Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/28/2012
09:54 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec And VMware Partner To Deliver Extensive Protection For Virtual And Cloud Environments

Companies announce five new security integrations with the VMware cloud infrastructure suite

Click here for more articles.

SAN FRANCISCO, CA, Feb 28, 2012 (MARKETWIRE via COMTEX) -- RSA Conference 2012 - Symantec Corp. SYMC -0.11% and VMware VMW -0.18% today announced five new security integrations with the VMware cloud infrastructure suite, designed to deliver extensive protection for virtual and cloud environments along with operational cost savings. With new VMware integrations, Symantec enables joint customers to protect their virtual infrastructure and business-critical applications with data loss prevention, IT risk and compliance, data center protection, security information and event management (SIEM) and endpoint protection solutions -- delivering stronger security, scalability and cost reductions for rapid services delivery and enhanced business agility for the cloud.

Click to Tweet: Symantec and VMware Partner to Deliver Extensive Protection for Virtual Environments. http://bit.ly/yQ6dxH

"Companies today face an increasingly toxic threat landscape. True information protection is more than antivirus. With our new VMware integrations, we're enabling customers to proactively protect their information whether it's in a physical or virtual environment," said Francis deSouza, group president, enterprise products and services, Symantec. "Together, Symantec and VMware are taking protection to the next level to give companies confidence to fully embrace virtualization and realize the cost savings and efficiency it brings."

"The unique security concerns of the cloud extend well beyond malware protection," said Raghu Raghuram, senior vice president and general manager, Cloud Infrastructure and Management, VMware. "The integration of Symantec products with the VMware cloud infrastructure suite will offer fundamentally new security capabilities to accelerate the ability of customers to quickly and safely realize the benefits of cloud computing."

Symantec and VMware will continue to collaborate to ensure customers have both the security and compliance controls necessary for cloud deployments, both on- and off-premises. In addition to integration between Symantec endpoint security offerings with VMware vShield(TM) Endpoint expected to be available later in 2012, Symantec is introducing five new integrations with the VMware cloud infrastructure suite:

Orchestrated Data Loss Prevention Symantec Data Loss Prevention, available now, addresses the growing challenge organizations face in finding and protecting their intellectual property wherever it resides. Integration with VMware vShield App enables Symantec customers to more easily find and locate their most valuable information across their virtual environments. Symantec Data Loss Prevention makes it easier for customers to identify and remediate potential data loss in their virtual environments by automatically separating virtual machines that contain sensitive information from those that do not.

Reduced Compliance Deficiencies Across Converged Infrastructure

Symantec Control Compliance Suite, available now, uses centralized vulnerability and control assessments to provide seamless discovery of unknown or unauthorized virtual machines to reduce security risk in the physical and virtual infrastructure. Leveraging VMware-published security standards, Control Compliance Suite is also able to assess virtual settings to identify areas of risk and help prioritize remediation efforts. This helps prevent application failure or data corruption on virtual machines, while facilitating compliance with mandates such as PCI or HIPAA. In addition, Control Compliance Suite can ensure that the VMware process guidelines are being followed with procedural questionnaires while automatically reporting on configuration changes, patch levels and critical policy violations on VMware vSphere(R).

Protect Virtual Data Centers Against Advanced Threats Symantec Critical System Protection currently protects ESX(R) guest and hypervisors with granular, policy-based controls. Symantec plans to add support for VMware vSphere 5 in Spring 2012, leveraging out-of-the-box VMware-prescribed server security policies for ESXi and VMware vCenter(TM) that will enable organizations to identify server compliance violations and suspicious activity in real-time, limit administrative control, restrict network communications and prevent file and configuration tampering of the virtual infrastructure. Because Symantec Critical System Protection is a non-signature, policy-based technology it also allows organizations to stop unauthorized services from running on servers and protect against zero-day attacks, without impacting system performance.

Integrated Threat Intelligence Symantec Security Information Manager (SSIM), available in Summer 2012, will enable organizations to seamlessly identify and respond to security threats that impact business critical applications across both their physical and virtual infrastructures. Through integration with the VMware vShield log management collector, SSIM will correlate virtual machine activity with events from the physical environment as well as the Symantec's global intelligence network to give a holistic view of an organization's security posture. Customers will be able to perform malicious activity assessments for their entire environment -- physical and virtual -- gaining immediate insight into malicious activity and threats inside their virtual infrastructure.

Symantec's Managed Security Service (MSS) will also offer a VMware vShield log management collector to allow customers who prefer a cloud-based service delivery model to benefit from a seamless view of security threats across both their physical and virtual environments. The addition of the vShield log management collector to already broad array of devices and applications MSS monitors, will further extend MSS edge-to-endpoint visibility and when combined with global threat intelligence and 7x24 access to GIAC-certified Security Analysts will allow organizations to reduce exposure to threats and business disruption. The vShield log management collector is expected to be available in Summer 2012.

Optimized Endpoint Protection for High-density Virtual Environments

Symantec plans to leverage VMware vShield Endpoint with its endpoint security offerings to maximize performance in Virtual Desktop Infrastructure (VDI) and virtual server environments without sacrificing powerful security. Available in the second half of 2012, these solutions will offload critical security analysis from protected virtual machines to a dedicated security virtual appliance resulting in optimized scan performance, reduced resource utilization, and increased management visibility. Built upon Symantec Insight, these solutions will provide fast and effective endpoint security for VMware environments, offering unique protection against modern polymorphic malware, zero-day attacks and rootkits.

For More Information

-- Blog: Orchestration and Automation Enable Security in the Virtual Data Center -- SlideShare: Symantec and VMware Partner to Deliver Extensive Protection for Virtual and Cloud Environments -- Symantec Data Loss Prevention -- Symantec Control Compliance Suite -- Symantec Critical System Protection -- Symantec Security Information Manager -- Symantec's Managed Security Service -- Symantec Insight -- VMware Security and Compliance microsite -- VMware vShield

Connect with Symantec

-- Follow Symantec on Twitter -- Join Symantec on Facebook -- View Symantec's SlideShare Channel -- Subscribe to Symantec News RSS Feed -- Visit Symantec Connect Business Community

Connect with VMware

-- @VMware on Twitter -- Join VMware on Facebook

About Business Solutions from Symantec Symantec helps organizations secure and manage their information-driven world with endpoint security, messaging security.

About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com .

About VMware VMware is the leader in virtualization and cloud infrastructure solutions that enable businesses to thrive in the Cloud Era. Customers rely on VMware to help them transform the way they build, deliver and consume Information Technology resources in a manner that is evolutionary and based on their specific needs. With 2011 revenues of $3.77 billion, VMware has more than 350,000 customers and 50,000 partners. The company is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com .

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "SpearPhish! Everyone out of the office!"
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10100
PUBLISHED: 2019-07-17
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.
CVE-2019-12175
PUBLISHED: 2019-07-17
In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled.
CVE-2019-12475
PUBLISHED: 2019-07-17
In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation.
CVE-2019-13346
PUBLISHED: 2019-07-17
In MyT 1.5.1, the User[username] parameter has XSS.
CVE-2019-13403
PUBLISHED: 2019-07-17
Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.