Juniper Virtual Gateway Given Security Upgrade

Juniper’s vGW platform has been upgraded with security management, continuous monitoring and antivirus

Juniper Networks has rolled out antivirus and other security measures specifically to protect virtual machines in its vGW gateway platform.

The upgraded vGW Virtual Gateway offers virtualisation-specific antivirus protections and continuous monitoring against malware and external intruders. Juniper, which made the announcement at the start of the VMworld, VMware’s conference in Las Vegas, is planning to offer the security updates early in the fourth quarter of this year.

All About Secure Performance

Organisations are concerned about the impact having scanning and monitoring technologies, such as antivirus products, will have on the performance of each individual virtual machine within the physical server. Multiple antivirus scans happening at the same time can consume the server’s resources and slow down its responsiveness, affecting all the other VMs hosted on the server.

Johnnie Konstantas, director of cloud security marketing at Juniper Networks, told eWEEK that the new security and monitoring features the company offers do not “impede” virtualised workload performance. “Bottom line – it’s all about performance,” Konstantas said.

Virtual Gateway is based on technology that Juniper acquired as part of its purchase of Altor Networks in December 2010. At the RSA Security conference in February, Juniper made the first update to the new platform with version 4.5 to bring it in line with the rest of the Juniper portfolio.

This new release marks the most extensive update since the acquisition.

The antivirus signatures used by Juniper in its vGW Virtual Gateway are provided by Sophos, Konstantas said. The antivirus scans virtual machines for resident malware and other programs designed to hide inside files, and it quarantines the infected files or the whole VM as necessary after detecting malware. Administrators can choose to run scans on-demand during off-peak hours or when the virtual servers are offline. They can also use the on-access option, which deploys an agent to scan the files.

Configuration errors make the systems vulnerable to compromise in the first place. The vGW manages security in virtual machine environments by continuously monitoring for changes within the VM’s disk images to ensure security policies are not being violated, Konstantas said. The vGW 5.0 also integrates with Juniper’s SRX security appliances to monitor VM security configurations.

Considering that most security and compliance issues within an organisation are the result of systems being configured incorrectly, incorporating configuration management was a natural step for Juniper, Konstantas said.

The new Virtual Gateway works more like a universal threat management (UTM) system designed for the virtual environment. It provides integrated firewall protection, intrusion detection, compliance monitoring and security management along with antivirus protection, Konstantas said.

Systems that check for configuration changes on physical servers will not work for virtual environments, Konstantas said. Organisations need a layer of dedicated security management software for virtual machines to ensure all the security and configuration issues are resolved immediately.

Juniper charges $700 (£432) per CPU on the physical host, Konstantas said. It does not matter how few or how many virtual machines are hosted on the server as the pricing would remain the same. This would help organisations scale up without suddenly seeing their security costs jump, he said.