Securing virtualization in real world environments
Introducing Kaspersky Security for Virtualization
1. Introducing Kaspersky Security
for Virtualization
Be Ready for What’s Next
Ariel Martin Beliera
Sales Engineer | Strategic Latin American Markets - Kaspersky Lab
ariel.beliera@kaspersky.com
Skype Ariel.Beliera
2. What is Driving Virtualization?
Business Needs
Greater Higher Increased
Efficiency Productivity Agility
Reduced Improved IT
Competitiveness
Costs Control
PAGE 2
3. Virtualization Adoption Rates
94% 97% 25%
Global 500 Fortune 1000 Small Business
Source: Small Business Server Virtualization Roadmap, CDW, August 31 2011
PAGE 3
4. Expected Benefits
What is Virtualization Supposed to Bring?
Reduced
IT Costs
Faster OS
Disaster Migrations
Recovery
Centralized Stability
Management
Data
Security
PAGE 4
5. Threats and risks
The same as for physical machines
Signatures New Threats Every Day 70k
Malware 5,000,000
4,000,000
Malware in Kaspersky Lab Database Jan 2012 67m
Limited Visibility 3,000,000
Malware in Kaspersky Lab Database Jan 2011 50m
2,000,000
Management issues 1,000,000 Malware from downloads 1in14
1999 2001 2003 2005 2007 2009 2011
PAGE 5
6. Options for Virtual Protection
Option 1 Option 2 Option 3
No Protection Agent-based Agentless
PAGE 6
7. No Protection – Not an Option
Virtual Infection and spread
Virtual eavesdropping
Target of cybercriminals
Malware can survive “tear-down”
of non-persistent machines
“ A single compromised virtual
machine impacts the entire virtual
infrastructure.
”
Guide to Security for Full Virtualization Technologies
National Institute of Standards & Technology
PAGE 7
8. Agent-based Protection
Traditional Protection methods applied to VM
AV-Storm
Redundant anti-malware and
signature files AV AV
Instant On Gap
VM’s in Motion AV AV
Reduced consolidation ratios
AV AV
AV AV agent (Security Solution)
Applications (i.e. Office)
Operating System
PAGE 8
9. Agentless Protection
Kaspersky Security for virtualization
Works with VMware’s vShield
Endpoint
Anti-malware functions offloaded
Managed component of
Kaspersky
Security Center 9.0
PAGE 9
10. Kaspersky Security for Virtualization
Key benefits
Superior Protection, High Performance
Award-winning anti-virus engine
Unified management
No Anti-virus Storm issues
Immediate protection
Higher density ratios
Superior ROI
PAGE 10
11. Kaspersky Security Center
Centralized Management of combined environment
“Single-Pane” for administrators Broad platform coverage
Automatic recognition Intuitive deployment,
management
Physical, Virtual, Mobile
and reporting
PAGE 11
13. Advantages of Agentless Approach
CPU
No AV Storm
Memory savings
KES8: from 40MB up to 200 MB
Storage savings
Disk space and I/O (no Update Storm)
No impact on networking
Updates, events, etc. (travel inside the host)
14. Advantages and benefits
VM “density”
On unprotected ESXi host – 50 VMs
With Kaspersky Endpoint Security 8.0 – 12-18 VMs
With Kaspersky Security for Virtualization – 30-35 VMs
Persistent protection
New systems
Powered on / outdated machines
Easy support
Troubleshooting only one VM
No issues with incompatible software
Protected OS (hard to break into KSV appliance)
15. Protection for infrastructures of any size and complexity
Simplified Virtual Physical Mobile
Management Protection Protection Protection
Unified Under a Immediate Real Time Protects Lost
“Single-Pane” Protection Protection Devices
Solid Policy High Performance Powerful Controls Android,
Enforcement BlackBerry,
Maximized Broad Platform Windows, Symbian
Intuitive Density Support
Robust Reporting Virtual Aware
PAGE 15
16. Existing agentless offerings can be limited
Multiple Administrative Consoles (different for virtual and
physical infrastructures)
Low detection rates
Complex and long technical support procedure
PAGE 16
17. Recommendations
Don’t underestimate manageability
Choose unified solutions to protect both physical and virtual
environment
Find the right balance of security and performance
Combine «agent-based» and «agentless» protection methods
Don’t cherish illusions that virtual environments are more secure
than physical ones
PAGE 17
18. Get the right balance with Kaspersky
Kaspersky Security for Virtualization
provides agentless anti-malware
security for virtual machines, without
compromising performance.
Get the right balance with Kaspersky.
Security for Virtualization.
Be Ready for What’s Next.
kaspersky.com/beready
PAGE 18
19. Thank You!
Ariel Martin Beliera
Sales Engineer | Strategic Latin American Markets - Kaspersky Lab
ariel.beliera@kaspersky.com
Skype Ariel.Beliera
PAGE 19