With VMworld 2009 coming up in less than two weeks in San Francisco, I am reminded of VMworld 2007, when a security company called Catbird introduced 10,000 attendees to a visual representation of why you don't want to run naked in your environment. The company claimed "you can't protect what you can't detect," and while I completely agree with that statement, I can also remember thinking to myself at the time, "I can't eat my environmentally friendly lunch with IT people running around in naked costumes." But I digress.
While fake, naked IT people might not be the thing you want to remember about Catbird, you definitely want to remember the reason behind the imagery. Whether physical or virtual, your environment needs to be protected, and you should be aware of security and compliance implications within your architecture. Virtual machines are dynamic in nature and introduce a concept of mobility that brings about new risks which previously weren't addressed by traditional security planning. And in 2008 Catbird introduced what it believed was an answer to this problem: V-Security.
[ VMware, Xen, and Hyper-V virtualization environments can add additional security concerns. So what should you be thinking about? | Track the latest trends in virtualization in InfoWorld's newsletter. ]
Catbird V-Security 2.0 delivers asset protection for virtual datacenters with network security and policy management. Its security is built around things like intrusion detection and prevention systems, vulnerability scans, network access control, and hypervisor/virtual machine state. And the company's TrustZones track virtual machines across clusters and hosts in a proactive manner by detecting and stopping potential security and policy violations before they escalate.
One year after launching V-Security 2.0, and going into VMworld 2009, Catbird is ready to announce that V-Security 2.0 is McAfee compatible and interoperable with McAfee ePolicy Orchestrator (ePO) software. This new partnership will offer mutual customers comprehensive visibility and a unified view of both the physical and virtual security status in the datacenter.