Finding Endpoint Security Software for Your Virtual Environment

Document Sample
Finding Endpoint Security Software  for Your Virtual Environment Powered By Docstoc
					     Finding Endpoint Security Software
        for Your Virtual Environment

                                                                                   Tech Brief

an Tech Brief. © 2011,, a division of QuinStreet, Inc.
                                               Finding Endpoint Security Software for Your Virtual Environment

  IT departments are embracing
  virtualization for its ability to save
  time and money across their IT
  environments. What often started
  out in the data center with server
  virtualization projects that increased
  server utilization rates, lowered
  power and cooling costs and reduced
  the amount of facilities space
  needed to house physical servers
  is now spreading throughout the IT

  In addition to servers, many
  businesses are beginning to pay some
  attention to desktop virtualization,           employees can get to the applications    are used differently than physical
  which existed mostly in niche                  and data they need from any location.    machines. A developer or Quality
  applications for years. Vendors like                                                    Assurance tester that deploys a
  Citrix, VMware and Microsoft, which            A lot of businesses use virtual          virtual machine to test a new piece
  made desktop virtualization front and          desktops for technology workers          of software probably doesn’t think
  center when discussing Windows 7               and administrators that just need        about the security of that endpoint
  deployments, are also aiding the push.         a terminal. Virtual servers and          the way he or she does with a physical
                                                 virtual desktops are also popular in     endpoint. The virtual machine will be
  There is a compelling case to be               development environments and so-         discarded or left dormant when the
  made for moving to virtual desktop             called “sandboxes” because a virtual     task at hand is complete, which can
  infrastructure (VDI). The immediate            machine can easily be set up to create   often be days, weeks or even months.
  value of VDI comes from the ability to         and test software and then discarded     In the meantime, that endpoint is still
  get more out of the existing machines.         when they are no longer needed.          connected to the network, and it’s still
  It’s easy for IT departments to scale up                                                an entry and exit point for all of the
  and down with VDI. It helps save on            This “disposability” — when              same types of malware that can pose
  energy costs as well.                          combined with the fact that some         problems for physical machines. This
                                                 virtual endpoints are not disposed       means that an infection can spread to
  Virtual servers and desktops are               of but just forgotten — often leads      other endpoints — both physical and
  sometimes known collectively as                virtual endpoints to be one of the       virtual on the network.
  virtual endpoints. Virtual endpoints           most overlooked vulnerabilities when
  make it easier for IT departments              it comes to network security.            The perception that virtualization
  to provide redundancy without                                                           makes computing safer and more
  spending more on hardware. Virtual             Securing the Virtual Endpoints in        secure when compared to physical
  images simplify disaster recovery, and         Your Organization                        machines is simply untrue. But
  because a virtual machine (VM) can be                                                   virtualization presents its own unique
  accessed from anywhere, it’s a good            Security is often an afterthought        challenges to endpoint security. By
  way for IT departments to ensure               for virtual endpoints because they       adopting virtualization, IT is trying to Tech Brief. © 2011,, a division of QuinStreet, Inc.                                                        1
                                               Finding Endpoint Security Software for Your Virtual Environment

  squeeze the most VM instances that
  it can out of a physical endpoint. The
  light computational requirements
                                                  “ESET NOD32 Anti-virus Business
  mean that 100 workers may work on
  a single server, pushing the machine
                                                    Edition works the same whether
  to its limit —anti-virus products that
  are resource heavy will only make the           it is installed on virtual or physical
  situation worse.

