Perimeter
9/11/2009
02:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Crossbeam Publishes White Paper On Securing Virtualized Data Centers

"The Emergence of Two Clouds" outlines the risks around security virtualization, particularly when it comes to the complexities that arise when trying to manage multiple trust boundaries

BOXBOROUGH, Mass.—September 10, 2009—Crossbeam Systems, Inc., the leading provider of next-generation security platforms for high-performance networks, announced today the availability of a whitepaper titled "The Emergence of Two Clouds." The whitepaper is designed to help IT managers understand the unique challenges of securing virtualized environments and provide insight into a new best practices-based architecture that can greatly simplify management operations, while improving the flexibility and adaptability of the two current options: physical appliances and virtual security appliances. To download a copy of the whitepaper, please visit http://www.crossbeam.com/company/download_registration.php.

"For network security, there are significant consequences to mass deployment of virtualization technology," said Jon Oltsik, principal analyst at Enterprise Strategy Group. "Crossbeam's whitepaper elevates the discussion to help IT staff take advantage of security virtualization—which introduces a host of complex issues related to inter-VM traffic boundaries and VM sprawl. These concepts need to be better understood in order to move security virtualization forward from a great concept to a well-articulated security strategy."

Today, the potential security risks associated with virtualizing data centers are significant, leading many IT managers to stop short of virtualizing everything in the data center. Despite the advancements in virtualization, there is still a fundamental lack of knowledge and best practices that can help IT managers understand the consequences of a fully virtualized infrastructure and, most importantly, avoid the operational pitfalls.

"One of the biggest challenges IT managers face is the complexity of managing trust boundaries between Web, application and database VMs once the physical connections are removed," said Jim Freeze, Crossbeam's chief marketing officer. "Ironically, in an effort to protect between the virtualized layers, they end up replacing appliance sprawl with virtual machine sprawl and opening the door to new levels of risk. As the pressure mounts to virtualize more mission-critical IT infrastructure, the question of whether security virtualization can be done successfully is top of mind. The answer is yes, but not in a traditional IT architecture."

"The Emergence of Two Clouds" whitepaper outlines a third approach that creates a "two cloud" environment between the virtualized applications and the network security infrastructure. This enables companies to maintain trust boundaries and meet performance and reliability requirements, without losing any of the flexibility and adaptability benefits of a virtualized infrastructure.

"Once you have separated security from the application infrastructure, the problems associated with security virtualization are eliminated," added Freeze. "For instance, Crossbeam can centralize control of hundreds of virtualized services such as firewall and IPS and allow IT operations to manage traffic flow dynamically through the appropriate security service depending upon which trust boundary the data is crossing. Deploying these services on the X-Series platform gives IT managers the flexibility they need to scale and provision security services, without experiencing degradation in performance."

Crossbeam's X-Series Next Generation Security Platform enables customers to consolidate their security infrastructure on a scalable, carrier-class platform that virtualizes the delivery of best-of-breed security applications. Large enterprises and service providers use the X-Series to provide unprecedented scalability, flexibility and performance for their security deployments, while driving down costs and energy consumption.

About Crossbeam Crossbeam Systems, Inc. transforms the way enterprises, service providers and government agencies architect and deliver security services. The basis of Crossbeam's solution is its Next Generation Security Platform, a highly scalable software and hardware platform that facilitates the consolidation, virtualization and simplification of security services delivery, while preserving the customers' choice of best-of-breed security applications. Crossbeam offers the only security platform that delivers unparalleled network performance, scalability, adaptability and resiliency. Customers choose Crossbeam to intelligently manage risk, accelerate and maintain compliance, and protect their businesses from evolving threats. Crossbeam is headquartered in Boxborough, Mass., and has offices in Europe, Asia Pacific and Latin America. More information is available at http://www.crossbeam.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.