nCircle, a provider of automated security and compliance auditing solutions, has announced that its Configuration Compliance Manager (CCM) configuration auditing solution now audits the full VMware virtual infrastructure, from virtual machines to the hypervisor. nCircle CCM delivers new policies that audit the configurations of the virtual infrastructure and compare the configurations to Center for Internet Security (CIS) benchmarks, or hardening guides, to ensure the security of virtual machines and their hypervisor. The CIS benchmarks are accepted best practices for secure operation of VMware virtual machines and hypervisors.
Over the past few years, the use of virtualisation in the enterprise has grown and so have the security concerns. The new IT platform of virtualisation has given rise to new security issues that can occur through the mis-configuration of the hypervisor. 'VM escape' can occur when a program running on a virtual machine gains access to the host system or another virtual machine, and is a clear example of the necessity of continuous audits of the entire virtual infrastructure.
"Enterprises are increasingly turning to virtual infrastructure in their data centre," said Tim Keanini, chief technology officer at nCircle. "nCircle CCM enables our customers to discover and audit the configurations of their virtual infrastructure along with the rest of their network, ensuring compliance with the CIS benchmark for VMware and improving security."
One of the advantages of virtualised systems is the speed by which they can be implemented. However, this also makes keeping track of virtual machines as they are deployed and re-deployed much more difficult than physical systems. nCircle Configuration Compliance Manager discovers virtual machines and hypervisors through agentless discovery technology and is then able to continuously audit the configurations of the virtual infrastructure through agentless configuration auditing. In the fast-moving world of virtual infrastructure, ensuring compliance with secure benchmarks and continuous configuration auditing is imperative.
Updated Date: Jan 31, 2017 02:17:43 IST