Virtualization – Securing the Future

Name/Title

Virtualization is the Future

“Virtualization is having a huge impact on infrastructure architectures, processes and operations, people and skills, and the business. It is the most important and impactful trend in infrastructure and operations through 2012 - changing how you manage, how/what you buy, how you deploy, how you plan, how you charge.“ Dave McClure, Gartner

“Server virtualization is the 'killer app' for the datacenter and has forever changed IT operations.” Michelle Bailey, IDC

What is Virtualization?

• Separation/decoupling of application environment from hosting computing, network, and storage hardware Logical resource different from physical Liberates single hardware piece (i.e. a server) to

support multiple applications

• Computer virtualization: one computer acts like multiple• On a desktop: Virtual PC, VMware Fusion, Parallels, etc.• On servers (“virtual infrastructure”): VMware vSphere,

Microsoft Hyper-V, Citrix XenServer

Snapshot of the Virtualization Market

Total System Infrastructure Software (SIS) market accounted for: $85B in revenue for 2010, up 9.7% from $77.5B in 2009 VMware has 29.87% SIS market share by revenue (50-

60% of virtual infrastructure) >40% of x86 architecture workloads virtualized on

servers Installed base projected to grow four-fold from 2010

through 2015

Primary Approaches to Server Virtualization

Virtualization

On-premise Cloud Hybrid

Virtual Networking: How VMs Use Networks• Some physical – multiple VMs per physical NIC• Some private – no physical net

Can be used to increase security without adding infrastructure

Advantages of Virtualization

Improves Operational Efficiencies

Fewer physical servers

Lower server hardware &

maintenance costsReduced power &

cooling costs

Meet Green IT targets (cooling, consumption, carbon emissions)

Lower licensing costs (AV, OS, data

back-up)

Vastly improved server utilization rates

Bolsters Data Back-up and Disaster Recovery

• A system may be copied to a remote location, permitting businesses to consolidate data centers at another data center

Less

Down

Time

More Agile Business and Technological Flexibility

Justify purchas

e of server

Order Server

Receive server

Install server

Configure & test server

Days / Weeks

Provisioning of a Traditional Server

Provisioning of a Virtual Server

Minutes

Implementation of Virtualization by Small Businesses

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Not consider-ing 30%

Discussion / planning

stage24%

In trials19%

Implementa-tion 17%

Have im-plemented

10%

70%

Symantec. “Small B

usiness

Virtualiza

tion Poll. “ August 2

011.

Survey of 650 sm

all busin

esses w

orldwide.

Evolving Business

Security Needs

IP network growth (VoIP, WLAN, etc.)

Demand for SaaS / Cloud

services

New applications

Emerging threats and

attack vectors

Compliance & accountability

New Technologies & Threats Shape Security Needs

Virtualization Poses New Security ChallengesTr

adit

ion

al S

ecu

rity

• Perimeter enforcement is fundamental

• Security implemented by interposing physical devices on the wire

Vir

tualiz

ati

on

• Blurs notion of “perimeter”

• Applications may not run on same physical servers

• Security and auditability required between entities of share virtual infrastructures

• Physical appliances cannot offer in-line protection

• Shared infrastructure susceptible to malware infections via mobile users

Security Implications of Virtualization

Physical Network

Firewall sees & protects all traffic between servers

Virtual Network

Physical security is blind to traffic between virtual machines

VM 1 VM 2 VM 3

Hypervisor

VS

Host

Unprotected Virtual Machines Make Bad Neighbors

WatchGuard: From Prediction to Protection

Increased reliance on virtualization reawakens need for virtual security

Virtualization Spurs New Security Modalities

"The adoption of server virtualization within wiring closets and data centers at organizations of all sizes and the rollout of infrastructure to deliver IT services in the cloud is driving significant change in the technical requirements for security solutions, presenting unique challenges... These challenges represent key drivers for the virtual security appliance market and reflect why the market is growing so fast," Jeff Wilson, principal analyst for security at Infonetics Research.

