Infosec is my current passion (I write and edit this email newsletter for Inside.com) and it has also been one of the touchpoints mentioned at Synergy, so I was anxious to go to the show floor and see what was being demonstrated. One of the booths that was drawing crowds was Bitdefender’s. They have a Hypervisor Introspection product that sits on top of XenServer v7 hypervisors. It is completely agentless, and just runs memory inspections of the hosted VMs. Despite the crowds, I was less enamored of their solution than others that I have reviewed in the past for Network World such as TrendMicro’s and Hytrust. (Note, this review is more than three years old, so take my recommendations with several spoonfuls of your favorite condiment).
Nevertheless, having some protection riding on top of your VMs is essential these days, and you can be sure there were lots of booths scattered around the show floor that claimed to stop WannaCry in its tracks, given the publicity of this recent attack. Whether they actually would have done so is another matter entirely, I am just saying.
Over at the Kaspersky booth, it was nearly empty but they actually have a better mousetrap, and have had their Virtualization Security products for several years. Kaspersky has a wider support of hypervisors (they run on top of VMware and Hyper-V as well as Xen). They offer an agentless solution for VMware that works with the vShield technology, and lightweight agents that run inside each VM for the other hypervisors. While you have to deploy agents, you get more visibility into how the VMs operate. One company not here in Orlando but that I am familiar with in this space is Observable Networks: they don’t need agents because they monitor the network traffic and system logs produced by the hypervisor. So just don’t make a decision based on the agents vs. agentless argument but look closer at what the security tool is monitoring and what kinds of threats can really be prevented. Pricing on Kaspersky starts at $110 per virtual server with a single VM and $39 per virtual desktop that includes 10-14 VMs. Volume discounts apply.
IGEL was another crowded booth. They have developed thin clients in the form of a small-factor USB drive. If you have an Intel-based client with at least 2 GB of RAM and 2 GB of disk storage (such as an old Windows XP desktop or Wyse thin client), you can run a Citrix Receiver client that will basically extend the life of your aging desktop. Centene, a major health IT provider, just placed an order for $2M worth of more than 9,000 of these USB clients, saving themselves millions in upgrades to their old Wyse terminals. I got to see a demo of their management interface at the show. “It looks like Active Directory with a policy-based tool and it is super easy to manage and keep track of thousands of desktops,” according to what their CEO, Jed Ayres, told me during the demo. This is probably why Centene was sold on their solution. Their product starts at $169 per device.
Another booth held an interesting biometric solution called Veridium ID. They have recently been verified as Citrix Ready, but have been around for a couple of years developing their product. I have seen several biometric products, but this one looked very interesting. Basically, for phones that have a fingerprint sensor, they make use of that as the additional authentication factor. If your phone doesn’t have such as sensor, it uses the camera to take a picture of four of your fingers. It works with any SAML ID provider and at their booth they showed me a demo of it working with an ordinary website and with a Xen-powered solution. Their product starts at $25 per user, which is about half of what the traditional multi-factor vendors are selling their hardware or smart tokens for.