Security for virtual environments from the Catbird Seat

Alright, the title is a bit of a stretch. What can I say, I love bad puns.

I spoke with my friends from Catbird after VMworld and have only now found the time to post something about that conversation. Bad Analyst! Go to your room!

Their technology is pretty interesting and appears simple to install and use.

Catbird launched V-Security 2.0 and here's how they describe it.

Catbird's flagship V-Security solution is a non-invasive and comprehensive Service Oriented Architecture (SOA) for virtual and physical networks. V-Security's cross-platform coverage includes Rogue VM Quarantine, Network Access Control (NAC); Sprawl Management and Control, Intrusion Prevention (IPS) and Intrusion Detection (IDS); Policy Compliance and Enforcement; Vulnerability Monitoring; and Auditing Compliance.

Catbird correlates security events across multiple clusters and data centers of virtual or physical machines. Unlike conventional host-based solutions, stateful appliances and proprietary hardware solutions, Catbird's unique, stateless architecture is fully SOA and cloud-based; 100% plug-and-play; web-enabled; and architected to have minimal impact on the virtual environment itself.

With the release of V-Security 2.0, Catbird incorporates customer-driven features such as:

• TrustZones(TM) - Better-suited to virtual environments than firewalls, TrustZones are a logical grouping of VMs which share a pre-defined, common set of policy and compliance rules, independent of physical host. Compliance is enforced even through "VMotion". TrustZones can prevent VMs from communicating in or out of a Zone or even within a given Zone. Example customer applications of TrustZones include a HIPAA scope or a Finance Team scope. Zones may include a mix of virtual and physical devices. TrustZones guarantee member VMs stay in compliance no matter where they are located or may be migrated.
• Catbird Control Center (C2C) is the management console for all Catbird security services. Completely SOA, the C2C supports SOAP, WSDL and XML data integration and exchange with third party IT management, help desk and work flow automation applications such as McAfee's ePO(TM). The Catbird Control Center provides a forensic archive of all change and security events in VI required for auditing and compliance, as well as built-in management reports. It is a "single pane of glass" for physical and virtual security and is multi-tenant for centralized management.
• Network Flow Data Analyzer and Logical Map provides a graphical representation of traffic and utilization on the virtual network, detailing which VMs are communicating with each other, whether that traffic is authorized (or quarantined) and correlation with other security events.
• Compliance Reports - Adding to existing strong reporting options from high-level summaries to deep drill-downs, Catbird V-Security 2.0 now also integrates with third party reporting dashboards to provide a cohesive view of the infrastructure.
• Updated Sprawl Control now features more specific data from the VIC.
• Event Tracking -Catbird monitors for over 100 events on the virtual network, leading to more precise IT administrative decisions and a fine-grained picture of the security posture of the whole virtual data center.
• OVF-compatible

Snapshot Analysis

Security is one of those issues that doesn't get enough attention in many quarters. Often IT decision makers ignore it until either they or one of their close friends suffers the effect of a security failure. The challenge many face once they are aware of the issue is where to begin. It would be easy to load up systems (virtual and physical), networks, and even storage with layer upon layer of security. While that might increase the level of security, it is most certianly going to reduce the performance while increasing the overall complexity of the environment.

Catbird and a few other suppliers have seen that controlling the network is a good place to start. After all, if an application or system (physical or virtual) is not allowed to communicate, worms, viruses and the like they harbor will be controlled. Catbird's approach is clever and offers minimal impact on system or network performance.

What's nice about Catbird is that they make it possible to download and test their solution without making the pilot project a budget buster.