VMWorld 2010: Security Products Roundup

From executive keynotes to intimate sessions, the security of the cloud and virtual environments was one of the most discussed top-of-mind subjects at the 2010 VMWorld Conference. That security focus was further evidenced by an array of security partnerships and product launches announced during the first full day of the conference. Here are a few of the virtual releases.

Trend Micro SecureCloud

Trend Micro had not one but two product launches in the virtual space Tuesday. The Tokyo-based company released the public beta version of SecureCloud, designed to protect and secure cloud data. Specifically, the SecureCloud product encrypts sensitive information stored in the cloud, only allowing access to the cloud customer -- not the provider. Cloud customers can subsequently access and manage their own cloud data with a management key technology.

The SecureCloud product can be applied to both public and private clouds as well as hybrid environments, although the product especially alleviates concerns when data housed by a third party provider that also hosts data from multiple vendors.

The SecureCloud offering also aims at eliminating compliance and data privacy risks associated with storing sensitive data in a cloud environment.

The solution is delivered through the channel, and channel partners can add deployment and education services around the product. SecureCloud beta supports Amazon EC2, Eucalyptus, or VMWare vCloud Cloud infrastructure, and can be accessed immediately at www.securelcoud.com.

In addition, Trend Micro also released the latest Deep Security 7.5, which secures operating systems, applications and data on physical, virtual and cloud servers and protects them from malware attacks and other security threats.

The latest Deep Security product, which uses VMware vShield Endpoint API, was tweaked with an anti-malware feature, which was added to the existing deep packet inspection, intrusion detection and prevention, Web application protection, application control, firewall, integrity monitoring and log inspection capabilities.

Deep Security 7.5 can be implemented to virtual, physical and hybrid environments. And like other cloud-oriented security solutions, is designed to help customers sporting virtual and cloud environments to pass mandatory compliance audits required by PCI, FISMA and HIPAA.

Next: Check Point, HyTrust Virtual Releases CheckPoint Software Security Gateway Virtual Edition

CheckPoint Software aimed to get a leg up over other security competitors with the launch of a Security Gateway Virtual Edition, featuring a VMsafe integration designed to secure the cloud with a firewall that protects against external and internal threats in both physical and virtual environments.

The Security Gateway VE is based on Check Point's existing Software Blade Architecture, which it first launched in January of 2009, and can be applied to both public and private clouds.

Essentially the offering, which will be available in September, beefs up security in the virtual environment, enabling IT administrators to apply the same security solutions -- firewall, VPN, and intrusion prevention -- that they would on physical systems. Thus far the solution only integrates with VMware, but could ostensibly be compatible with other vendors down the road.

Altogether, the virtual gateway is touted as a way for IT administrators to monitor and secure VM traffic and external networks with granular firewall policies and intrusion prevention capabilities. The offering is also designed to automatically apply security policies to existing or future virtual machines so companies don't have to experience downtime or change their physical network infrastructure.

Executives say that in addition to selling and deploying the Security Gateway VE, opportunities exist for channel partners to build private clouds or expand existing virtual environments, as well as offer management, monitoring and other managed services packages, which they can wrap around the product.

HyTrust

Meanwhile, HyTrust enhanced its existing appliance by adding interoperability to its HyTrust Appliance with the RSA enVision platform, a three-in-one log management SIEM product offered by RSA, the Security Division of EMC.

HyTrust, which provides policy enforcement and access control for virtual infrastructure, said it was responding to the increasing demand for secure and cost-effective private cloud infrastructure, while also acknowledging compliance auditors who are still leery of cloud environments.

The driving force behind the partnership is that the combination of the HyTrust Appliance, along with the RSA enVision platform, enables customers to virtualize workloads more securely, while simultaneously satisfying requirements for regulatory compliance audits.

Specifically, the RSA partnership will enable HyTrust to collect user-specific and operation-specific data and logs from virtual infrastructures, while taking advantage of the analysis and archiving capabilities that come with the RSA enVision SIEM product.