Article

Startup firewalls inter-virtual machine traffic on VMware ESX

Alex Barrett
Redwood City, Calif.-based startup Altor Networks has announced what it describes as the first "purpose built" virtual firewall, Altor VF, for securing network traffic between virtual machines (VMs) on a VMware

    Requires Free Membership to View

ESX host. With its new offering, Altor Networks strives to address some of the persistent security concerns for VMs, and particularly for migrated virtual machines that become vulnerable to security breaches when they are moved to a new virtualization host.

For more on migrating virtual machines:
With Live Migration, Microsoft Hyper-V inches closer to VMware ESX

AMD pushes VMware et al. to broaden live migration

VMware users long for live data migration

In traditional virtual environments, VMs connect to a virtual switch resident on a host, and any traffic between them is unprotected by network-based firewalls. "Anytime [a VM] makes it onto the physical network, you at least have a chance [of securing its traffic]," said Amir Ben-Efraim, Altor Networks' CEO; otherwise, you don't.

Altor Networks says the competition hasn't addressed security for 'nonstatic environments.'
,

Recently, competitive firewall technologies like CheckPoint VPN-1 have been retrofitted to enforce inter-VM network traffic, but only to a point. "They don't address environments with nonstatic perimeters," Ben-Efraim said, namely virtual machines that have been migrated between hosts using VMware VMotion. Further, those tools are complex to install and don't integrate well with third-party security tools, he claimed.

By contrast, Altor VF not only secures inter-VM communication, but in cases where a VM is migrated with VMotion, "carries the VM's security policy to the new server and active connections along with it." Altor VF can also define per-VM security policies and integrates with VMware VirtualCenter, he said. Altor VF is available immediately and is priced between $1,500 and $2,000 per ESX host regardless of the number of VMs.

In addition, Altor VF is being integrated with an intrusion detection and prevention system from Juniper Networks, security information and event management software from ArcSight, and network behavior analysis from Mazu Networks.

Let us know what you think about the story; email Alex Barrett, News Director. And check out our Server Virtualization blog.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: