As virtualization spreads in enterprises, an increasing number of security companies are virtualizing their applications.
The latest is Fortinet Inc, which this week announced virtual versions of four its main products: the FortiGate unified threat management appliance, the FortiManager centralized management appliance, the FortiAnalyzer reporting tool and the FortiMail message security appliance.
All use a hardened Linux kernel on the FortiOS operating system and are tailored for VMware’s ESX Server.
They are almost identical to their physical versions, said Chris Simmons, the company’s director of product strategy. Initially there is only one version of each but more will follow.
One of the benefits of the strategy is that both physical and virtual versions of the FortiGate and FortiMail devices can be managed by the FortiManager, he added.
As a result the choice of version is up to the customer.
That virtualization has tremendous efficiencies is in little doubt. However, Simmons argues, the ability to keep an eye on traffic in virtual pools becomes tricky and even harder in a private cloud compared to a physical network.
“There is a loss of visibility,” he said. “We’ve also lost the ability to insert or exert control over where traffic flows from one trusted zone to another.”
One way is to bring traffic from a virtual LAN out to a physical appliance, and then either back into the VLAN or out over the Internet. Virtual security appliances mean security functions can be performed inside the VLAN.
Details of the four units are as follows:
–The FortiGate-VM virtual appliance combines firewall with up to 1.6 Gpbs throughput, VPN, intrusion prevention, malware prevention, Web filtering and data loss prevention.
Available immediately, it is priced on whether there are two, four or eight virtual CPUs in the environment it’s used in. The two CPU version costs US$9,995.
Although like all Fortinet virtual appliances, it comes in an open format, the FortiGate-VM is only certified for VMware.
–The FortiManager-VM management software supports up to 5,000 Fortinet physical or virtual devices, and up to 120,000 FortiClient agents for Windows desktops.
The US$22,495 FortiManager helps provision new Fortinet devices and agents as well as oversees management of security policies in mesh and star VPN environments. It includes the ability to give detailed revision tracking.
–It works with the FortiAnalyzer-VM for discovery, analysis, prioritization and reporting of network security events. Available later this quarter, it also offers advanced security management functions such as quarantined file archiving, event correlation, vulnerability assessments, traffic analysis, and archiving of email, Web access, instant messaging and file transfer content, the company says.
–The FortiMail-VM for environments that virtualize messaging. To be releases in the first quarter of 2011, there are no performance metrics available yet. However, its job is to comb email and block malware