Conversation with Stonesoft

I had the opportunity to speak with Laurie Douglas, Stonesoft's VP of marketing, and Greg Mead, one of Stonesoft's Sr. Software Architects, about the release of a new product, Stonesoft IPS (Intrusion Protection System).

I had the opportunity to speak with Laurie Douglas, Stonesoft's VP of marketing, and Greg Mead, one of Stonesoft's Sr. Software Architects, about the release of a new product, Stonesoft IPS (Intrusion Protection System). It was a fascinating discussion about how security can not be based upon a single point solution. It must be "baked in" to the thinking process on the creation of an entire environment regardless of whether it is physical, virtual or a combination of both.

Here's how Stonesoft describes Stonesoft IPS

The StoneGate Virtual IPS is a ready-made, easy-to-deploy virtual solution designed to protect virtual networks and servers from the most advanced and sophisticated attacks.  Designed to work in conjunction with the StoneGate virtual or physical firewall/VPN solutions, it protects vulnerable applications and operating systems from threats in the virtual environment.

StoneGate Virtual IPS, like all StoneGate appliances, is centrally managed with the StoneGate Management Center, which eliminates barriers, limitations and security compromises between virtual and physical networks.  This offers comprehensive visibility across all networks.  It also means the security policies can be consistently enforced throughout the entire network, bringing significant cost savings, flexibility and sustainability.

Additional key features include:

  • In-depth, intelligent event correlation of activity between IPS appliances to reduce false positives and negatives
  • Advanced blacklisting and whitelisting capabilities in conjunction with StoneGate virtual and/or physical appliances
  • Hybrid mode IPS uniquely operates in monitoring and/or prevention mode simultaneously on the same virtual machine
  • Certified for the VMware ESX platform and will support VMsafe technology
  • Flexible support for a wide range of architectures and virtual platform

Snapshot Analysis

I've long followed Stonesoft and have thought that their products appeared to be both powerful and easy to use.  I fully agree with the thought they express that security really is not a product that can be purchased. It is more of a way of thinking. Virtualization can add a level of complexity and can make a secure environment even harder to realize than in a totally physical environment. Furthermore, as the use of virtualization technologies make it likely that applications, application components and, perhaps, whole workloads may move from place to place allowing the organization to achieve needed levels of reliability and performance. Security must be one of the things software architects consider when they create these environments.