Virtualization Security & Auditing

The Challenge

Virtualization software creates a new IT platform that needs to be secured. Security policy enforcement solutions are needed in virtualized computing environments to supplement what is available in physical computing environments and to address blind spots within the virtual server that external physical security solutions can't see ... Favor vendors that offer a physical and virtual security solution and that provide a single management console and consistent policy framework across both environments.

Neil McDonald
Gartner Analyst
January 2009

Server virtualization platforms are becoming increasingly ubiquitous, but also increasingly heterogeneous, as organizations deploy hypervisors from vendors such as VMware and Citrix. At the same time, they are increasingly leveraging virtualization technology built into the latest UNIX, Linux and Windows operating systems. According to a survey recently conducted by Centrify, the number of sites that have virtualized a majority of their servers will double in the next 18 months, from 26% to 51%. This push to virtualization — driven by cost-cutting and IT agility issues — is so urgent that 55% say they are pressing ahead despite security concerns.

This rapid adoption of virtualization technologies, combined with the ability for business-critical guest systems to proliferate and seamlessly move across a data center, can lead to gaps in both management and security practices. In these dynamic environments, controlling who has access to the underlying hypervisor platform, and strictly defining what they can do based on their job role, become critical requirements.

In addition, as organizations begin the migration from a physical to a virtualized server infrastructure, IT managers need unified, global control over their evolving data center to meet security and compliance requirements — from management and segregation of duties to protection from external and internal threats — across any server instance.

The Centrify Solution

The Centrify Suite addresses the need to secure the data center — no matter what hybrid state it is in along the migration path from physical to virtual — by giving IT managers a single point of administration for all of their heterogeneous systems and applications. By enabling administrators to secure the hypervisor platform and guest operating systems using the same Active Directory-based tools and skill sets that are already in place, Centrify is enabling organizations to embrace virtualization through a cost-effective solution that actually helps them simplify their environment while strengthening security and streamlining processes. With the Centrify Suite you can:

Lock down root and other superuser accounts to ensure that only authorized administrators have access to the underlying hypervisor platform and its administrative interfaces
Associate all access controls, privileges, and audit trails to definitive and centrally managed Active Directory identities, which both simplifies administration and provides the strict accountability required by security best practices and regulatory compliance
Apply consistent role-based access controls across physical and virtual systems
Add additional layers of security by isolating and protecting distributed systems, and encrypt data in motion to protect intellectual property.
Simplify security and compliance reporting through a global view of access controls across physical and virtual systems
Globally enforce consistent security and configuration policies (via Windows Group Policy) across a heterogeneous enterprise

See our Cloud Security solution to see how Centrify addresses automated security and management for private and public cloud servers.

Supported Virtualized Platforms

Centrify secures the industry's broadest range of cross-platform virtual computing environments, including:

Provider	Virtualization Platform
Hewlett Packard	HP-UX Virtual Server Environment Virtual Partitions (vPars)
IBM	AIX 5.x, 6.1 LPAR AIX 6.1 WPAR (System and Application WPARs) zLinux running SUSE Linux Enterprise Server
Sun	Solaris™ Containers Solaris™ LDOM
VMware	ESX Server 2.x, 3.x, 4 VMA vStudio vSphere
Xen	Citrix XenServer 4, 5 Red Hat Enterprise Linux Virtualization SUSE Linux Enterprise Server Virtualization Solaris™ xVM

Learn More

Webinar	Five Steps to Securing Cloud Servers
White Paper	Enforcing Enterprise-Out Security for Cloud Servers
White Paper	Using Centrify DirectControl with VMware ESX Server
On-Demand Webinar	Addressing the Unique IT Security Risks Posed by the Virtual Data Center
On-Demand Webinar	Integrating Linux on System z Environments into Active Directory with Centrify Suite (cohosted by Red Hat)
Blog Post	Auditing VMware ESX with DirectAudit and Hardening the VMware Infrastructure with the Centrify Suite
Blog Post	Hardening VMware vSphere Security and the ESX v4 Console Operating System with Centrify
Blog Post	VMware Virtual Security and Compliance
Video Chalktalk	Introducing Centrify DirectSecure Part 1: Server Isolation and Protection
Video Chalktalk	Introducing Centrify DirectSecure Part 2: Securing UNIX and Linux Systems with IPsec and Active Directory
Video Chalktalk	Introducing Centrify DirectSecure Part 3: Leveraging the Racoon Internet Key Exchange (IKE) Daemon
Video Chalktalk	Securing VMware ESX Server with Active Directory
Video Chalktalk	Securing Solaris Zones with Active Directory
Video Chalktalk	Securing Linux Systems Running on IBM System z with Active Directory

Next Steps

Product Information

The Centrify Suite

Solutions