Story image

Don't let virtualisation threaten your data center security

02 Feb 16

Virtualisation has been one of the most impactful technologies the data center industry has seen to date.

From a business perspective, virtualisation contributes to greater end-to-end efficiency, from reduced operational costs to more efficient and reliable delivery of business applications.

According to a 2015 study by analyst house IDC, organisations with the highest levels of data center virtualisation can achieve up to 63% lower data center capex and opex costs, compared to organisations with the lowest levels of virtualisation.

Yet, for all these positive effects to take shape, one condition applies: the data center’s systems must be secure.

Not only should security software stop system attacks, but it must also take into account the very nature of virtualisation. When applied to a virtualised environment, traditional malware protection simultaneously scans all virtual machines at the server host, wasting resources and slowing systems.

On one hand, anti-malware fits perfectly with the basic principle of virtualisation, based on the theory that virtual machines should be indistinguishable from physical servers from an application’s point of view.

However, the reality is that anti-malware is not just another application. Running many instances of it on a single server can create a myriad of hassles, including the most troublesome of them all - the dreaded AV storm.

An AV storm refers to serious degradation of system performance caused by traditionally deployed anti-malware software. The immense resources needed for anti-malware software to scan each of your virtual machines on the same set of logical drives will inevitably bombard your systems and trigger unexpected downtime - all during business hours.

With a traditional approach to malware protection, AV storms can be avoided by diversifying the scheduling of routine tasks performed by anti-malware software. From a security point of view, postponing the availability of new signatures, for example, would not be the best option as it would mean decreasing the level of protection of particular virtual machines. Such a solution would only distribute inefficiencies in time, not eliminate them.

So, how can your business benefit from virtualisation without compromising productivity or data security? 

Employing security software that protects your hypervisor or virtual machine manager will mean overwork is avoided, and enable the user to drill down to each virtual machine for rapid task execution when necessary. In this way, your business can safely leverage, manage and oversee security in your virtual environment.

Businesses today are adopting virtualisation as the first step towards cloud ambitions on the horizon. Without adequate protection of virtualisation systems, businesses would only see cloudy scenarios, instead of cloud ambitions.

By Nick FitzGerald, Senior Research Fellow, ESET

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.