|
|
|
Hardware-Enabled Virtualization: Breaking
Through Endpoint Security’s Traditional Barriers
Abstract
The endpoint has been the Achilles heel of enterprise security management for far too long. The flex-
ibility and highly personal nature of endpoint systems have driven their success. At the same time, this
has also made it difficult for large organizations to balance the level of control required to secure the
business, while giving users the flexibility they need. The malicious recognize these facts all too well.
Today, however, the technologies of hardware-enabled virtualization are giving enterprises powerful new
tools for defining control over the business environment, while at the same time offering flexibility that
supports the value of personal computing. In this Advisory Note, ENTERPRISE MANAGEMENT
ASSOCIATES® (EMA™) analysts examine the capabilities of hardware-enabled virtualization that
have the potential to transform the nature of endpoint security management in the enterprise.
Getting Over the Past
To say that endpoint security needs an overhaul would be an understate-
ment of the first order. The personal system has long been a primary
focus of attack, and that focus has not changed. Attackers may shift
their attention from the operating system to endpoint application vul-
nerabilities, but the endpoint itself remains a principal target.
For the malicious, endpoint
systems have presented too much
opportunity for far too long.
The reason is simple―for the malicious, endpoint systems have presented too much opportunity for
far too long:
• The endpoint remains highly flexible, and highly changeable—which makes it difficult
to control. Enterprises recognize that they need—indeed, must—get a better handle on
endpoint security management. But when users demand flexibility and control over their personal
• Too much has depended on endpoint software, when endpoint software itself is the target.
The endpoint operating system (OS) and applications have long been targets of attack. And yet,
traditional host-based defenses often run within the endpoint user environment or OS itself,
despite the fact that a successful compromise can render these protections moot. This has the
• Threats that target permanently installed software can persist. Regardless whether OS or
ADVISORY NOTE | 1
environment, the enterprise faces stiff challenges in exerting the necessary level of control to
protect the business. How can organizations balance the endpoint control they need, with
the flexibility users need to be fully productive?
curiously paradoxical effect of relying on potentially compromised endpoint software to protect
the endpoint. How can protection for the endpoint go beyond endpoint software?
application vulnerabilities are the target, a successful exploit of permanently installed endpoint
software can be extraordinarily difficult to eradicate. Organizations need greater confidence in
their ability to detect and eliminate threats where possible—yet without reinstalling a compromised
endpoint system from scratch, few have this certainty. Isn’t there a better way to resolve endpoint
threats with higher confidence?
©2010 Enterprise Management Associates, Inc. All Rights Reserved.
|
|
|