Catbird and McAfee address security in the new datacenter

With VMworld 2009 coming up in less than two weeks in San Francisco, I am reminded of VMworld 2007, when a security company called Catbird introduced 10,000 attendees to a visual representation of why you don’t want to run naked in your environment.  The company claimed “you can’t protect what you can’t detect,” and while I completely agree with that statement, I can also remember thinking to myself at the time, “I can’t eat my environmentally friendly lunch with IT people running around in naked costumes.”  But I digress.

While fake, naked IT people might not be the thing you want to remember about Catbird, you definitely want to remember the reason behind the imagery.  Whether physical or virtual, your environment needs to be protected, and you should be aware of security and compliance implications within your architecture.  Virtual machines are dynamic in nature and introduce a concept of mobility that brings about new risks which previously weren’t addressed by traditional security planning.  And in 2008 Catbird introduced what it believed was an answer to this problem: V-Security.

[ VMware, Xen, and Hyper-V virtualization environments can add additional security concerns.  So what should you be thinking about? | Track the latest trends in virtualization in InfoWorld’s newsletter. ]

Catbird V-Security 2.0 delivers asset protection for virtual datacenters with network security and policy management.  Its security is built around things like intrusion detection and prevention systems, vulnerability scans, network access control, and hypervisor/virtual machine state.  And the company’s TrustZones track virtual machines across clusters and hosts in a proactive manner by detecting and stopping potential security and policy violations before they escalate.

One year after launching V-Security 2.0, and going into VMworld 2009, Catbird is ready to announce that V-Security 2.0 is McAfee compatible and interoperable with McAfee ePolicy Orchestrator (ePO) software.  This new partnership will offer mutual customers comprehensive visibility and a unified view of both the physical and virtual security status in the datacenter.

“The most pragmatic way to ensure that you have end-to-end security and compliance is to do defense in-depth on the network and defense in-depth on the endpoint, in a united fashion,” said Michael Berman, CTO of Catbird.  “Until this partnership, that was not available.  Together, joint Catbird and McAfee partners can make sure they stay compliant with third-party regulations, with their own internal policies, and be more secure than they were with traditional datacenters.”

The combination of Catbird V-Security and McAfee ePO software also provides the ability to apply a consistent security policy across organizations, as well as help identify and close any security, policy, or compliance gaps between physical and virtual deployments.

Both of these companies are charter members of VMware’s VMsafe security initiative and each has a strong history within the security industry — one physical and the other virtual.  So a collaborative effort between the two should prove to be quite interesting.  Security in the virtual world is sometimes overlooked or forgotten, but I somehow doubt McAfee and Catbird will allow that to happen for much longer.