|Page (1) of 1 - 04/23/09||email article||print page|
Reflex Systems Announces Dynamic Policy Enforcement for Reflex VMCLeverages VMware VMsafe(TM) Technology to Go Beyond the 'Virtual Firewall' and Enforce Datacenter Policy in Local, Enterprise and Cloud Environments (April 23, 2009)
ATLANTA, GA -- (Marketwire) -- 04/23/09 -- Reflex Systems, the pioneer in virtualization management and security, today announced the availability of Reflex vTrust(TM), dynamic policy enforcement for Reflex VMC (Virtualization Management Center). vTrust leverages VMware VMsafe(TM) technology, which will be included with VMware vSphere(TM) 4, to go well beyond the virtual firewall, to provide dynamic policy enforcement at the kernel level of the hypervisor across the entire virtual datacenter, whether the virtual environment is hosted locally or in internal and external cloud environments.
"Virtual environments are dynamic by nature, and policy management solutions must adapt elastically to infrastructure changes," said Reflex CEO, Pete Privateer. "Reflex vTrust enables administrators to create and enforce not just security rules but the more general case of data center policies and best practices. vTrust helps automate data center operations across all virtual resources whether in the corporate data center or hosted in the cloud. This, in turn, leads to improved efficiency through data center automation and reduced IT staffing costs, while ensuring compliance with corporate policy and government mandates."
Reflex's dynamic policy enforcement solution goes beyond the conventional notion of 'purpose-built firewalls' that simply monitor and control traffic between virtual machines or implement static security policies at the virtual machine level. Reflex provides true data center policy enforcement across the entire virtualized infrastructure. vTrust provides asset classification, virtual trust zones, dynamic network control, and adaptive roaming policies that move with assets regardless of physical location, or network connection. Reflex's relationship with VMware enables the company to leverage VMware VMsafe technology to enforce network policies at the kernel level in VMware vSphere 4.
Ken Owens, Technical Vice President of Security and Server Technologies of Savvis, a leading provider of managed IT infrastructure and cloud computing solutions, said, "Due to the nature of VMs, virtual infrastructure environments can change quite often, several times a day. Traditional security and policy enforcement techniques are challenging to apply under these conditions. The addition of the VMSafe program is crucial to VMware's virtualization initiative because it enables solutions like Reflex's vTrust to give us the technology to properly enforce policies in such a dynamic environment, whether the virtual environment is local or in the cloud."
Reflex's addition of dynamic policy enforcement through vTrust enables IT organizations to create and enforce virtualization policies and manage the virtual enterprise based on existing organizational business processes. Administrators can utilize vmTagging(TM) (Virtual Meta Tagging) to organize and group virtual assets and then define policy or best practice based on the asset properties or classification. Polices based on vmTags(TM) are automatically updated as the environment changes, allowing policy to be just as agile as the virtual environment it protects.
"Reflex Systems has taken advantage of VMware VMsafe technology to enable security teams to enforce virtual infrastructure policy while equipping operations managers with the ability to deploy and manage VMware vSphere 4 with best practices and security in mind," said Shekar Ayyar, vice president, infrastructure alliances, VMware. "We are pleased to see innovative partners like Reflex Systems leverage VMware VMsafe technology to deliver real-world solutions of value to our joint customers."
By using this innovative classification method, Reflex VMC is now able to tag and track virtual resources for security and management purposes as they are added to the virtual environment. Unlike other virtual security products, which define firewall rules based on more volatile virtual properties such as IP address or MAC address, Reflex's vmTags define policy in terms of object properties of virtual resources that remain with that resource for its entire lifecycle. Reflex leverages its patent-pending Virtualization Query Language(TM) (VQL) for specifying policies or for natural language queries of the virtual infrastructure. For example, virtual assets may be classified by line of business, type of application, organization, geographic location, operating system, patch level, or any other taxonomy as required by business processes.
vTrust features in Reflex VMC include the following:
-- Dynamic Policy Enforcement and Management -- the ability to specify government regulation, corporate compliance, data center policy, best practice or security rules that adapt and move with the virtual assets (virtual machines, virtual network, group of VMs, hosts, clusters, vLAN, etc.), thus policy is enforced regardless of location, type of network connection, or type of virtual switch -- Policy Extends into the Cloud -- vTrust can facilitate and automate the use of cloud and SaaS services by providing a cloud security API that enables enterprises and hosting/cloud solution providers to secure individual virtualization resources in the cloud -- (VQL)Virtualization Query Language -- natural and structured query language that is used to define policy and rules, allowing virtual infrastructure to dynamically adapt to changing needs without requiring a change to the policies. VQL also enables virtualization administrators to query the virtual infrastructure "on the fly" for any type of information -- vmTagging (Virtual Meta Tagging) -- classify virtual assets based on administrator defined properties. Virtual Policy Tagging is also genetic, enabling clones of virtual assets to automatically inherit policy from parents -- Virtual Segmentation -- create virtual trust zones on shared resources by dynamically partitioning the virtual infrastructure into separate virtual resources with different network communication policies (firewall rules) -- Virtual Quarantine -- enforce data center policy when VMs are provisioned (VMs must meet certain criteria to be allowed on the network). Easily detect rogue or unauthorized guests or virtual machines which do not meet regulatory or compliance requirements -- Virtual Networking Policies -- create and enforce a DMZ, block specific kinds of network traffic between virtual machines (P2P, IM, FTP, etc.), ensure only specific protocols are used on specific ports or networks, etc.
"In the virtual infrastructure you can't just drop a firewall in the environment and hope for the best. You must be able to track all dynamic resources throughout the entire virtual enterprise as changes occur in the environment," said Hezi Moore, CTO of Reflex Systems. "Our dynamic policy enforcement functionality goes well beyond a simple virtual firewall. Reflex's vTrust technology provides a dynamic solution based on the nature of virtualization as it is used by operations and security managers."
Reflex Systems is the industry leader in virtualization management and security. Reflex VMC (Virtualization Management Center) dramatically increases the visibility, management and security of an organization's virtual infrastructure. Purpose-built on a strong security foundation, VMC provides the essential tools needed to enforce dynamic infrastructure policy in virtualized data centers. Reflex VMC provides infrastructure discovery and visualization, timeline-based management, application/services discovery, network security, performance, lifecycle management and dynamic policy enforcement. Reflex VMC supports VMware's ESX server, Citrix's XenServer, and Microsoft's Hyper-V virtual server environments. Reflex Systems is based in Atlanta, Georgia and is privately held. For more information, including a trial download of Reflex VMC, visit www.reflexsystems.com. Follow Reflex at http://twitter.com/ReflexSystems and The vCurve Blog: blog.reflexsystems.com.
Reflex Systems is a registered trademark of Reflex Systems LLC. All other marks are property of their respective owners.
Copyright @ Marketwire
Related Keywords: virtualization management, virtaulization security, virtualization, VMware, VMSafe, VSphere, Security, Networking, Business Issues, Server Hardware, Server Computers, Management, CTO/CIO, CEO/CFO, Mac, OS9, OSX, Marketwire, IT (Information Technology), Networking, Security, Business, Parents, Other,