MANAGEMENT OF AGENTLESS VIRTUAL MACHINES VIA SECURITY VIRTUAL APPLIANCE

摘要

In an example, a virtual data center includes a plurality of agentless virtual machines (VMs) protected by a security virtual appliance (SVA). Because the VMs are agentless, they cannot internally manage, update, or enforce VM-specific security policies. However, each VM includes an API that provides an interface for monitoring events such as turn on, turn off, heartbeats, and file events, as well as an interface for ordering an on-demand scan. The SVA builds a policy table, with entries for each VM or class of VMs, and using the API, monitors appropriate events, such as file events, to enforce VM-specific policies. Because the policy table is lightweight, it can be efficiently ported between multiple hypervisors, thus ensuring that a VMs policy remains intact, even if that VM is ported to a different hypervisor.

主权项

1. A computing apparatus for providing policy per virtual machine (PPVM) on a plurality of virtual machines (VMs) on a hypervisor, comprising:
a security virtual appliance (SVA) comprising a policy management engine operable for:
receiving a policy rule set to define a security policy for a virtual machine (VM);building a policy table comprising a security policy entry for the VM;receiving an application programming interface (API) event notification from the VM; andissuing an API instruction to the VM to enforce the security policy entry.