Defy Convention: When Scan Avoidance Improves Security

VMworld is celebrating its tenth anniversary and the theme this year is Defy Convention. If you are one of the estimated 23,000 IT professionals attending, it’s a great convention. There’s a lot to learn and experience. Be sure to stop by and see McAfee at booth #635. You can find out more about our latest security releases here.

When it comes to security for virtualized environments, McAfee knows a bit about defying convention. We know our customers make their individual choices based on what’s best for themselves and their business. We also know that you have many choices when it comes to virtualization in the data center. McAfee understands that one size does not fit all. That’s why we take different approaches to optimizing security in these implementations.

When customers opt for the more traditional vCenter and vSphere deployments, McAfee continues to leverage and partner with VMware. We’re always looking to get the most from the hypervisor in speed and coverage in order to quickly perform the necessary protections against known malware. Benefits of the McAfee® Data Center Security Suite for Server, agentless option allow for smaller and more agile virtual machine (VM) footprints. It also provides a way to ensure default security is enabled in very dynamic environments. The need and frequency of updates to protect against the growing blacklist of malware continues, but the scanning is offloaded to a dedicated resource allocated on the hypervisor. McAfee Threats Report: Second Quarter 2013 indicates more than 147 million malware samples, a growth of over 14 percent since Q1. Utilizing hypervisor introspection, this continual virus protection process ultimately shields both users and applications from threats.

But not all of our customers have adopted the most recent VMware design. Some haven’t even utilized VMware anywhere across their infrastructure. These customers need security protections that optimize their resources, and traditional antivirus can’t meet this challenge without impacting performance.
Deploying McAfee Data Center Security Suite for Server, multiplatform solution turns the situation on its head. The software uniquely provides protection through the goal of scan avoidance. Scanning is resource intensive as it finds signature matches of malware within the VM. Traditionally deployed antivirus solutions look at the individual system as a closed entity. With virtualization and multiple systems running on a hypervisor or within a clustered virtualized environment, you can take advantage of patterns and the collective infrastructure.

Improving security through scan avoidance doesn’t mean that risks are being taken and malware protection has been throttled down to minimal standards. It just means that instead of scanning occurring within each VM image as every new file is encountered, McAfee Management for Optimized Virtual Environments AntiVirus (McAfee MOVE AntiVirus) and its advanced caching mechanisms streamline the process. With it, the results of one scan triggered by a specific VM request can be shared amongst the other VMs being supported. Scan avoidance is really a proactive action—sharing security intelligence locally through the cache mechanisms for files that have already been assessed. And rest assured, any new file encountered— ones that are not in the current cache entry for the VM—will be fully scanned and assessed.

Learn more about the McAfee Data Center Security Suite for Server and how optimized security for virtualized environments may help protect and grow your organization by following us on Twitter @McAfeeBusiness.

 -Kim Singletary

Leave a Comment

3 × 1 =