From the Catbird seat - VMshield 2.0
Security in virtual environments can be a difficult issue. Keeping track of all of the different things happening and making sure that functions and services are only used properly and by the proper people can be too much to handle. Catbird has been offering products designed to protect virtual environments for quite some time (see Catbird launches Pocket V-agent and Security for virtual environments from the Catbird Seat for more information Catbird). This time, they've enhanced VMshield by adding three new capabilities.
Here's how Catbird describes their new offering
Catbird, the pioneer and leader in security and compliance solutions for virtual and physical networks, today announced the immediate availability of VMShield 2.0® with V-Tracker™. VMShield 2.0 leapfrogs legacy virtual firewall technology to enforce compliance and policy of both network and VM state, regardless of location or movement of VMs. With V-Tracker, VMShield 2.0 combines proven virtual machine tracking capabilities with in-depth monitoring of suspect activity on the network itself; preserves policies across hosts, clusters and vendor platforms; and automatically blocks out-of-policy or compromised VMs from breaching data center security.
VMShield 2.0 with V-Tracker is the latest innovation in Catbird’s comprehensive line of cross-platform, non-invasive security solutions for virtual and physical networks. Catbird’s encyclopedic Virtual Infrastructure Security Engine (VISE™) correlates hundreds of machine attributes with access control, network segmentation, vulnerability and IDP security events for both virtual and physical machines, across multiple clusters and data centers, to deliver broad asset awareness and defense-in-depth. Moreover, VMShield’s internal or external cloud-based platform with stateless monitoring enables unprecedented visibility and control to track virtual machines across clusters and detect and thwart potential security and policy violations before they escalate to a breach.
Catbird V-Tracker uniquely fingerprints each VM it tracks, even through virtual machine mobility. In combination with Catbird’s ground-breaking TrustZones™ policy enforcer, these machines stay monitored and protected via the Catbird Control Center, validating and enforcing policies for all VMs within a given TrustZone. Catbird’s automated quarantine mechanism instantly shuts down non-compliant virtual machines. The architecture is designed with maximum flexibility and portability to allow for cross-host and cross-platform coverage and ease of use.
VMShield 2.0 delivers a highly-correlated approach to virtualization security, a key capability for TrustZoneTM enforcement and data protection. At its heart is the Catbird VISE, enabling intelligence and protection not possible with simple virtual firewall technology and which goes well beyond simple segmentation and ACLs, including:
- Real-time intelligent state and VM activity monitoring that detects off-policy changes from both VMware-specific controls and network sources based on user-defined policies.
- Intelligent packet filtering and deep packet inspection to detect suspect communication with VMs anywhere on the network or to ferret out contact with external risks such as malware and botnet command and control centers.
- Automatic quarantine and virtual infrastructure controls to prevent rogue or misconfigured VMs from breaching data center security or leaking data to the Internet.
Snapshot analysis
The traditional leaders in security software along with many startups are trying to be the "go to people" when it comes to security in a virtual world. Each has its own agenda, of course. Catbird has taken one of the more innovative approaches, that is monitoring network traffic to dynamically learn what is happening on the network. This non-intrusive approach means that it is not necessary for organizations to install clients or agents on every physical system and in every virtual machine. It also means that Catbird has the capability of securing the environment even if other forms of virtualization, such as access virtualization or application virtualization are deployed as well as virtual machine software.As with other smaller players in this market, Catbird has a limited budget for creating awareness of them and their products. Without that base level of awareness, it would be somewhat difficult to generate broad levels of interest and then lead some of those who are interested to decide they need what Catbird is offering and then take action to try it out. Catbird has a very interesting, easy to install product. Partnering with larger companies offering professional services might help them get in the door in some places. I could also imagine a number of "viral marketing" programs that would increase attention through humorous videos.
If they apply the same level of creativity to their marketing efforts as they have applied to architecting their solutions, I could easily see them being found in the IT infrastructure of many more organizations.