Trend Micro makes push into desktop virtualization security
Trend Micro Monday is announcing an updated endpoint security product designed to go beyond protecting Windows environments to safeguard virtualized desktops based on Citrix XenDesktop and VMware View.
OfficeScan 10.5, which also adds support for Windows 7, will benefit from cloud-based intelligence about malware and other threats to intercede on behalf of users through the Trend Micro Smart Protection Network. There's an option for the enterprise to deploy a so-called Web Reputation server internally to get similar protections through a different type of configuration that could be even faster.
However, it's the OfficeScan Virtual Desktop Infrastructure (VDI) piece that represents the first step in Trend's effort to optimize virtual desktop security.
"There can be a performance problem using typical software on the guest operating system," says product marketing manager Joerg Schneider, alluding to the kinds of issues arising in desktop virtualization. Scheduled scans and updates that occur all at once in the virtual machine environment could even "bring the server down," he notes. "Sometimes the network gets saturated."
So Trend's approach with the VDI component in OfficeScan 10.5, for use with XenDesktop and VMware View, is understanding where the OfficeScan 10.5-protected virtual-machine installation is within the enterprise and applying security processes through "VDI-aware" techniques, such as serialized scan operations and security updates.
There are also other optimization techniques involving base images and linked clones. OfficeScan 10.5 on both the traditional Windows-based desktops and virtual-machine deployments can be managed through a single console, supporting up to 20,000 protected endpoints. But Trend Micro is going to charge more for security on virtual machines--$8 more for the so-called "VDI-aware" than the $20 charged for the more traditional Windows-based desktop deployments, as measured by a base 1,001 seat count.
OfficeScan 10.5, expected out in July, also includes firewalling and intrusion prevention in addition to malware protection. Trend indicates it is looking at supporting Microsoft's desktop virtualization in the future.When it comes to anti-malware and security protection for desktop virtual-machine environments, "all of the big ones, like McAfee, Symantec and Trend, are chasing this opportunity," says Jon Oltsik, senior principle analyst at Enterprise Strategy Group.
Research by ESG indicates that 21% of enterprises appear to have already implemented some type of desktop virtualization technology while another 39% are planning to implement it in the future or at least have interest in it.
New kinds of resources-related issues are coming to the fore. "Endpoint security software must be able to distinguish between a physical and virtual desktop," Oltsik points out. "In the physical world, you can count on captive resources, but with virtual desktops, resources like CPUs, memory and disk are shared. If endpoint security can't make that distinction, it could become a resource hog and really impact the performance of all virtual desktop images running on physical servers."
Read more about wide area network in Network World's Wide Area Network section.