Hurdles to Adoption of Virtualization?

Security IssuesPrivacy & Compliance Issues84

%85%

Top-Cited Obstacles to Securing a Virtual Environment?

Lack of budget for virtual-environment specific security solutions

Lack of staff expertise

Licensing, deployment & support models of security vendors not optimized for virtual environments

Limited visibility provided by traditional security management consoles into virtualization environment

Increased management complexity

51%

48%

40%

35%

29%

Small Businesses Still Harbor Virtualization Concerns

60% System Performance

56% Backup 56% Security & Patch Management

Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.

Service Providers Investing in Virtual Network Security

Infonetics Research, “Service Provider Security Drivers, Spending and Vendor Leadership: Global Survey. Dec. 2011.

Protect against theft of customer

data

Increase uptime Data center consolidation /

upgrade

#1

#2 #3

Top Drivers

How Organizations Assess their Management of Cloud Server Security

Good/Excellent: 27%

Fair: 27%

Poor: 25%

No Comment/Not Sure: 21%

Managing Firewall Risks in the Cloud: Survey of U.S. IT & IT Security Practitioners. Independentlyconducted by Ponemon Institute LLC. Sponsored by Dome9 Security. November 2011.

Virtual Servers Deployed by Small Businesses that are

<40%

Symantec. “Small Business Virtualization Poll. “ August 2011. Survey of 650 small businesses worldwide.

Visibility of Virtual Networks is Key

“…Unless you put virtualized security controls—virtual sniffers, virtual firewalls, all the same controls you'd use on a physical server, inside that network, you don't see what's going on." Neil MacDonald, security and infrastructure analyst at Gartner.

The VMware vSphere Hypervisor Environment

• Most widely deployed virtualization platform Broadly utilized by public cloud service providers,

enterprises, small and medium-sized businesses Foundation for growing virtual desktop (VDI) market Installed base encompasses 250,000+ customers

worldwide Over 1,400 ISVs support 2,500+ applications running on

vSphere Over 5,100 global service providers leverage vSphere

as foundation for their public cloud services

Diagram of vSphere in the Enterprise

Source: Hany Michael. http://www.hypervizor.com/diagrams/

XTMv: Securing the Future

• XTM functionality as a vSphere-compatible virtual appliance First release based on XTM Fireware 11.5.2 All bundles and unbundled services available No crypto acceleration, FireCluster

• “Shipped” as a downloadable vSphere-compatible Open Virtual Appliance (OVA) format file

• Serial number delivered via email fulfillment

Why XTMv?

• Deployed as a vApp VM conforming to DMTF Open Virtualization (OVF)

standard Supported on servers and networking equipment on

VMware vSphere Hardware Compatibility List

• Supports rapid deployment• Can implement security policies on:

Inside vs. outside basis Between organizations or applications within same

infrastructure

• May easily be preconfigured and deployed with the virtual machines that serve multi-component applications

• Users/Customers may manage a combination of XTM and XTMv appliances from single management server

Securing Multiple Customers with XTMv

• Multiple XTMv instances can be deployed on industry-standard servers at perimeter OR within DMZ Administration via web interface or multi-device

WatchGuard System Manager

XTMv: Managing the Virtual Environment

Traditional Firewall

Location

Network Connection

Virtual Firewall

Virtual Machine

(VM)

Zone

VM + Zone

Physical XTM Device Offers Complementary Security• Placement at perimeter protects from major external

threats

Cloud / Hosting / MSSPs

Retail / Hospitality Companies

Hospitals & Healthcare Campuses

University Campuses

K-12 School District Offices

Large Financial Institutions

Branch & Remote Offices

Target Industry Verticals

Ideal for Hosting Providers & Large IT Organizations…

Multiple instances of XTMv can run on single hypervisor

• Ability to run separate logical firewalls on same host system

Can manage traffic passing through virtual infrastructure and across internal networks – even between virtual machines in same cluster or server• Ideally suited to implement security policies between

applications, user communities, or tenants

Also Well Suited for Medium & Small Businesses

Instance of XTMv can be run on same server to protect full server consolidation environment

Offices with single server

running consolidated

workloads

XTMv Leverages same Award-Winning Security & Business-Enablement Capabilities as WatchGuard XTM

Physical Devices

An Application Proxy checks Source IP, Destination IP, Port, Protocol

If a matching rule (or service) is found:

The proxy then performs deep inspection on the content of the packet, including application layer data.

