Deploying in a cloud, companies typically rely on multiple virtual hosts running on physical servers. While this creates efficiencies by maximizing data center resources, it also presents security challenges in pinpointing where a specific virtual machine is and remediating against security exposure. With the enhancements to SecureVue, available in version 3.2, eIQnetworks has integrated with VMware-based hypervisors to receive critical information from virtual hosts, which can be used to evaluate IT security.
Going far beyond traditional log-based security information and event management (SIEM) solutions, SecureVue provides a comprehensive view of enterprise security based on managing and correlating data from numerous sources, including Logs, Vulnerabilities, Configuration, Asset, Availability, NetFlow and other security-relevant data from network devices, security devices and servers. Today's announcement adds to SecureVue's ability to identify security threats other solutions cannot even begin to see, extending this breadth to virtual machines within cloud environments.
"Based on the direction of technology and the push for virtualization, MAXIMUS was excited to see the implementation of cloud computing security management capabilities in the new version of SecureVue," said Jamie Giroux, director, OIS Security & Audit, at MAXIMUS. "We are excited to see these features, so that we can incorporate our growing virtualization investment into our Security Incident Management program. Compliance requirements are not restricted to device types and we are ecstatic to be working with a vendor that shares our vision."
The new SecureVue functionality provides visibility into a number of issues that are unique to virtual servers and cloud computing environments:
Identifying virtual machines: SecureVue can now identify virtual machines and provide a picture of which virtual machines are operating on various physical hosts. This identification is necessary to remediate the virtual machines if evidence indicates they are vulnerable to attack or being targeted.
Managing configuration information from virtual machines: SecureVue ensures that virtual machines are configured according to enterprise and/or best practice policies (including those published by the Center for Internet Security), and can create reports on the configuration of virtual machines, in the cloud, in the same manner as for physical machines, a process essential for the consistent reporting required for regulatory compliance. The data from cloud infrastructures can be included in all standard or custom SecureVue dashboards and reports.
Correlating data from virtual machines to identify nefarious activity: SecureVue can identify vulnerabilities or evidence of an attack on virtual machines within the cloud based on a clear understanding of overall network activity. This reduces the threat of newer attacks that might take advantage of "blind spots" created by virtual servers or log-based security solutions.
Scalability to the Cloud One of the key requirements in supporting cloud-based initiatives is scale and flexibility. With an infinite number of deployment models for cloud services and applications, ensuring security of data residing in the cloud is paramount to successful deployments. Featured in SecureVue 3.2, eIQnetworks' unique Six-Tier (T6) architecture and flexible software or hardware-based deployment provides unparalleled global scale allowing for comprehensive management by different teams, in different geographies, without sacrificing enterprise visibility. Designed to scale to a million nodes (network devices or servers) over 6 levels of data collection, SecureVue is the industry's most scalable security management solution.
"As organizations embrace cloud computing, companies are still on the hook to protect that data and ensure compliance with regulations despite not knowing exactly where data and applications may reside," said Vijay Basani, Founder and CEO at eIQnetworks. "With these enhancements to SecureVue, customers receive the same level of visibility across their virtual servers—the fundamental building block of cloud computing—that they receive on their physical servers. With unmatched scalability, SecureVue enables enterprises and government agencies to consistently substantiate security controls, demonstrating compliance and managing security within both traditional and cloud-centric data centers."
Availability SecureVue 3.2, which includes functionality for managing security in the cloud, is immediately available through eIQnetworks global distribution channels.
About eIQnetworks eIQnetworks is redefining security and compliance management by proving "log data is not enough" and fostering collaboration across security, network, data center and audit teams to more quickly isolate the root cause of security issues and ensure compliance mandates are being enforced. Global financial, retail, media, healthcare, manufacturing, and government enterprises rely on eIQnetworks to make sense of formerly disparate data sources to react faster to emerging threats, automate their compliance efforts, and more effectively monitor security policies. Headquartered in Acton, Mass., eIQnetworks is located online at www.eIQnetworks.com and can be reached at +1 877.564.7787.