Welcome!

Agile Computing Authors: Carmen Gonzalez, Ben Uher, Liz McMillan, Pat Romanski, Yeshim Deniz

Blog Feed Post

Secure VDI In The Age Of Botnets

By David Parkinson, strategic development manager, UK & Ireland, for Wick Hill

It's not often that news from the information security industry reaches the early evening TV slots. However, the major disruption caused recently to the Gameover Zeus (GOZ) botnet certainly did.

In a collaborative effort to combat the botnet, the intelligence agencies of different countries, as well as leading information security vendors, worked together on the problem. They managed to give users a two week clear window in which to get their house in order, before command and control of the botnet was likely to have been won back by the instigators.

This collaborative action to stymie GOZ will surely be something we see more of in the future, as we strive to disrupt the increasingly fast, global spread of malware.

Indeed, this global collaboration theme was a key topic at the CPX Barcelona event in May, when Check Point announced the launch of ThreatCloud IntelliStore, a global marketplace for customers to select highly specific, relevant intelligence feeds from the likes of Crowdstrike and iSIGHT Partners ,and convert that intelligence automatically into additional protection, without further infrastructure change.

While GOZ itself is extremely dangerous, because it looks for banking and financial information on an infected host, its ability to download and install other malware, routinely CryptoLocker, makes it especially treacherous. As the FBI.gov page on the disruption action notes, it is estimated that around $30 million was paid in CryptoLocker ransoms between September and December 2013 alone. It's not surprising that Sky News ran a story reporting Cybercrime to be 'As lucrative as the drugs trade'.

While GOZ and CryptoLocker are undeniably an enormous problem for consumers worldwide, their effect on organisations from small businesses through to enterprises and public sector bodies is just as serious.

For a small business, with say twenty to two hundred PCs out in the (often remote) field, some infrastructure needs to be deployed, configured and trusted so malware can be detected and removed at the endpoint, and of course, preferably prevented from reaching the network and endpoint in the first place. For larger organisations, that problem is magnified, though they may have more resource with which to tackle the complexities.

While the viewpoint that we need new ways of looking at the problem can be wholly understood, and that we need to encourage vendors to be innovative, we also need to recognise that organisations need to work with the tools that are available to them today.

The increased publicity around PC malware infestation may encourage organisations to look again at centrally hosted desktop services, for at least a portion of their users, and may encourage service providers to take the opportunity to look again at their offerings.

For example, Virtual Desktop Infrastructure (VDI) could be considered if it could provide the benefit of improved security, and better management of that security.

One of the problems with endpoint protection in VDI is the potential replication of the endpoint agent to each guest operating system. This can cause storms of traffic during updates, create replicas of databases, and create a high processing overhead during scans. Hypervisor level protection can provide a solution to this, though that is often limited to file level scanning.

One solution would be a virtual appliance sitting on a host, with a small agent within each guest on the host, that then communicates with the virtual appliance.

The "Light Agent" approach from Kaspersky Lab provides the benefits of hypervisor level protection, along with the fuller protections associated with an agent installed on a desktop (malware control, application control, device control etc).

Having more desktops within just such a centralised environment means that they can often be kept secure more reliably, that they can provide a safer working environment for the user, and that they can be backed up more effectively. This might be a strategy worth looking at again. It will be interesting to see which service providers look to differentiate their services by providing such levels of protection.

Quite rightly, a centralised desktop infrastructure requires secure and flexible access to the data centre. This access might be required by regular VDI users who are looking to centralise desktop resources as described earlier, remote workers in the field, or perhaps users who are invoking a disaster recovery plan.

These different user groups may have very different requirements from their local computing hardware. A regular user would possibly find a tablet cumbersome to work with throughout the day and require a laptop or conventional "PC" setup, with keyboard and mouse, while remote workers may find access from a tablet far more convenient for the tasks they need to complete away from a desk.

A key user needing occasional access, or an IT Manager looking for a convenient ICE (In case of emergency) solution, might find a palm sized system-on-chip device that can be plugged into any HDMI monitor and connect wirelessly to network and input devices, the ideal solution for distribution and portability.

Such flexibility of device choice, tied with the security that only centralised management across all devices can provide (including remote device wipe), together with port and application control, makes Becrypt's tVolution suite suitable for any organisation looking to provide comprehensive secure access options into VDI services.

All this isn't at all to say that VDI is a panacea to the current wave of high profile malware distribution, but it is another tactic that can be considered after carefully looking at the tools at our current disposal.

About Wick Hill
Established in 1976, value added distributor Wick Hill specialises in secure IP infrastructure solutions. The company sources and delivers best-of-breed, easy-to-use solutions through its channel partners, with a portfolio that covers security, performance, access, networking, convergence, storage and hosted solutions.

Wick Hill is part of the Wick Hill Group, based in Woking, Surrey with sister offices in Hamburg. Wick Hill is particularly focused on providing a wide range of value added support for its channel partners. This includes a strong lead generation and conversion programme, technical and consultancy support for reseller partners in every stage of the sales process, and extensive training facilities. For more information about Wick Hill, please visit http://www.wickhill.com/company/company-profile or www.twitter.com/wickhill

ENDS

For further press information, please contact Annabelle Brown on 01326 318212, email pr@wickhill.com. For reader queries, contact Wick Hill on 01483 227600. Web http://www.wickhill.com

Source: RealWire

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@ThingsExpo Stories
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settle...
SYS-CON Events announced today that SD Times | BZ Media has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. BZ Media LLC is a high-tech media company that produces technical conferences and expositions, and publishes a magazine, newsletters and websites in the software development, SharePoint, mobile development and commercial UAV markets.
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
As businesses adopt functionalities in cloud computing, it’s imperative that IT operations consistently ensure cloud systems work correctly – all of the time, and to their best capabilities. In his session at @BigDataExpo, Bernd Harzog, CEO and founder of OpsDataStore, will present an industry answer to the common question, “Are you running IT operations as efficiently and as cost effectively as you need to?” He will expound on the industry issues he frequently came up against as an analyst, and...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often un...
SYS-CON Events announced today that Technologic Systems Inc., an embedded systems solutions company, will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Technologic Systems is an embedded systems company with headquarters in Fountain Hills, Arizona. They have been in business for 32 years, helping more than 8,000 OEM customers and building over a hundred COTS products that have never been discontinued. Technologic Systems’ pr...
SYS-CON Events announced today that IoT Now has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
In his session at @ThingsExpo, Sudarshan Krishnamurthi, a Senior Manager, Business Strategy, at Cisco Systems, will discuss how IT and operational technology (OT) work together, as opposed to being in separate siloes as once was traditional. Attendees will learn how to fully leverage the power of IoT in their organization by bringing the two sides together and bridging the communication gap. He will also look at what good leadership must entail in order to accomplish this, and how IT managers ca...