Trend Micro offers VDI-optimized security solution

If you close your eyes real tight and listen closely, you might be able to hear the sounds of the virtual desktop infrastructure (VDI) drum beating in the distance. The VDI chants and music are growing louder, and the message is resonating with more and more people.

According to a recent study by the Enterprise Strategy Group, 60 percent of enterprises have a desktop virtualization strategy, and 45 percent of them will have virtualized 50 percent of their desktops within the next three years.

[ Also on InfoWorld: Citrix is helping to develop a powerful new open source virtual switch that will allow security virtual appliances to gain access to network traffic | And Citrix offers an open security solution across multiple hypervisors to challenge VMware VMsafe ]

So what’s holding VDI back? What’s keeping administrators from actually achieving the VDI nirvana that virtualization vendors have been promising and preaching?

A few things: Security concerns, performance issues, and user acceptance are all valid concerns. Many enterprises have been dabbling in VDI for a quite some time now, running small proof-of-concept (POC) implementations in order to test things out before jumping into a production virtual desktop environment with both feet. The promised benefits of VDI are extremely alluring. But what most of these organizations find out during their POC is that VDI environments are quite different from physical environments, and when it comes to security, they need specific defenses for each.

The same old, conventional antivirus solutions used within physical desktops to keep the corporate network safe simply do not work in a VDI environment. Conventional security scans can quickly overpower the resources on a single system. Think about it. When an office full of workers first come in to start their morning duties and everyone powers up and signs into their desktop sessions around the same time, the security software on those VDI images will simultaneously reach out across the network for new security updates. And when these same virtual desktops all kick off an antivirus scan at the same time, the system is brought to its knees. This surge in resource consumption is known as “AV storming,” and it directly effects the end-user experience of either the server or the desktop.

Last month, during the Citrix Synergy 2010 conference in San Francisco, McAfee and Citrix made a major announcement around a strategic partnership and collaboration effort with a goal of making virtual desktop security simpler and more scalable for large enterprise deployments. McAfee said it was developing a platform and API that would provide a framework to accelerate and address the specific needs of security for virtualized environments; specifically, McAfee would deliver new security solutions for Citrix XenDesktop, XenClient, and XenServer.

But McAfee isn’t alone on this quest to solve the security challenges of a VDI environment.

This month, Trend Micro announced it is broadening its own virtualization security portfolio to enable enterprises to fully leverage the benefits of their desktop infrastructures. The company announced OfficeScan 10.5, a hypervisor-agnostic security solution for protecting physical and virtual desktops both on and off the corporate network. OfficeScan 10.5 integrates with both Citrix XenDesktop and VMware View, and is optimized for desktop virtualization. Key features include:

• Automatically recognizes whether an agent is on a physical or virtual endpoint to better target protection — conserves desktop performance and boosts desktop consolidation to keep ROI high
• Prevents network, CPU, and storage conflicts by serializing scan and update operations per virtual server — optimizing resource usage
• Shortens scan times of virtual desktops by white-listing base images and previously scanned content — by only scanning new content added by users, this radically accelerates performance and user acceptance

Trend Micro has also been offering other technologies since 2009 such as Core Protection for Virtual Machines, an anti-malware product built on hypervisor-based APIs such as VMsafe and specifically designed to secure active and dormant virtual machines; and Deep Security, a security solution designed to provide intrusion defense for both virtual and physical systems leveraging both VMsafe-based virtual appliances and in-guest agents.

“Our goal is to enable customers to fully benefit from virtualization initiatives, without security imposing performance or scalability constraints,” said Steve Quane, chief product officer at Trend Micro. “We believe virtual desktop deployments will become increasingly popular over time. As early innovators in virtualization security, and with deep relationships with all key providers in the virtualization ecosystem, we can bring-to-market the most comprehensive and flexible virtual desktop solutions available — both now and in the future.”

OfficeScan 10.5 allows for more than 20,000 endpoints to be managed from one single OfficeScan Management Server, enabling customers to manage both their physical and virtual desktops from a single management console.

This latest version of OfficeScan 10.5 is expected to be available in late July 2010.

This article, “Trend Micro offers VDI-optimized security solution,” was originally published at InfoWorld.com. Read more of David Marshall’s Virtualization Report blog and follow the latest developments in virtualization at InfoWorld.com.