The virtual security products market is about to undergo a major change, spurred by small vendors selling new ways to protect virtualized networks.
Scotts Valley, Calif.-based Catbird Networks last week announced its Catbird V-Agent, a virtual appliance that handles network security without sending data
"They're both smaller vendors that most companies probably haven't heard of," said Neil MacDonald, a Gartner Research fellow and vice president. "The larger vendors will eventually respond. The trend is only going up in terms of virtualization."
Nudging IT vendors to improve virtual security has become a habit at Gartner, whose analysts have waved the flag at conferences, in press releases and in reports, one of which predicted that 60% of virtual machines (VMs) will be less secure than their physical counterparts until at least 2009.
MacDonald cited several reasons for this: Virtualization software needs to be secured and patched just like every other application on a server, but many businesses have little experience securely configuring virtualization software and network stacks. Until now there have been few management and security tools to automate the job, either, MacDonald said.
"The big vendors are taking a good look and saying, 'Hey, not only is there money to be made in this field of virtualization, but more importantly, it's a better way to protect the customers,'" said George Heron, vice president and chief scientist for McAfee.
Heron called Catbird's announcement "very cool."
"It's a great example that illustrates where the players in the security industry can be going," he said.
Typically, businesses and organizations have to reconfigure physical servers to deal with virtual networks running in their own cases – usually by accepting packets, inspecting them, then returning them to the VM. Ideally, firewalls and IPS should run inside the VM, because otherwise, "you really have little or no visibility into the internal network," MacDonald said. "Your physical tools can't see that traffic."
MacDonald predicts that three large vendors will announce their entries into the virtual security products market by the end of the year. But, he said, other large vendors will be slower to adopt the trend for fear of losing the lucrative business of selling and deploying physical security appliances.
"They think they're going to cannibalize their own revenue streams, which they quite likely will," MacDonald said.
"But if they don't," he predicted, "someone else will."
Heron declined to speak about the plans of McAfee or its competitors for entering the virtual security products market, but he said it would not be difficult for large vendors to apply their existing technologies to virtual environments.
Because of that, developing virtual security products has a greater potential payoff than security for physical machines, Heron said. Vendors don't have to spend as much as they would to develop physical appliances and channel partners don't have to spend as much on deployment, because virtual appliances can be uploaded and run as just one more application within the VM, he said.
Catbird is giving away its virtual appliance for free, then charging its managed service provider (MSP) partners depending on how many users they serve. The partners can then charge their clients whatever price they want, said Tamar Newberger, Catbird's vice president of marketing.
"The revenue's coming from the service," she said. "We don't want the revenue coming from the box."
Partners will have more service opportunities because they will be able to reach more customers, since a virtual appliance is less expensive and easier to deploy and than a physical one, Newberger added.
"If they're familiar with VMware, it's just another guest," she said.
Another service opportunity for the channel is to help clients deal with the control and access issues that come with virtual security products.
Most companies have multiple physical servers, each with its own responsibilities and access controls. That clear separation of duties disappears when the physical appliances are rolled into one virtual server, creating "a new, all-powerful root administration," MacDonald said.
MacDonald stressed the need for businesses and organizations to have clear policies and processes in place to separate access to the virtual server's duties as much as possible, for security reasons, and he said that is an area where the channel can help clients.
"The integrators and resellers should come in armed with some of those best practices and make recommendations," he said.
Let us know what you think about this story; email: Colin Steele, Features Writer.