In the November 15th, 2010 issue of Government Computer News(GCN vol 29, Issue 20), there is an article entitled "The Real-World Challenge of Virtual Security" (http://gcn.com/articles/2010/11/15/nlets-virtualization-security.aspx) . In this article, the product called "vSecurity" from Catbird Networks (http://www2.catbird.com/) was mentioned and is used as virtual appliance on the hypervisor to monitor the configuration and security status of VMs on the host. vSecurity has built in compliance modules such as FISMA (don't know if it support Fedramp yet, but I doubt it since Fedramp is not finalized yet), DoD DIACAP, SOX and GLBA to determine and help to enforce compliance. vSecurity is deployed on the NLETS (National Law Enforcement Telecommunication Systems) which is a backbone for state, local and federal law enforcement agencies around the country to exchange date.
Virtualization security is far from a mature security technology, vSecurity does not solve all security issues associated with virtulization. But, used in NLETS proved that vSecurity is a serious product and should be considered for your virturalization security deployment.
No comments:
Post a Comment