Virtual firewall: Altor Networks
December 01, 2009
$2,000 per ESX host, plus $5,000 for the management center; additional cost for the optional reporting module whose price varies by the size of the deployment
This one was a real pleasure to see. I have done all sorts of handsprings to get good firewalling in a virtual environment, all with mixed results. At the university where I teach, we run a VMware vSphere 4 system and while it has some useful capabilities that approximate firewalls it really doesn't have everything I need. Then, a few months back, we got a product in for consideration as a First Look and it looked as if it might be just what I needed.
The Altor VF virtual firewall is the product of both innovative thinking and marketing. The technology is both effective and sensible. And, from the business perspective, it is positioned to coexist nicely with the virtual world. As you might imagine, that is no mean feat. By hooking directly into the VMware kernel, Altor VF behaves exactly as if it was part of the VMware environment. So far, so good. But, I asked the visionary from Altor what they would do if VMware decided to build its own heavy-duty firewall. That certainly would not be without precedent. The response was that the company is a VMware partner and believes that the relationship is appropriate given that VMware actively cultivates ecosystem relationships. Also, he pointed out that the market is growing and diversifying, and Altor plans to be positioned to take advantage of that growth.
There are a number of innovations in the new VMware system that invite further innovations from other vendors. For example, the VMware vmSafe API - for which Altor VF is certified - allows a tight integration between vSphere and Altor VF. This also allows Altor VF to hook directly to vCenter, the VMware management console. All-in-all, the effect is exactly as if Altor VF was a part of the VMware system.
This is important because to be able to protect virtual machines effectively the firewall must behave at that level. The Altor stateful firewall also includes hooks into an IDS, either theirs or a third party's. Between the two capabilities, it is possible to have a solid system of virtual firewalls to protect a networks of virtual machines.
The bottom line, from Altor's perspective, is that the company has reintroduced physical network security into the virtual world. We agree.
AT A GLANCE
Flagship product: Altor VF
Vendor: Altor Networks
Cost: $2,000 per ESX host, plus $5,000 for the management center; additional cost for the optional reporting module whose price varies by the size of the deployment
Innovation: Reintroducing enterprise-class physical world security into the virtual world
Greatest strength: Marriage of world-class technology with the right market
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure