Securing virtualization without inflating operational costs

For most organizations embracing virtualization technologies, information security has been a tradeoff between performance and the level of protection. Often counter-productive in virtualized environments, traditional AV software is too resource-heavy and difficult to manage when running on virtual machines. This leads to higher operational costs and decreased performance.

Bitdefender helps IT professionals address these challenges with Gravity Zone - Security for Virtualized Environments (SVE), the platform-neutral antimalware service specifically designed for today’s complex datacenters. Powered by intelligent caching mechanisms built for improved performance, SVE protects any number of virtualized desktops and servers running on Windows and Linux systems. As opposed to traditional antimalware, Bitdefender centralizes all the scanning and update processes on Security Server, a tamperproof virtual appliance, which helps deduplicate critical resources and diminish I/O activity on the physical host.

STRAIGHTFORWARD ADMINISTRATION WITH BITDEFENDER GRAVITYZONE

The dynamic nature of virtualized environments increases complexity of management and adds up specific challenges that cannot be addressed by legacy security. Instant provisioning of virtual machines (often referred to as self-service) makes it difficult for IT to keep track of the growing infrastructure without proper, integrated management tools. Scalability is yet another concern ofutmost importance for organizations, especially in multi-tenant infrastructures consisting of mixed platforms: virtualized, physical and mobile.

SVE addresses these pain points with highly-automated, simplified, security that has been uniquely designed for cloud and virtualization. The solution can be easily deployed and controlled from the powerful Bitdefender GravityZone management platform, together with physical endpoints and mobile devices. Delivered as a virtual appliance within Bitdefender GravityZone, SVE is extremely easy to rollout by simply downloading the Security Server and importing it into the hypervisor. Integration with third-party management platforms like VMware vCenter or Citrix XenServer brings further operational gains, ensuring complete visibility from the GravityZone Control Center over the entire infrastructure. Through its massively-scalable and flexible architecture, SVE empowers organizations to meet compliance requirements while keeping operational expenses under control.

Lightweight protection for any virtualized environments

Security for Virtualized Environments protects file systems, processes and memory on Windows and Linux servers & desktops spanning across any virtualization platform. It addresses the needs of the most complex datacenters with fully-integrated, optimized security.

AGENTLESS SECURITY WITH VMWARE VSHIELD ENDPOINT

When installed in VMware environments, SVE takes advantage of vShield Endpoint technologies to offload main antimalware load on the tamperproof Security Server. This agentless security model reduces resource consumption and increases performance indicators on the physical hosts. Optionally, administrators can deploy an optimized version of Bitdefender in conjunction with VMware vShield Endpoint, to extend the security level with process and memory scanning.

REMOTE SCAN PROTECTION

The Bitdefender Security Server represents the very core of SVE, where most part of the antimalware processes take place after being offloaded from each protected virtual machine. The main security functions are thus centralized on dedicated virtual appliances instead of overloading each guest machine with scanning engines and signature database. Specifically, it treats entire virtualized environment as a whole, instead of protecting each virtual machine individually.

BUILT-IN CACHING FOR IMPROVED PERFORMANCE

GravityZone – SVE incorporates two-layered caching mechanisms whitelisting common system files and applications. One layer of caching is built into the Security Server, while the other is a local cache employed by the Bitdefender Tools and prepopulated based on its environment variables. By deduplicating scanning processes, this procedure results in faster response time to scan queries and improved application performance.

INTEGRATION WITH THIRD PARTY MANAGEMENT PLATFORMS

GravityZone – SVE provides a holistic view of the virtualized infrastructure by tightly integrating with VMware vCenter and Citrix XenServer. This unified approach enables administrators to centrally manage the virtual machine inventory imported from the management centers and apply policies based on objects, including resource pools. This way, if a virtual machine is moved from one host to another, the security policy will follow it. Multiple vCenter Servers can be integrated with and managed from GravityZone Control Center, which results in higher automation, increased flexibility and faster maintenance in large organizations.

Realizing the full potential of virtualization

With Security for Virtualized Environments, Bitdefender helps organizations to make the most of their virtualization investments without sacrificing the integrity of their business-critical data. The solution’s unique architecture facilitates turnkey deployment and configuration while driving higher server consolidation and lower operational expenses.

BEST PERFORMANCE IN VDI ENVIRONMENTS

Based on competitive performance testing run with Login Virtual Session Indexer, (Login VSI), GravityZone – SVE has the lowest impact on applications running in virtualized environments, when compared to other virtualization security solutions. Login VSI is an industry standard VDI benchmarking tool that simulates typical user behavior in VDI environments. Test results revealed that physical host servers running SVE reached the highest possible number of VDI sessions, outperforming all the other competitive solutions.

COST REDUCTIONS THROUGH HIGHER SERVER CONSOLIDATION

With the virtual machine performance significantly improved, administrators can further leverage the available RAM and CPU resources to build and power on more virtual machines on every physical server. Translated into actual numbers, GravityZone – SVE improves server consolidation by up to 30% when compared to traditional antimalware. This results in direct cost savings by reducing the needed hardware equipment and the energy consumption in the organization.

MULTI-PLATFORM COVERAGE

Unlike any other virtualization security solutions available on the market, SVE has been architected to easily span across any virtualization platform. In addition to VMware vShield Endpoint integration, SVE provides optimized protection on all the known hypervisors: VMware ESXi, Citrix Xen, Microsoft Hyper-V, Red Hat KVM, Oracle VM and more. It is therefore platform-agnostic by design and does not rely on the underlying platform to implement virtualization-ready, lightweight security.

MINIMIZED ADMINISTRATIVE OVERHEAD

GravityZone – SVE delivers one single management interface for implementing, monitoring and reporting on the security posture of every protected virtual machine within the infrastructure. Both the GravityZone platform and the Security Server are delivered as virtual appliances, which reduces the deployment effort from several hours to only a few minutes. Backed by seamless integration with VMware vCenter and Citrix XenServer, the solution combines simplified administration with powerful antimalware engines and security policies, to help streamline the IT operations while improving compliance.

Centralizing antimalware and management functions

Minimal system demands and resource allocation

GravityZone – SVE is delivered within a Linux-based Security Server for centralized scanning and is managed from GravityZone Control Center, the unified management platform for physical, virtual and mobile endpoints.