  As is often the case in IT circles, some
  vendors are quick to jump on the
  buzzword bandwagon with endpoint               to performance since virtualization       malware variants before they can
  security products they claim are               aims to maximize utilization of the       spread among endpoints. This is
  designed for virtual environments.             underlying physical server, leaving       important because today’s cybercrime
  And while these products will often            little tolerance for resource-intensive   techniques are too advanced to be
  mention interesting deployment                 anti-virus applications.                  detected solely by the traditional
  architectures and scalability in an                                                      reactive approach of signature-based
  effort to sell security software, they         How ESET Can Help                         antimalware. ESET NOD32 Anti-virus
  won’t often discuss the fundamentals                                                     Business Edition combines generic
  of endpoint security, like detection           ESET NOD32 Anti-virus Business            signatures with strong heuristic
  rates and low false positives.                 Edition works the same whether            technology to stop attacks from
                                                 it is installed on virtual or physical    both known and unknown variants of
  Investing in security products                 endpoints. It is lightweight, requiring   malware. ESET’s heuristics is turned
  that claim to specialize in virtual            less memory and CPU power and             on by default while many other anti-
  environments also means more time              allowing the endpoints to run fast.       virus products ship with heuristic
  and money will be devoted to the               ESET’s endpoint security product also     functionality turned off, which likely
  operational overhead of training,              uses the same management console          means either its ability to detect new
  deployment and management                      for physical and virtual installations.   threats is questionable, prone to
  of these solutions. Wouldn’t it                Many businesses make the move to          generate false positives or it causes
  be nice to deploy a solution that              virtualization over time, which means     the endpoint’s performance to suffer
  seamlessly works well across all your          hybrid environments where physical        significantly.
  environments?                                  and virtual endpoints live side by side
                                                 are common. An anti-virus solution        As mentioned earlier, the ideal for
  The bottom line for IT managers that           that works across physical and virtual    an anti-virus solution is to have the
  need to secure their virtual servers           environments is crucial and reduces       highest possible detection rate with
  and virtual desktops is that they need         operational costs by eliminating the      a low false-positive rate and minimal
  to pay attention to the same things            need to buy, install and maintain         impact on CPU usage. This is a tricky
  they would when choosing endpoint              multiple products.                        balancing act that ESET does better
  security for physical environments.                                                      than other vendors. Some anti-virus
  They need the right balance of speed,          Proactive threat detection is at the      software increases the detection rate
  detection and a low false-positive             heart of ESET NOD32 Anti-virus            while introducing a high false-positive
  rate. Special attention should be paid         Business Edition. It detects new          rate, which means more work for Tech Brief. © 2011,, a division of QuinStreet, Inc.                                                        2
                                               Finding Endpoint Security Software for Your Virtual Environment

  administrators and a poor experience
  for end users. When a solution detects
  threats accurately and with low impact
  to the system, end users are protected
  without sacrificing productivity.

  ESET NOD32 Antivirus Business
  Edition uses more efficient updates,
  keeping the files small and delivering
  on average two to three updates
  a day, instead of sapping network
  bandwidth with constant signature

  ESET’s Remote Administrator can
  manage multiple platform protection
  from a single console. It allows
  administrators to easily manage
  licenses, update and configure clients,
  as well as monitor and report the              virus solutions don’t uninstall cleanly,
  security statuses of endpoints, whether        ESET’s service will evaluate company’s
  they are running in virtual or physical        current deployment and customize
  environment.                                   scripts to remove one or more anti-
                                                 virus solutions from their endpoints.
  Administrators can save time by taking         The uninstall scripts run transparent
  advantage of parametric groups in              to end users, and in many cases
  ESET’s Remote Administrator. They              there is no need to restart PCs to go
  simply set specific conditions they            from one anti-virus product to ESET
  are interested in and the product              NOD32 Antivirus, preventing a gap in
  dynamically creates a group to                 coverage and disruption to end users.
  pinpoint endpoints that require
  attention. Active Directory integration        ESET NOD32 Antivirus Business
  also saves time by eliminating manual          Edition, which is available for
  coordination, especially for large             Windows, Linux and Mac OS X, is
  organizations that have a number of            highly regarded in the industry and
  different policies for different roles or      has racked up a number of positive
  that have high employee turnover.              reviews. PassMark Software gave ESET
                                                 NOD32 Antivirus Business Edition an
  ESET also offers a “Rip and Replace”           overall rating of good/exceptional,
  service to help new customers remove           with exceptional ratings for client and
  old anti-virus programs and get                policy management, common use
  started with ESET. Since many anti-            cases and effectiveness. Tech Brief. © 2011,, a division of QuinStreet, Inc.                                    3

Shared By: