My travel this month just about made it impossible for the good folks at Altor and me to find a workable time for a review of their newest product, Altor V4. After chatting with them, it became clear that it was worth the wait.
One approach is to simply put the entire network behind a firewall. While this approach offers the benefit of being simple to install and manage, it may not prevent internal security challenges; that is that is may not deal with virtual server to virtual server network traffic within the datacenter.
Another approach is to install security software on each physical and virtual server. This approach is certainly more comprehensive, but also creates a great deal of overhead, license management issues, and, of course, the problem of making sure that polices are set properly for each and every instance of the security software.
If an organization is deploying workloads in an Infrastructure as a Services (IaaS) environment, it is possible to install security software on each and every physical or virtual server. This, of course, brings us back to the very same issues seen in virtual environments.
What's new in version 4 of Altor's product is that the company is offering its security software encapsulated in a virtual machine. It also helps protect against attacks targeting the hypervisor as well.
Altor V4 is VMware VMsafe Certified and can protect each virtual server and the hypervisor. Their product secures these virtual servers even if they've migrated somewhere else. It also detects new virtual machines as their started up. Furthermore, the software is also tightly integrated with Juniper's physical network security as well.
Is Altor offering the best solution for your company? The only way to really know is to contact these suppliers and learn how each would address your security requirements.
Altor's approach is certainly worth an examination.