XTM Cornerstone – The Application Proxy

Packet Reassembly – since 1996

This is the key to finding threats that OTHER FIREWALLS MISS!

Fireware XTM: Making the Most of Your Network

QoS and Traffic Shaping• High-priority traffic gets bandwidth• Low-priority traffic gets available bandwidth

Multi-WAN Support• Up to 4 WAN connections supported• Traffic can use multiple WAN connections simultaneously or

on a failover

VPN Failover• Mission-critical VPN traffic keeps flowing if a remote site

becomes unavailable• Traffic automatically fails-over to another gateway

IPv6 Readiness• IPv6 Ready Gold Logo validates IPv6 routing• All XTM appliances will support IPv6

Command Line Interface

Choose from three user interface options: Administer your way

Managing XTM Solutions: Flexibility

WatchGuard Systems Manager Interface

Web Interface

• Simultaneously manage from 2 to 100’s of boxes• Can manage both XTM and XTMv

XTM Multi-Box Management Saves Time

“Implementing the WatchGuard solution was a breeze. The policy setting and system configuration is easy because it is all very logical and straightforward.”Francis Lim, IT Manager, Eurokars Group

Align security policies across an organization – or apply modifications

between boxes

• Real-time monitoring lets you take instant action to protect your network.

• 65 pre-defined reports included. Drill-down for the data you need — when you need it.

Real-Time Visibility & Reporting

Monitor network traffic in real-time.

Take instant remediative action, such as adding a site to a blocked sites list

Suite of tabbed tools deliver information needed

to monitor and react to network status

XTMv: Defense-in-Depth

• Virtual Appliance

• Antivirus

• IPS

• RED

• Application Control

• WebBlocker

• spamBlocker

• Live Security

Best-In-Class Security

Industry-Leading Value

“The company is strong, the products able, and the pricing can’t be beat.”

Source: Info-Tech Research Group. Vendor Landscape: Unified Threat Management. August 2011.

Why WatchGuard XTMv Wins

vs. Fortinet

• Real-time visibility tools

• 65 bundled reports vs. only 2

• Multi-WAN• Traffic shaping• VPN setup wizard• Multi-device

(physical/ virtual) management included

vs. Cisco

• Application Control• HTTPS inspection• Tightly integrated

security services• UTM performance• Simple VPN setup • Physical and virtual

switch agnostic

vs. SonicWall

• No firewall virtual appliance offered by SonicWall

vs. Palo Alto Networks

• No firewall virtual appliance offered by Palo Alto

“I can’t remember the last time I had to call someone with a security problem. With WatchGuard, we are always connected.”Lucas Goh, Head of IT Operations for Asia, Berg Propulsion

Moving Security Forward with Watchguard XTMv• “Best-in-class” security for comprehensive protection• Protection for physical and virtual infrastructures• Recognized security “Trend Setter”, industry “Champion”,

and “Leader”• Real-time monitoring, 65 reports included• Intuitive set-up wizards • Multi-WAN support• Market-leading value

"This beta release [WatchGuard XTMv] has me very excited. The virtualized XTM solution allows us to spin up virtualized firewalls that leverage our high performance and highly available, x86/x64 infrastructure. XTMv provides us with scalable access control solutions to protect specific virtual machines and make our cloud offerings a reality.“ James Bender, Director of Technical Services, MCA

Thank You!