TNP Blog

The next big thing in endpoint security

Written by The Network Pro | Sep 26, 2016 8:00:01 PM

As virtualization becomes a household name for small- and medium-sized business owners, more and more services are being introduced. Hardware virtualization, storage virtualization, and even network virtualization all aim to capitalize on the trend of creating virtual versions of physical technology. With VMware’s most recent announcement, we may soon be able to add virtualized endpoint security to the list. What exactly does it look like? Let’s find out.

A virtual network is a way to connect two or more devices that aren’t physically linked by wires or cables. From the perspective of machines on a virtual network, they’re essentially sitting in the same room -- even if they’re on opposite sides of the globe. The advantages of this setup range from ease of management to reduced hardware costs. AT&T and Verizon have begun offering these services, and small- and medium-sized businesses have slowly begun to adopt them.

Meanwhile, another sector of the IT world has been making its own advances. Cutting-edge hardware firewalls are beginning to offer internal segmentation as a method of separating pieces of your internal network to keep them safe from threats that spread internally. The more segments you have, the safer your network is from poorly protected neighbors. But there are limits to how much capacity one of these hardware firewalls has for segmentation.

Virtualization giant VMware has taken notice and developed a prototype to combine these two services. In the hopes of unleashing ‘microsegmentation’ from the limits of physical hardware, Project Goldilocks will essentially create a virtual firewall for every virtualized application. When one of these applications is created or installed, it will come with a ‘birth certificate’ outlining every acceptable function it can perform. When making requests to the operating system, network, or hardware the application is installed on, Goldilocks will cross-reference the request with the birth certificate and deny anything that hasn’t been given permission.

Segmenting virtual networks and applying them to individual applications rather than entire networks or operating systems could revolutionize the market for endpoint security. Not only would it be easier to block malware infections, but those that made it through could be quarantined and terminated immediately because of the virtual nature of their location.

While virtualization may be a complicated state-of-the-art technology, all it really takes is a helping hand. With our full team of specialists, we’re ready to pull you into the next stage of your virtualized infrastructure. All you need to do is reach out us -- why not do it today?

Published with permission from TechAdvisory.org. Source.