PacketMotion™, the leading provider of User Activity Management (UAM) solutions, today announced the release of the PacketSentry Virtual Probe, which extends PacketMotion’s comprehensive security solution to virtual and cloud environments. The PacketSentry Virtual Probe monitors and secures access to sensitive data in VMware® clusters by delivering PacketSentry’s application and identity-aware solution as a guest VM that does not require administrators’ knowledge of IP addresses and with minimal resource impact. Applications monitored include databases, fileshares, web applications and document management, among many others.
Gartner identifies the lack of visibility and controls on internal VM-to-VM communications as the top virtual security issue for organizations.1 Lack of visibility and control within a virtual cluster can result in unauthorized communication between VMs, mixing of trust levels within a virtual host, and failure to detect suspicious access of key information assets. This may also result in the inability to satisfy internal audits and compliance regulations, including PCI, HIPAA and SOX.
“Organizations are concerned with a lack of visibility of internal virtual networks and the security threats from unmonitored VM-to-VM communications,” said Neil MacDonald, VP and Gartner Fellow. “Organizations need visibility across physical and virtual environments without requiring different solutions for each and that bring the same level of audit and secure control to the virtual data center as exists today in the traditional physical data center.”
Architecture and Licensing Model Enable Efficient Activity Monitoring in Virtual Hosts:
The PacketSentry Virtual Probe solution dramatically changes the security capability in the virtual environment. It delivers a low-overhead virtual appliance that:
- Implements multiple controls in a single application;
- Runs as a guest VM that consumes just 3-5 percent of the host’s CPU;
- Reacts to transaction patterns without the need to know specific IP addresses;
- Is priced based on number of VMs monitored, independent of VMware deployment architecture;
- Automates deployment of identity-based policy in the virtual data center.
“We have been impressed with the entire technology innovation of PacketMotion’s Virtual Probe, and how easy it was to set up,” said Andrew Gahm, Systems and Security Engineer at South Jersey Healthcare. “We have been using the new Virtual Probe quite a bit, especially to see a lot of data we were not seeing before. It helps us conduct research and trouble shoot, as well as gives us the enhanced data we need for incident investigations. We are impressed with what it actually captures – granular details on each transaction and ties it to Active Directory so we can see what each user is doing. Many products capture data but all we end up with is an IP address, so it takes a lot of work to determine the user.”
The PacketSentry Virtual Probe was built as an easy-to-install and workload-efficient addition to the virtual environment. Since the Virtual Probe consumes little server CPU, memory, and I/O resources, it can be deployed ubiquitously across servers and blades in the virtual data center for complete data protection. PacketSentry’s advanced decode and application analytics provide an unparalleled tool for auditing and controlling application and virtual network behavior.
“Organizations are frustrated with the lack of visibility and control in virtual data centers which they know exposes them to risk,” said Paul Smith, PacketMotion Chief Executive Officer. “With PacketSentry, organizations have a single solution that protects their data in physical, virtual and cloud environments. The Virtual Probe uniquely delivers the visibility and control organizations need as they virtualize their data.”
The PacketSentry Virtual Probe supports separation of duties by giving security and network teams – which are responsible for meeting compliance regulations and protecting intellectual property – a solution for audit and control in the virtual data center, an area typically owned by server teams. Now, security teams can monitor virtual server administration activity and policy enforcement within the virtual servers, and can enforce or change policies on their own.
Availability and Pricing
The PacketSentry Virtual Probe supports VMware vSphere version 4.0 and greater, ESX version 3.5 and greater, and is available now from PacketMotion’s channel partners. The Virtual Probe is priced at $4,995 for a 5 pack of monitored servers/VMs and $21,995 for a 25 pack. Support for other hypervisors will be available in a future release.
To learn more about PacketMotion’s new Virtual Probe, sign up for the upcoming webinar being held on Friday, April 22, at 10 am PDT. Register at PacketMotion's website.
PacketMotion’s User Activity Management (UAM) solutions enable mid- to large-sized enterprises to simplify and lower the cost of meeting their compliance and audit requirements (PCI DSS, SOX, HIPAA, etc.) while delivering security functionality such as the ability to immediately stop user behavior that violates internal policies. PacketMotion (packetmotion.com) combines patent-pending software with powerful appliances to monitor individual user activity at the application level. The PacketSentry appliance operates out of band with no impact on network performance, and installs in less than one day, typically reducing compliance-related capital and operating costs by as much as 80 percent compared to a suite of siloed tools. Visit PacketMotion online.
Note 1 – MacDonald, Neil,“Securing the Next-Generation Virtualized Data Center,” Gartner Inc., June 21, 2010.
PacketMotion and PacketSentry are registered trademarks of PacketMotion. All other trademarks are registered to their respective companies. Copyright © PacketMotion 2011.