A few months ago I wrote an article around using vShield Endpoint in vSphere environments for protecting workloads running in your virtual data-center. The primary reason behind writing that article was to encourage VMware users/customers to look at this centralized approach of running anti-virus and anti-malware in the virtual world. This approach not only helps you with avoiding situations such a "ANTI-VIRUS STORMS", it also helps you to ensure that you do not worry about managing anti-virus software and patching for each endpoint in your virtual infrastructure, be it Virtual Desktops (VDI) or Server workloads.
vShield Endpoint is not a complete anti-virus solution as it just works as a gateway between the Anti-virus solution and the Virtual infrastructure. It is important that the customers are able to evaluate and select the right Anti-Virus software provider for their virtual workloads. In my experience of virtualizing a number of servers and end-points, I see an increasing demand from the customers around further simplifying there end user security mechanisms with solutions which can be easily integrated with their existing landscape. While this has been a demand and approach of most of the enterprise customers, I have seen this agility missing in the Small and Medium Business segments. While reasons for this lag vary from organization to organization, there are a few key concerns which I have come across from most of my customers:-
- Different solutions for different Hypervisors.
- Different solutions for different use cases. E.g. VDI, Servers & Mobile devices.
- Difficult to deploy due to multiple moving parts.
- Issues around management due to different entry points for different solutions & use cases.
- Complex licensing models for each use case
- Cost effectiveness
From a customer's standpoint the above mentioned points are valid, since one would not want to leave the complex world of traditional agent based anti-virus solutions, just to land up in another complex world of virtual anti-virus solution which has to be designed, implemented and managed from scratch. This directly compares to the world of server virtualization, which became popular because of the fact that you do not need a team of consultants to build and run a virtual infrastructure as most of the associated frameworks and solutions are just plug & play.
From the point of view of the Small and Medium Businesses, an appropriate anti-virus solution would be something which not only caters to their ever-changing needs, but also provides an easy way to deploy and manage such a solution. Since the IT teams of SMBs do not work in SILOS such as network admins, storage admins, security admins etc, it is very difficult and costly for them to have specialized resources for each silo. Most of the SMB IT Admins are "Master of all trades". (Being a VMware guy, I absolutely love this approach since it is important to understand the entire ecosystem around VMware to understand, deploy, use and manage a vSphere Infrastructure.) While these challenges have been around for a while, there have been very little traction around solving such issues for SMBs.
While I have been working on deploying solutions from various security vendors, I have also worked on the enterprise solution of Bitdefender named Gravity Zone. Gravity Zone has various flavors around protecting end-point & mobile devices and I have worked on their solutions for protecting Virtualized Infrastructure which includes VDI and Server workloads. Bitdefender, in fact was one of the very few vendors which integrated with VMware vShield Endpoint to deploy an agentless security model which allows you to offload anti-virus and anti-malware tasks to a centralized anti-virus appliance. This approach involved the deployment of vShield now known as vCloud Networking and Security solution alongside the Gravity Zone solution.
While Bitdefender like other security vendors concentrated on the enterprise markets all this while, they are finally out with a solution for the SMB space as well called GravityZone-In-A-Box (GZiaB). GZiaB is targeted to solve the challenges faced by SMB segments around anti-malware security for their workloads. Some of the key features of this solution are:-
- Hypervisor Agnostic Solution (common for all x86 vendors such as VMware, Citrix & MS)
- Provides Unified Management for Virtual, Physical & Mobile endpoints
- Out of the box integration with vCenter and other Hypervisor management solutions
- Easy to deploy with an All-In-One Virtual Appliance
- Comes with a unified licensing model.
Since the product is targeted towards SMB, the product scales up-to protecting 250 endpoints which would also keep down the price points and make it more attractive for the SMB markets. While the above points are attractive, I have gone ahead and downloaded the evaluation copy of the product and have started using the same in my lab environment. I will post another article which showcases how to deploy the solution. I must say, that the promise of easing out things is certainly kept by Bitdefender since they have squeezed in the different roles of Database, Management Console and Comm server into a single virtual appliance. This will not only makes things easier to manage, but will also reduce the overall cost of running and managing the solution. I guess that explains why they choose the name "Gravity Zone in a Box"
Earlier today, Bitdefender announced that the solution would provide enterprise class security to SMB. Here is an abstract from the Bitdefender GZiaB launch note:-
"GravityZone-in-a-Box provides SMBs a new standard in managing, monitoring and reporting security activities across a broader threat environment. Businesses will better manage reporting for regulatory compliance and audits, following best practices. Like its big brother, GravityZone (launched earlier in 2013), the new solution delivers an enterprise class security management console to manage multiple endpoints, no matter the environment.
GravityZone-in-a-Box, a Citrix Ready security solution verified for VDI-in-a-Box, secures up to 250 endpoints, allows companies to easily manage security for virtual desktops and servers as well as physical and mobile endpoints. This streamlines management and resolves security headaches often suffered by SMBs adopting bring-your-own-device policies for mobile devices"
An important thing which I learned while setting up GZiaB in my environment is that, it does not uses vShield Endpoint as the gateway unlike GZ for virtualized environments. The product by passes the vShield Endpoint integration and sets up to talk directly to the virtual machines for malware protection and all of this managed by a single appliance.
Very soon I will come out with step by step instructions in a deployment article which will help you deploy this solution in your infrastructure within minutes and start protecting your servers or desktop workloads without the worries and concerns mentioned in the before in this article.
Till that time..
Share and Spread the Knowledge.