Mental Ward

Blog archive

Free Virtual Security Tool Released

Free stuff is always good, especially in a recession. But free stuff that makes your virtual networks more secure should make you sit up and take notice.

To that end, Catbird Security today released Compliance Enforcer, a free tool that inspects up to five virtual networks for security issues, and will quarantine suspect virtual machines (VMs), taking them off the network. I had a chat this afternoon with Catbird CEO Michael Berman, who was naturally excited about Enforcer.

Enforcer comes with a license for up to five Catbird V-Agents, meaning you can monitor up to five different subnets. This will suffice for a large majority of SMBs, Berman points out. Of course, Berman also hopes that enterprises will try Enforcer out on a small network segment or lab, like it, and want to upgrade to the full V-Security suite. Whether that happens, of course, is another matter. Naturally, there's self-interest here on Catbird's part; on the other hand, it is a full-featured product offered for free, and that counts for a lot.

In the course of our discussion, Berman made some interesting points about security. One is that hackers are, by and large nowadays, a criminal enterprise. "There hasn't been a "Code Red" for VMware because people don't write exploits for notoriety anymore. [Those types of hackers are] now dwarfed by criminal entireprises in Ukraine, Brazil and China. If an exploit exists today, it's a subtle exploit. They break in and don't want you to know they've broken in."

Another of Berman's key points is that exploits are rare for the platforms like VMware ESX, Microsoft's Hyper-V and Citrix's XenServer because there are other, more traditional vectors that still work. "The biggest security problem we have today is Microsoft Windows," says Berman. "They're writing exploits for Windows. If the machine is physical or virtual, they don't care. Say someone makes new exploit for Internet Explorer -- does it matter if you're running VMware? No. it matters if you're running I.E. And as more machines become virtual, the monitors we have stop working."

He has a point. We haven't seen exploits yet for hypervisors, virtual switches and the like, but Windows (and, to be fair, Linux has its fair share) will always be under attack.

Enforcer is a hosted solution, so your data is in the hands of Catbird. Keep that in mind as well.

What are you doing about securing your virtual environment? Let me know.

Posted by Keith Ward on 12/16/2008 at 12:48 PM


Subscribe on YouTube