Establishing Digital Trust: Don't Sacrifice Security for Convenience
As enterprises move to virtual servers, there is a corresponding need and demand for virtual machine (VM) security. To help meet that need, Juniper Networks (NYSE:JNPR) this week announced a new virtual security solution called the vGW Virtual Gateway.
The vGW builds on technology that Juniper gained when it acquired Altor Networks for $95 million in December. The vGW expands on the Altor technology and now integrates with the Juniper's SRX security gateway to provide security policy, management and enforcement across both virtual and physical infrastructure.
"The vGW is software that sits on the server and then communicates with the SRX," Peter Lunk, director of product marketing, Security Business Unit at Juniper Networks told InternetNews.com. "The SRX sends security zone information to the vGW which then puts virtual machines into secure zones."
Lunk added that the vGW helps to create a communications path between virtual and physical security. The initial vGW release is specifically targeted at VMware environments though Lunk did not rule the future possibility of Juniper enabling Citrix' Xen technology or Microsoft's Hyper-V.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The idea of VM security is not a new one and is already being offered by multiple vendors including Sourcefire, IBM and VMware. VMware's vShield helps to provide firewall type zone capabilities for virtual machines. Lunk noted that Juniper is a VMware partner and does not see the vGW solution as being overlap. Rather in Lunk's view, the vGW provides an additional layer of depth and scalability for virtual security.
The ability to send security information from the SRX to the vGW is something that Lunk said was now being built into the SRX's Junos operating system. Junos is also the same core system sitting in Juniper's EX switches and MX routers. That said, Lunk was unclear about whether or not security zone information for VMs would extend to other components of Juniper's networking portfolio.
"That's an interesting direction that we could take, but it's not something that we're announcing today," Lunk said.
While virtualization can sometimes be a challenge for application performance, Lunk also noted that the vGW has a negligible impact on a virtual server's performance.
"By building this into the hypervisor. we're able to see some performance improvements," Lunk said. "I think what has held back virtual security is people are doing virtualization to improve utilization, but if you then have to turn on compute intensive security that defeats the purpose."
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.