A few months ago I wrote
an article around using vShield Endpoint in vSphere environments
for protecting workloads running in your virtual data-center. The primary
reason behind writing that article was to encourage VMware users/customers to
look at this centralized approach of running anti-virus and anti-malware in the
virtual world. This approach not only helps you with avoiding situations such a "ANTI-VIRUS STORMS", it also
helps you to ensure that you do not worry about managing anti-virus software
and patching for each endpoint in your virtual infrastructure, be it Virtual
Desktops (VDI) or Server workloads.
vShield Endpoint is not
a complete anti-virus solution as it just works as a gateway between the Anti-virus
solution and the Virtual infrastructure. It is important that the customers are
able to evaluate and select the right Anti-Virus software provider for their
virtual workloads. In my experience of virtualizing a number of servers and
end-points, I see an increasing demand from the customers around further
simplifying there end user security mechanisms with solutions which can be
easily integrated with their existing landscape. While this has been a demand
and approach of most of the enterprise customers, I have seen this agility
missing in the Small and Medium Business segments. While reasons for this lag
vary from organization to organization, there are a few key concerns which I
have come across from most of my customers:-
- Different solutions for
different Hypervisors.
- Different solutions for
different use cases. E.g. VDI, Servers & Mobile devices.
- Difficult to deploy due to
multiple moving parts.
- Issues around management due to
different entry points for different solutions & use cases.
- Complex licensing models for
each use case
- Cost effectiveness
From a customer's
standpoint the above mentioned points are valid, since one would not want to
leave the complex world of traditional agent based anti-virus solutions, just
to land up in another complex world of virtual anti-virus solution which has to
be designed, implemented and managed from scratch. This directly compares to
the world of server virtualization, which became popular because of the fact
that you do not need a team of consultants to build and run a virtual
infrastructure as most of the associated frameworks and solutions are just plug
& play.
From the point of view
of the Small and Medium Businesses, an appropriate anti-virus solution would be
something which not only caters to their ever-changing needs, but also provides
an easy way to deploy and manage such a solution. Since the IT teams of SMBs do
not work in SILOS such as network admins, storage admins, security admins etc,
it is very difficult and costly for them to have specialized resources for each
silo. Most of the SMB IT Admins are "Master of all trades". (Being a VMware guy, I absolutely love this approach since
it is important to understand the entire ecosystem around VMware to understand,
deploy, use and manage a vSphere Infrastructure.) While these challenges have been around for a while, there have
been very little traction around solving such issues for SMBs.
While I have been
working on deploying solutions from various security vendors, I have also
worked on the enterprise solution of Bitdefender named Gravity Zone. Gravity Zone has various
flavors around protecting end-point & mobile devices and I have worked on
their solutions for protecting Virtualized Infrastructure which includes VDI
and Server workloads. Bitdefender, in fact was one of the very few vendors
which integrated with VMware vShield Endpoint to deploy an agentless security
model which allows you to offload anti-virus and anti-malware tasks to a
centralized anti-virus appliance. This approach involved the deployment of
vShield now known as vCloud Networking and Security solution alongside the
Gravity Zone solution.
While Bitdefender like
other security vendors concentrated on the enterprise markets all this while,
they are finally out with a solution for the SMB space as well called GravityZone-In-A-Box (GZiaB). GZiaB is
targeted to solve the challenges faced by SMB segments around anti-malware
security for their workloads. Some of the key features of this solution are:-
- Hypervisor Agnostic Solution
(common for all x86 vendors such as VMware, Citrix & MS)
- Provides Unified Management for
Virtual, Physical & Mobile endpoints
- Out of the box integration with
vCenter and other Hypervisor management solutions
- Easy to deploy with an
All-In-One Virtual Appliance
- Comes with a unified licensing
model.
Since the product is
targeted towards SMB, the product scales up-to protecting 250 endpoints which
would also keep down the price points and make it more attractive for the SMB
markets. While the above points are attractive, I have gone ahead and downloaded
the evaluation copy of the product and have started using the same in my lab
environment. I will post another article which showcases how to deploy the
solution. I must say, that the promise of easing out things is certainly kept
by Bitdefender since they have squeezed in the different roles of Database,
Management Console and Comm server into a single virtual appliance. This will
not only makes things easier to manage, but will also reduce the overall cost
of running and managing the solution. I guess that explains why they choose the
name "Gravity Zone in a Box"
Earlier today,
Bitdefender announced that the solution would provide enterprise class security
to SMB. Here is an abstract from the Bitdefender GZiaB launch note:-
"GravityZone-in-a-Box
provides SMBs a new standard in managing, monitoring and reporting security activities
across a broader threat environment. Businesses will better manage reporting
for regulatory compliance and audits, following best practices. Like its big
brother, GravityZone (launched earlier in 2013), the new solution delivers an
enterprise class security management console to manage multiple endpoints, no
matter the environment.
GravityZone-in-a-Box,
a Citrix Ready security solution verified for VDI-in-a-Box, secures up to 250
endpoints, allows companies to easily manage security for virtual desktops and
servers as well as physical and mobile endpoints. This streamlines management
and resolves security headaches often suffered by SMBs adopting
bring-your-own-device policies for mobile devices"
An important thing which
I learned while setting up GZiaB in my environment is that, it does not uses
vShield Endpoint as the gateway unlike GZ for virtualized environments. The
product by passes the vShield Endpoint integration and sets up to talk directly
to the virtual machines for malware protection and all of this managed by a
single appliance.
Very soon I will come
out with step by step instructions in a deployment article which will help you
deploy this solution in your infrastructure within minutes and start protecting
your servers or desktop workloads without the worries and concerns mentioned in
the before in this article.
Till that time..
Stay Tuned!!!
Share and Spread the
Knowledge.
No comments:
Post a Comment