Whoa.com

Agentless_Antivirus.jpgThe move to virtualized machines (VMs) provides businesses with many potential benefits, and some new challenges as well.

Virtualized operating systems allow users to more efficiently use their processing hardware by having a single physical machine running multiple virtual machines by artificially divvying up the hardware’s computing resources.

Most of the time, a server setup will only run a single OS and application at a time, whether that application requires 5% of the hardware’s resources or 90%. Virtualization creates a set of separate software containers, or “virtual machines,” that can run independently of one another.

The Trouble with Traditional Antivirus

One of the challenges in using a virtualized setup for business is keeping these setups secure from outside intrusion. On a traditional architecture, antivirus/antimalware is one of the most basic security measures that businesses use to guard against malicious software programs.

The trouble is that antivirus programs can be resource-intensive, sucking up significant computing resources to actively scan files for malware.

On a traditional machine that’s only using a small percentage of its total computing power, this is rarely an issue. However, on a VM setup, this computing resource drain is multiplied.

Additionally, there are the inherent differences between physical and virtualized hardware to consider. The hypervisor abstracts the connection of the VMs to the hardware they run on. While this allows for dynamic reallocation of resources, it can also severely alter how basic operations such as file scans behave.

Plus, if multiple VMs on the same host start AV scans at once, it can create a sharp spike in computing load, reducing performance.

These issues make it hard for traditional, agent-based antivirus & security management platforms to operate efficiently on virtualized environments. With agent-based AV on VM-based environments, there will be issues of excessive resource consumption, security coverage gaps, and reduced scalability.

How Agentless Antivirus Works

An “agentless” antivirus/security platform takes a different approach to providing security on a virtualized environment. Rather than installing a copy of the security software on each VM within the operating system, a separate virtual appliance is dedicated to the task of running security software.

Different agentless solutions may have use a variety of methods to accomplish the goal of maintaining security for the virtualized host environment.

For example, some integrate with VMware’s built-in tools to monitor VM file events and enforce remediation actions such as quarantining or removing files from each virtual machine. Other solutions might achieve protection on the network level without using a VMware driver on individual VMs to monitor file events.

Benefits of Agentless Security for VMs

Using an agentless security program to manage basic anti-malware tasks on a virtualized environment provides several key benefits:

  1. Reduced computing resource demands, especially on CPU and storage due to scan storms
  2. Ease of security management
  3. Always-on security

Agentless antivirus security setups centralize operations so that you don’t get multiple security program instances starting full disk scans all at once. Also, rather than having to dedicate management resources to independently updating each VM’s security software, agentless solutions allow users to centralize such tasks.

The always-on aspect of agentless security is most beneficial when adding new virtual machines to a host. Each new VM will benefit from the protection of the security vApp. This helps to eliminate gaps in AV coverage when adding a new virtual machine.

Ultimately, the use of an agentless antivirus on virtualized cloud environments helps to reduce costs while increasing security for every VM on the host machine.

This is why the best secure cloud service providers will employ agentless security solutions for their virtualized environments whenever possible.

Security usually comes with a cost, but this allows customers to benefit from such an advanced platform since resources for agentless antivirus do not ‘tax’ the performance of a customer’s VM.

WSM & WHOA.com Cloud Migration

Topics: Cloud Strategy