Altor Networks today announced the availability of the Altor VF, the
first purpose-built virtual firewall, and announced its certified
integration with products from ArcSight, Juniper Networks, Mazu
Networks and VMware.
Enterprises are eager to extend virtualization into their data centers to realize the cost savings, operational flexibility, and
increased availability they achieved with virtualization in the
development and test environments. At the same time, virtualized
networks create unique security challenges for production environments.
Altor Networks' new Altor VF addresses those challenges and enables the
virtualization of data centers without compromising security.
The Altor VF is a software security appliance that runs in a
virtualized environment and enforces security policy on a per virtual
machine (VM) basis. Unlike existing firewalls designed for physical
networks, the Altor VF virtual firewall can secure Live Migration - a
technology designed to trigger automatic movement of VMs across
physical servers, but capable of inadvertently moving an application to
a less trusted network. The Altor VF was purpose-built for the virtual
environment - enabling tighter security policy and greater ease-of-use
than existing virtual firewalls adapted from their physical firewall
counterparts.
The Altor VF extends the functionality of traditional firewalls.
Traditional firewalls not only provide security to physical networks,
they also provide visibility to the traffic running through them and
export some of that data to 3rd party products to aggregate and
correlate data across the network. However, traditional firewalls
cannot see into the virtual environment. The Altor VF extends
visibility into the virtual environment - providing NetFlow statistics,
Sys Log, and other network statistics on a per application basis and
exporting that data to 3rd party products such as those from ArcSight
and Mazu Networks (Please see separate releases for details).
Similarly, in existing physical networks, some companies also
employ an Intrusion Detection & Prevention System (IDS/IPS) to
further secure their physical networks. Through its partnership with
Juniper Networks, the Altor VF enables Juniper IDP appliances to extend
their protection into the virtual environment (Please see separate
releases for details).
"Our other network security vendors did not offer viable options,
especially regarding VMotion. The Altor VF fills the gap," said Jim
LoTruglio, vice president of information technology at Hearst
Corporation Service Center. "Altor's firewall will provide the
visibility, the administrative efficiency and the VMotion security we
need today."
"With Altor's solution we now have total visibility into, and far
greater control over, our virtualized infrastructure," said Nicholas
Portolese, senior manager, data center operations at Nielsen Mobile.
"Anyone with server or desktop virtualization really needs to have
something like this to help secure and optimize their available
resources."
"The increasing use of virtualization, particularly in data center
environments, will lead to new potential attack paths," said Neil
MacDonald, VP and Gartner Fellow. "To protect critical servers and data
in virtualized environments, organizations need to extend their
security processes and controls into the virtual environment, including
the use of virtual firewalls and IPSs when security separation and
protection are needed."
"IT administrators are challenged with the differences between
virtual and physical networks, and recognize that new approaches are
necessary to meet the management challenges of virtual infrastructure,"
said Mark Bowker, an analyst at Enterprise Strategy Group. "Altor
Networks executives see the deficiencies and are ready to leverage
their background developing firewall technologies, so it's very natural
to look to them to enforce security policy on virtual networks."
"Without question we've hit on an effective way to secure virtual
networks, and the proof is the successful installations currently in
progress at more than 20 customers in the private sector and within the
federal government," said Amir Ben-Efraim, CEO of Altor Networks. "Our
architecture allows customers to easily add full firewall protection
into their existing virtual environments. From day one, Altor's
products have been purpose-built for virtual networks."
The Altor VF brings to market a number of industry firsts to dramatically improve virtual network security management:
-- VirtualCenter Integration -- The Altor VF includes
out-of-the-box integration with VMware's VirtualCenter, enabling the
automated deployment of virtual firewalls on ESX hosts. The product
further applies a default policy to all new virtual machines -- helping
control virtual machine sprawl.
-- Security Policy per Virtual Machine -- VMs on a virtual server
can serve different purposes -- ranging from development and test to
various types of production applications. The Altor VF locks down each
VM to its specified use, insuring no communication among VMs with mixed
application trust levels.
-- Support for Live Migration -- When VMotion moves a VM to a
different physical host, the Altor VF ensures that its security policy
and active sessions move along with it. Therefore, companies can obtain
the full benefits of Live Migration while maintaining security within
their virtual network.
Pricing and Availability
The Altor VF is available immediately with prices ranging between
$1,500 and $2,000 per server depending on volume. For more information,
visit Altor's website at www.altornetworks.com.