Because of the open nature of a universitys IT environment, the perimeter gets bombarded from all sides, and we are constantly asked to do more with very little resources, said Ralph Michaelis, CIO at Carleton University. We turned to Third Brigade for our physical and virtual server protection and are now looking to the cloud to increase IT efficiencies, while maintaining the same level of security.
In this latest release, Third Brigade adds three significant product enhancements to complement the existing Deep Security host intrusion prevention system (IDS/IPS) and ICSA-certified firewall. First, seamless integration with VMware vCenter provides simplified deployment and increased visibility into an organizations VMware environment. Second, Deep Security 6 now includes two new product modules, integrity monitoring and log inspection, that further support PCI compliance initiatives and detect malicious behavior targeting virtual machines and physical servers. The new integrity monitoring module alerts on critical operating system and application changes that could signal attacks, while the new log inspection module is built using the multiplatform log monitoring capabilities of the OSSEC open source host intrusion detection project. Finally, all Deep Security product modules IDS/IPS, firewall, integrity monitoring and log inspection can now be purchased individually or in combination, and then deployed and managed via the powerful, centralized Deep Security management system.
Our public and private sector customers run datacenters that combine thousands of physical and virtual servers in dynamic, multiplatform environments. And now, many are looking to extend these resources to cloud computing, said Wael Mohamed, president and chief executive officer at Third Brigade. They turn to us because as server security experts we deliver comprehensive protection that enables greater operational efficiency and helps achieve cost savings. I am often told that we are also more responsive to our customers requirements than other vendors, which is crucial when business continuity and corporate reputation are on the line.
Deep Security 6 allows both virtual machines and physical servers to become self-defending. In many ways, managing the security of virtual machines is the same as for their physical counterparts, except when it comes to understanding the state of the system. Having visibility into whether a virtual machine is 'paused or offline has significant impact on the ability to deploy and manage protection of the virtual infrastructure. Seamless integration with VMware vCenter enables this visibility.
Enterprises oftentimes find themselves deploying several small physical VMware ESX clusters in order to meet security zoning requirements, said Burton Group senior analyst and virtualization expert Chris Wolf. Host-based security deployed to VM guest operating systems can allow organizations to move enterprise security to the virtual infrastructure, which may allow them to realize higher consolidation densities and more efficient utilization of shared infrastructure.
In cloud computing environments, network-based IDS/IPS no longer offers protection for virtual machines residing outside the enterprise perimeter. Deep Security 6 enables perimeter-like defenses to be applied directly to mobile, virtual machines. Combining these defenses with the integrity monitoring and log inspection capabilities in Deep Security 6 renders virtual machines cloud-ready and enables organizations to confidently deploy them in public cloud computing environments.
The VMware vCloud Initiative enables customers to combine the benefits of cloud computing with the business agility, service availability, and cost reduction benefits of the industry-leading VMware platform. A key component of vCloud is security for the cloud, said Wendy Perilli, director of product marketing at VMware. Whether businesses want to expand their IT infrastructures into internal clouds or leverage off-premise compute clouds, combining the VMware platform with partner security solutions like those from Third Brigade helps to provide them the flexibility and confidence to deliver business-critical applications when and where they want, while increasing IT security.
Deep Security 6 is available today through Third Brigade and its distributors. Software list price for 500 servers ranges from $150/server for single module protection, to $600/server for comprehensive protection, with all modules. Pricing for unlimited virtual machines per VMware ESX host is also available.
The software modules include: Integrity Monitoring, Log Inspection, Deep Packet Inspection and Firewall. The Deep Packet Inspection module enables IDS / IPS, web application protection and application control. All modules are available across Microsoft Windows, Solaris, Red Hat and SUSE server platforms and work with VMware, Citrix and Microsoft virtualization platforms. This software solution also protects these servers and applications when deployed in cloud computing environments like Amazon EC2, GoGrid and more.
For more information, please download the whitepaper at: http://resources.thirdbrigade.com/productwp/
About Third Brigade Third Brigade (www.thirdbrigade.com) specializes in server and application protection for dynamic datacenters. Our advanced software and vulnerability response service allows virtual machines and physical servers to become self-defending; safe from the latest online threats. This comprehensive, proven protection helps customers prevent data breaches and business disruptions. It enables compliance, supports operational cost reductions and addresses the dynamic nature of datacenters, including virtualization and consolidation, new service delivery models, or cloud computing. Third Brigade also owns and maintains OSSEC, the Open Source Host Intrusion Detection Project actively used in 50 countries around the world. Third Brigade. Thats control.
Note: Third Brigade, Deep Security Solutions, and the Third Brigade logo are trademarks of Third Brigade, Inc. and may be registered in certain jurisdictions. All other company and product names are trademarks or registered trademarks of their respective owners.