• United States



Vice President, Intel Security Group

How to scan for malware in the private cloud – without the performance hit

May 17, 20163 mins

Chief security officers and their teams have the unenviable task of striking the proper balance between cybersecurity protections and business efficiency and flexibility. Layer on too many security controls and processes and your business productivity can take a hit. Scale back security too far and you put your company’s data, operations, and reputation at serious risk.

This security/productivity balance can prove especially challenging when you add cloud computing to the mix. Whether private cloud, public cloud, or a hybrid mix, cloud deployments introduce security challenges and needs that sometimes require solutions different from those that work perfectly well in traditional IT environments.

Most people associate cloud security concerns with the placement of sensitive data in public cloud data centers, or the transmission of data between public and private clouds. But many of the security challenges associated with private cloud computing can be traced to the virtualized infrastructure that gives these environments their flexibility, efficiency, and easy scalability. Most notably, implementing hundreds or thousands of virtual machines with traditional antivirus (AV) solutions can be like pouring molasses into the gears of your business operations.

The problem is that AV programs designed to run their scans on physical servers can siphon off too much memory and processing power when they’re deployed on every virtual machine in your private cloud environment. These resource demands can dramatically reduce the VMs’ ability to perform their core business functions whilst decreasing VM consolidation ratios.

Solving the AV cloud conundrum

This AV-cloud disconnect is no minor issue. In a 2015 SANS Institute survey, 9% of IT security professionals admitted to experiencing breaches to their public or private cloud infrastructures. Of those that had suffered cloud breaches, 55% said they were hit by a malware or botnet infection, the top form of attack experienced.

Faced with these hard realities, more companies are turning to AV solutions designed specifically to protect virtualized environments. The concept involves offloading AV scanning, configuration and .DAT update operations to a security virtual appliance (SVA). Cleared files (or those signed by trusted certificates) reside in the SVA’s global cache and can be called by the VMs without having to go through additional scanning.

One large retailer with hundreds of locations worldwide needed to protect an IT environment that includes more than 25,000 virtual clients, 5,000 virtual servers, and 50 VMware hosts. After deploying a solution that centralized the AV function on an SVA, the retailer was able to update one SVA per hypervisor instead of having to redeploy and update software on each client.

Offloading the AV function from the VMs in cloud environments not only helps keep day-to-day business operations running smoothly, it can also prevent debilitating “antivirus storms” that sometimes occur when a non-optimized AV solution simultaneously scans multiple VMs on a server. When it comes to securing your virtualized cloud environments, you shouldn’t have to compromise on business productivity, efficiency, or TCO.

Vice President, Intel Security Group

Candace Worley is a senior technology executive and recognized thought leader in the endpoint security industry. For the past 20+ years, she has developed and delivered successful enterprise software solutions resulting in notable market growth and new revenue streams for global companies. As Sr. Vice President and General Manager for McAfee Enterprise Endpoint Security (recently branded Intel Security) Candace built her reputation as a respected business leader; known for her predictive insights, strategic vision and ability to execute. Initially joining McAfee as a product manager in 2000, she advanced rapidly within the company, and by 2010, was appointed Sr. Vice President and General Manager. She is currently Vice President of Enterprise Solutions Marketing responsible for go-to-market strategy and alternate routes to market, global enterprise messaging, solutions pricing and packaging, technical marketing, pricing and licensing strategy, and competitive intelligence across the ISecG corporate products portfolio. As a member of the senior leadership team at Intel Security, Candace plays a key role as a solution and corporate spokesperson with customers, analysts and press. Candace holds a Masters of Business Administration from Marylhurst College in Oregon and a Bachelor of Science in Management from Oregon State University. Candace currently resides in Oregon. She spends her free time gardening, cooking and traveling.

More from this author