-breed host intrusion defense systems protect critical data and applications, including those on virtual machines, from attacks that bypass or penetrate network defenses, and target vulnerabilities in operating systems, and enterprise and web applications.