Friday, May 20, 2011

Endpoint Security: Become Aware of Virtual Desktop Infrastructures!

I completed a pretty neat whitepaper for Trend Micro just before leaving for a couple of weeks of travel. Here is an abstract of the exec summary and you should be able to get the rest at Trend Micro.

Virtual desktops infrastructures, VDI, present IT with the unique opportunity to fundamentally improve the way desktops are purchased, deployed, managed, and secured. Organizations are attracted to VDI’s promise to reduce operating costs, provide users with wide choices of devices, improve application performance, and enhance corporate security against malware and loss of sensitive data. The benefits are compelling, with survey data showing approximately 70 percent of CIOs reporting VDI projects planned for 2010.

However, enterprises find while scaling from proof-of-concept projects to full deployment that desktop security software that is not optimized for VDI causes storage and network contention that significantly degrades virtual machine densities. The Ogren Group recommends the following guidelines in selecting endpoint security to help organizations preserve the benefits of VDI:

Choose endpoint security that is specifically designed for VDI performance. Endpoint security needs an architecture that avoids performance drags from storage and network resource contention.

Require intelligent use of cloud-based security to keep agent bloat from affecting VDI density. Evaluate approaches that scale by blocking attacks in the cloud, and do not steadily increase processor demands for VM-based endpoint security.

Insist on VDI-aware approaches allowing endpoint security to simplify administration of virtual and physical desktops. Since organizations will need to operate a mix of physical and virtual endpoint security, the security software should be optimized for each environment for user satisfaction, and ease of administration.

Trend Micro’s OfficeScan and Deep Security products are designed for use in VDI environments. The Ogren Group finds that Trend Micro exceeds requirements for protecting the business while enabling IT to realize the benefits of virtual desktop infrastructures.

Wednesday, May 4, 2011

Wedge Networks

I commented on the content-focused approach of Wedge Networks and was pleased to support their BeSecure announcement.

Eric Ogren, analyst and founder, Ogren Group, said:

"The trend towards moving applications and data into private and public clouds introduces a new realm of very real security risks. Critical to identifying and remediating new threats will be a content-based approach offering deep inspection and clear visibility into network traffic. Wedge Networks is well positioned to meet these challenges with its BeSecure Web Gateway that enables organizations to protect sensitive data and have a clear view of content as it traverses the cloud."

Recent white papers ... ForeScout

ForeScout has done a pretty good job of navigating through the NAC requirements. They've always had an interesting technical idea and now they have a team in place that can properly position the company. The next couple of quarters will be key for the company as it executes its new vision.

Recent white papers ... SenSage

I often wish I could pay more attention to keeping you up to date with what's going on. I'm still learning that part of the job! Anyway, here are a few recent papers that you may be able to find on the web sites of ForeScout, SenSage, and Trend Micro. Let's start with SenSage.

VDI Security: Centralized Control

One of my favorite articles I wrote for TechTarget’s Information Security Magazine was published last year. It turned out to be pretty popular with a huge number of downloads. I recently received the following mail from with a link you can check out.

Virtual desktop infrastructure implementation provides security pros with a perfect opportunity to re-architect their organization’s endpoint security and management. The fact that virtual desktops are managed via centralized services means that an entirely new approach can be taken with respect to endpoint security and desktop configurations, giving security teams much more control over their company’s data.

This complimentary IT Decision Checklist explores the most significant security opportunities coming out of VDI solutions and how you can leverage them to fortify your own organization’s security posture.

Explore how to achieve the following in a VDI environment:

-- Control endpoint configurations
-- Isolate sensitive and regulated data
-- Enhance antimalware strategy
-- And more