Securing the virtual environment
by David Phillips - Product Manager, Wick Hill - Friday, 11 July 2014.
Firstly, you are relying on your security vendor integrating with the virtualisation vendor. This means that the range of advanced features such as application control, device control and web control may not be available to you. Also, some virtualisation vendors don't have the technology inbuilt to enable this approach. You are moving back to pure anti-virus/anti-malware protection, with none of the enhanced options endpoint security gives you.

So if ‘agent- based' is at one end of the spectrum and ‘agentless' is at the other, is there another option that gives you the best of both worlds? The answer is yes - with ‘light-agent' security.

3. ‘Light-agent' security

In this architecture, the security software is still loaded onto a secure virtual machine, but an additional lightweight agent is installed on each VM. This unlocks the potential for deeper, multi-layered protection, including features such as web, device and application policy enforcement. Now you have achieved most of the benefits of the ‘agent-based' and ‘agentless' approach, giving you the flexibility to setup the most appropriate security posture for your environment.

You may now be scratching your head and wondering how you are supposed to manage all of this and your workstations, laptops and mobile devices. You are managing enough different consoles at the moment. You want to keep things as simple and straightforward as possible because complexity is the enemy of security.

There are security vendors out there that enable you to manage all types of endpoints from one single console. This allows you to effectively manage your security policies and close any gaps that would exist, when using multiple products and management consoles. However, be aware that not all ‘single' consoles are identical. Some provide a portal into multiple other consoles (with different interfaces).

Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //