eIQnetworks announced new features within its SecureVue security and compliance management platform solution that identify security concerns within virtualized cloud infrastructures.
Deploying in a cloud, companies typically rely on multiple virtual hosts running on physical servers. While this creates efficiencies by maximizing data center resources, it also presents security challenges in pinpointing where a specific virtual machine is and remediating against security exposure. With the enhancements to SecureVue, available in version 3.2, eIQnetworks has integrated with VMware-based hypervisors to receive critical information from virtual hosts, which can be used to evaluate IT security.
SecureVue provides a comprehensive view of enterprise security based on managing and correlating data from numerous sources, including Logs, Vulnerabilities, Configuration, Asset, Availability, NetFlow and other security-relevant data from network devices, security devices and servers.
The new functionality provides visibility into a number of issues that are unique to virtual servers and cloud computing environments:
- Identifying virtual machines: SecureVue can now identify virtual machines and provide a picture of which virtual machines are operating on various physical hosts. This identification is necessary to remediate the virtual machines if evidence indicates they are vulnerable to attack or being targeted
- Managing configuration information from virtual machines: it ensures that virtual machines are configured according to enterprise and/or best practice policies (including those published by the Center for Internet Security), and can create reports on the configuration of virtual machines, in the cloud, in the same manner as for physical machines, a process essential for the consistent reporting required for regulatory compliance. The data from cloud infrastructures can be included in all standard or custom SecureVue dashboards and reports.
- Correlating data from virtual machines to identify nefarious activity: SecureVue can identify vulnerabilities or evidence of an attack on virtual machines within the cloud based on a clear understanding of overall network activity. This reduces the threat of newer attacks that might take advantage of “blind spots” created by virtual servers or log-based security solutions.