Protecting the Virtual Machine

Network Middle East speaks to Tarek Kuzbari, MD of Kaspersky Lab Middle East and Turkey about Kaspersky’s Security for Virtualisation and how to secure virtual machines.

Tags: Kaspersky Lab
  • E-Mail
Protecting the Virtual Machine Kuzbari says that many IT departments are misinformed when it comes to virtual machine security.
By  Georgina Enzer Published  June 21, 2012

Network Middle East speaks to Tarek Kuzbari, MD of Kaspersky Lab Middle East and Turkey about Kaspersky’s Security for Virtualisation and how to secure virtual machines.

What is the difference between protecting virtual machines and protecting traditional servers?

Actually it is the same and this is where the misconception is happening. Unfortunately people believe that when they provide protection for their server and then install a virtual machine on that server, the protection provided on the software level for the physical machine will be the same for the virtual machine, which is not true. In reality, every virtual machine can be considered and treated as a separate physical machine with its own operating system, which also has the same challenges and same risks and vulnerabilities as any other physical machine will have. This is why the need for protection of servers or workstations that host virtual machines is becoming a must and is not optional.

Are the malware or viruses attacking virtual machines different from traditional cyber-threats?

The types of the attacks are exactly the same as on normal machines and cyber-criminals are trying to benefit from the misconception that virtual machines are different from normal machines, but it is all the same. It is the same misconception with virtual machines as we see for example with Mac – people believe that on Mac there are no malware or Trojans but unfortunately it is not so.

Growth in malware has been exponential; one year ago we were talking about 30,000 malware per day detection, now it is 70,000 per day. We are talking about one malware every second. Cyber-gangs are expanding their sights and really targeting business to business customers.

What protection should companies have for their virtual machines?

In the virtual machine security space there are different protection methods; either the IT manager decides to provide no protection, so they install no antivirus or security software, or they decide to provide protection. When we look at providing protection, there are three scenarios that we see.

First of all is to install the anti-virus or security suite protection on the physical level without providing the protection for the virtual machines. We see risks in that model. The second scenario is to install the security suites on all the virtual machines as well as the physical machines, this is called agent-based.

The third model is called agent-less and this is where the Kaspersky Security for Virtualisation comes in. The KSV virtual appliance can provide security to the physical machines as well as virtual machines from a single layer.

What we are offering with Kaspersky Security for Virtualisation is, instead of having different software on each virtual machine, as in the agent-based model, you just have one layer where you can provide all the protection you need for the resources and resource management. The main advantage is that you provide the protection you need on the virtual machine and at the same time you are keeping the flexibility for these work machines and you don’t have to sacrifice resources for the same task on different virtual machines.

Kaspersky Security for Virtualisation is delivered as a virtual security appliance that integrates with VMware vShield Endpoint to provide agent-less, anti-malware security based upon Kaspersky Lab’s anti-malware engine. It is developed from the same code-base as our endpoint security products, and is designed to avoid the complexity and resource-drain associated with security programmes that typically ‘bolt-on’ acquired technology for virtual environments.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code