Four virtualization security companies to watch

By Denise Dubie , Network World

These companies aim to keep virtual servers secure by providing access control, patch management and more

Few reports have surfaced of security breaches in virtual-server environments, but the potential looms large. “Every single platform we have had in IT eventually gets compromised. There is no reason for us to think that the hypervisor is going to be any different,” says Pete Lindstrom, a senior analyst with Burton Group. “While hypervisors seem to pose a fairly small attack-surface, as they multiply across a network, so do the attack surfaces. It is a huge unknown.”

That’s why companies widely adopting virtualization today must have a solid strategy for securing these environments, industry watchers say. “During the ‘Gold Rush’ mentality of this server virtualization craze — the more you deploy, the more you save — the cost of securing the virtual environment has not been weighed,” says Phil Hochmuth, a senior analyst with Yankee Group. “At the same time security has become an afterthought, researchers are publishing rootkits and people are thinking of ways to hack hypervisors — it has to raise some eyebrows in the security world,” he says.

ALTOR NETWORKS

Headquarters: Redwood City, Calif.
Management: CEO Amir Ben-Efraim, previously head of business development for Check Point Software.

How the company got its start: Company founders saw a “big blind spot in inter-virtual-machine communication” with what virtual vendors are calling virtual switches or virtual bridges, Ben-Efraim says. These virtual switches allow virtual machines to communicate with each other, but also create a new layer of switching that is “effectively invisible to network security and other network tools,” he explains. Altor wants to provide visibility into that layer of switching and make sure communications among virtual machines are secure.
(full article)