PacketSentry Virtual Probe monitors and controls access to sensitive data

Enforcing application and identity aware policies in a virtual environment

PacketMotion recently launched PacketSentry Virtual Probe, a tool designed to monitor activity, detect use that goes beyond what is allowed by the organization's policies and prevent malicious usage patterns.  As organizations increasingly deploy virtual solutions, a focus on security in those environments is an absolute requirement.

What PacketMotion has to say about Virtual Probe

PacketMotion™, the leading provider of User Activity Management (UAM) solutions, today announced the release of the PacketSentry Virtual Probe, which extends PacketMotion’s comprehensive security solution to virtual and cloud environments. The PacketSentry Virtual Probe monitors and secures access to sensitive data in VMware® clusters by delivering PacketSentry’s application and identity-aware solution as a guest VM that does not require administrators’ knowledge of IP addresses and with minimal resource impact. Applications monitored include databases, fileshares, web applications and document management, among many others.

Architecture and Licensing Model Enable Efficient Activity Monitoring in Virtual Hosts The PacketSentry Virtual Probe solution dramatically changes the security capability in the virtual environment. It delivers a low-overhead virtual appliance that:

  • Implements multiple controls in a single application
  • Runs as a guest VM that consumes just 3-5 percent of the host’s CPU
  • Reacts to transaction patterns without the need to know specific IP addresses
  • Is priced based on number of VMs monitored, independent of VMware deployment architecture
  • Automates deployment of identity-based policy in the virtual data center

The PacketSentry Virtual Probe was built as an easy-to-install and workload-efficient addition to the virtual environment. Since the Virtual Probe consumes little server CPU, memory, and I/O resources, it can be deployed ubiquitously across servers and blades in the virtual data center for complete data protection. PacketSentry’s advanced decode and application analytics provide an unparalleled tool for auditing and controlling application and virtual network behavior.

The PacketSentry Virtual Probe supports separation of duties by giving security and network teams – which are responsible for meeting compliance regulations and protecting intellectual property – a solution for audit and control in the virtual data center, an area typically owned by server teams. Now, security teams can monitor virtual server administration activity and policy enforcement within the virtual servers, and can enforce or change policies on their own.

Snapshot analysis

There are a number of suppliers that have spoken to me recently about their solution to access management, access governance and a few other catch phrases. I believe this is because some organizations have not really incorporated security and access management into the architecture of their applications. So, it necessary to wrap their workloads and applications in a virtual security environment.

A number of suppliers have identified the problem and have brought products to market that are designed to solve the problem. PacketMotion has coined the phrase "User Activity Management" to describe their version of this concept.

What I found most interesting is their focus on making the solution easy to use, easy to understand and making it use as little machine resources as possible. Other solutions are not as "light on their feet" as PacketSentry.

While PacketSentry Virtual Probe appears to offer a number of valuable capabilities, it is going to be challenging for PacketMotion to get the attention of busy decision makers. The company is competing with suppliers such as BMC, CA, HP, IBM, Microsoft and others who all claim to have similar capabilities.

If PacketMotion can get decision makers to actually see PacketSentry Virtual Probe at work, many will be won over.