Server virtualization has been growing at a fast clip over the last few years, and a new survey from BeyondTrust reveals that the implementation of security solutions for those virtual servers has not kept pace. That's left organizations vulnerable to security threats, the security vendor said in its announcement of the survey and a new plugin to help fix the problem. Here are the details.
First, a deeper look at some of the survey numbers. A total of 42 percent of organizations said they don't regularly use security tools as part of their virtual systems administration, and 34 percent said they rely heavily on antivirus protection as their primary security tool. Fifty-seven percent ssaid they often use existing image templates for new virtual images, 64 percent have no security controls in place that require a security sign off before releasing a new virtual image or template, and three out of four respondants said that up to a quarter of virtual guests are offline at any given time.
To help organizations deal with these security holes, the company has released Retina Plug-in for VMware (NYSE: VMW) vCenter, designed to provide integrated security and vulnerability management tools to identify and remediate network vulnerabilities that can lead to attacks in virtual data centers. The solution also provides the following features:
- Scanning of online and offline virtual machines and virtual application templates; supplying an automatic audit feed of latest vulnerabilities that could potentially impact the hyper-visor and virtual machines;
- Delivery of risk context including scoring, malware toolkit analysis, penetration toolkit availability, compliance mappings to improve remediation planning;
- Scheduling of scans to automatically update the vCenter console with centralized compliance and risk information;
- Scanning of all the ESXi and virtual machines managed by the vCenter server; and
- Updating of security scans to include all online and offline added/removed from vCenter management.
"It’s surprising with all of the technological advancements in the virtualization space that server admins are reliant on antiquated security solutions and are unknowingly conducting day-to-day tasks that are incrementally increasing the risk to their organization," said BeyondTrust Product Strategy and Operations VP Brad Hibbert in a statement.
BeyondTrust said the survey included 346 respondents.