Sourcefire to rollout virtual security tool for VMware machines

Sourcefire is readying its first intrusion-prevention systems designed to run as software appliances in VMware’s virtual machine environment.

Sourcefire 3D System 4.9, which is expected to ship by year-end, includes the Virtual 3D Sensor and the Virtual Defense Center. The products will run as virtual appliances on VMware’s ESX and ESXi servers, as well as on the cloud-computing platform vSphere 4.0.

Many thrifty managers believe that the same technologies currently used to protect conventional physical servers can simply be extended to virtualized environments, but security experts say this could lead to being trapped by threats in several areas, including software, administration, mobility, the operating system and network visibility.

Sourcefire 3D System 4.9, now in beta, can be used to inspect traffic between two physical hosts, two VMs or between a physical host and a VM, according to Steve Piper, Sourcefire’s senior director product marketing.

The first virtual IPS appliances that Sourcefire will ship will deliver speeds ranging from 20M to 250Mbps. This is “the low end” for IPS speeds today, Piper acknowledges.

A couple of months ago IBM launched a hardware appliance to deploy service oriented architecture and WebSphere applications in an internal cloud computing environment.

Piper says there are some basic concerns regarding a virtual appliance — which is simply software tailored to run in a specific VM environment — as compared with a physical appliance that includes software on a dedicated hardware device.

“There are a lot of unknowns,” Piper says, because the virtual appliance is likely to share a physical server with other VM applications and there may be wide differences in deployment and usage of resources.

The main concern is the performance of an IPS sensor running as a virtual appliance, he says. As the Sourcefire virtual appliances become available, “we encourage customers to test for performance,” Piper says.

In its first iteration of virtual appliances, Sourcefire is not implementing VMware’s VMsafe security API, because it’s “not ready for prime time” due to performance issues related to Sourcefire’s projects, Piper says.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now