Symantec Corp. and VMware today announced five new
security integrations with the VMware cloud infrastructure suite, designed to
deliver extensive protection for virtual and cloud environments along with
operational cost savings. With new VMware integrations, Symantec enables joint
customers to protect their virtual infrastructure and business-critical
applications with data loss prevention, IT risk and compliance, data center
protection, security information and event management (SIEM) and endpoint
protection solutions – delivering stronger security, scalability and cost
reductions for rapid services delivery and enhanced business agility for the
cloud.
“Companies today face an increasingly toxic threat landscape. True
information protection is more than antivirus. With our new VMware integrations,
we're enabling customers to proactively protect their information whether it's
in a physical or virtual environment,” said Francis deSouza, group president,
enterprise products and services, Symantec. “Together, Symantec and VMware are
taking protection to the next level to give companies confidence to fully
embrace virtualization and realize the cost savings and efficiency it
brings.”
“The unique security concerns of the cloud extend well beyond malware
protection,” said Raghu Raghuram, senior vice president and general manager,
Cloud Infrastructure and Management, VMware. “The integration of Symantec
products with the VMware cloud infrastructure suite will offer fundamentally new
security capabilities to accelerate the ability of customers to quickly and
safely realize the benefits of cloud computing.”
Symantec and VMware will continue to collaborate to ensure customers have
both the security and compliance controls necessary for cloud deployments, both
on- and off-premises. In addition to integration between Symantec endpoint
security offerings with VMware vShield Endpoint expected to be available later
in 2012, Symantec is introducing five new integrations with the VMware cloud
infrastructure suite:
Orchestrated Data Loss Prevention
Symantec Data Loss Prevention, available
now, addresses the growing challenge organizations face in finding and
protecting their intellectual property wherever it resides. Integration with
VMware vShield App enables Symantec customers to more easily find and locate
their most valuable information across their virtual environments., Symantec
Data Loss Prevention makes it easier for customers to identify and remediate
potential data loss in their virtual environments by automatically separating
virtual machines that contain sensitive information from those that do
not.
Reduced Compliance Deficiencies Across Converged Infrastructure
Symantec Control Compliance Suite,
available now, uses centralized vulnerability and control assessments to provide
seamless discovery of unknown or unauthorized virtual machines to reduce
security risk in the physical and virtual infrastructure. Leveraging
VMware-published security standards, Control Compliance Suite is also able to
assess virtual settings to identify areas of risk and help prioritize
remediation efforts. This helps prevent application failure or data corruption
on virtual machines, while facilitating compliance with mandates such as PCI or
HIPAA. In addition, Control Compliance Suite can ensure that the VMware process
guidelines are being followed with procedural questionnaires while automatically
reporting on configuration changes, patch levels and critical policy violations
on VMware vSphere.
Protect Virtual Data Centers Against Advanced Threats
Symantec Critical System Protection
currently protects ESX® guest and hypervisors with granular, policy-based
controls. Symantec plans to add support for VMware vSphere 5 in Spring 2012,
leveraging out-of-the-box VMware-prescribed server security policies for ESXi
and VMware vCenter™ that will enable organizations to identify server compliance
violations and suspicious activity in real-time, limit administrative control,
restrict network communications and prevent file and configuration tampering of
the virtual infrastructure. Because Symantec Critical System Protection is a
non-signature, policy-based technology it also allows organizations to stop
unauthorized services from running on servers and protect against zero-day
attacks, without impacting system performance.
Integrated Threat Intelligence
Symantec Security Information Manager
(SSIM), available in Summer 2012, will enable organizations to seamlessly
identify and respond to security threats that impact business critical
applications across both their physical and virtual infrastructures. Through
integration with the VMware vShield log management collector, SSIM will
correlate virtual machine activity with events from the physical environment as
well as the Symantec's global intelligence network to give a holistic view of an
organization's security posture. Customers will be able to perform malicious
activity assessments for their entire environment—physical and virtual— gaining
immediate insight into malicious activity and threats inside their virtual
infrastructure.
Symantec's Managed Security Service (MSS)
will also offer a VMware vShield log management collector to allow customers who
prefer a cloud-based service delivery model to benefit from a seamless view of
security threats across both their physical and virtual environments. The
addition of the vShield log management collector to already broad array of
devices and applications MSS monitors, will further extend MSS edge-to-endpoint
visibility and when combined with global threat intelligence and 7x24 access to
GIAC-certified Security Analysts will allow organizations to reduce exposure to
threats and business disruption. The vShield log management collector is
expected to be available in Summer 2012.
Optimized Endpoint Protection for High-density Virtual
Environments
Symantec plans to leverage VMware vShield Endpoint with its endpoint security
offerings to maximize performance in Virtual Desktop Infrastructure (VDI) and
virtual server environments without sacrificing powerful security. Available in
the second half of 2012, these solutions will offload critical security analysis
from protected virtual machines to a dedicated security virtual appliance
resulting in optimized scan performance, reduced resource utilization, and
increased management visibility. Built upon Symantec Insight, these solutions
will provide fast and effective endpoint security for VMware environments,
offering unique protection against modern polymorphic malware, zero-day attacks
and rootkits.