Virtual firewall: Altor Networks
December 01, 2009
$2,000 per ESX host, plus $5,000 for the management center; additional cost for the optional reporting module whose price varies by the size of the deployment
This one was a real pleasure to see. I have done all sorts of handsprings to get good firewalling in a virtual environment, all with mixed results. At the university where I teach, we run a VMware vSphere 4 system and while it has some useful capabilities that approximate firewalls it really doesn't have everything I need. Then, a few months back, we got a product in for consideration as a First Look and it looked as if it might be just what I needed.
The Altor VF virtual firewall is the product of both innovative thinking and marketing. The technology is both effective and sensible. And, from the business perspective, it is positioned to coexist nicely with the virtual world. As you might imagine, that is no mean feat. By hooking directly into the VMware kernel, Altor VF behaves exactly as if it was part of the VMware environment. So far, so good. But, I asked the visionary from Altor what they would do if VMware decided to build its own heavy-duty firewall. That certainly would not be without precedent. The response was that the company is a VMware partner and believes that the relationship is appropriate given that VMware actively cultivates ecosystem relationships. Also, he pointed out that the market is growing and diversifying, and Altor plans to be positioned to take advantage of that growth.
There are a number of innovations in the new VMware system that invite further innovations from other vendors. For example, the VMware vmSafe API - for which Altor VF is certified - allows a tight integration between vSphere and Altor VF. This also allows Altor VF to hook directly to vCenter, the VMware management console. All-in-all, the effect is exactly as if Altor VF was a part of the VMware system.
This is important because to be able to protect virtual machines effectively the firewall must behave at that level. The Altor stateful firewall also includes hooks into an IDS, either theirs or a third party's. Between the two capabilities, it is possible to have a solid system of virtual firewalls to protect a networks of virtual machines.
The bottom line, from Altor's perspective, is that the company has reintroduced physical network security into the virtual world. We agree.
AT A GLANCE
Flagship product: Altor VF
Vendor: Altor Networks
Cost: $2,000 per ESX host, plus $5,000 for the management center; additional cost for the optional reporting module whose price varies by the size of the deployment
Innovation: Reintroducing enterprise-class physical world security into the virtual world
Greatest strength: Marriage of world-class technology with the right market
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards