SlideShare ist ein Scribd-Unternehmen logo

Securing Virtual and Cloud Environments

Bunmi Sowande
Bunmi Sowande

Visualization is now mainstream. However, traditional antivirus programs are designed to work on physical PC's. F-Secure's Security for Virtual and Cloud Environments is optimized for Virtual machines. Quick presentation to discuss Visualization and the product. Delivered in January 2014

Technologie
1 von 39
Securing Virtual and Cloud Environments January 15th 2014
Securing Virtual and Cloud Environments Agenda Bunmi Sowande Technical Specialist – F-Secure (UK) bunmi_Sowande@f-secure.com 07818 515 687 • • • • • What is virtualization? Benefits of virtualization Virtualization = Cloud ?? Security in Virtual and Cloud Environments F-Secure Security for Virtual and Cloud Environments
Awarded Best Protection & Praised by Certified and Awarded by Analysts numerous 3 parties! rd “Out of all corporate endpoint protection products reviewed, F-Secure Client Security offered by far the best protection.” Andreas Marx, CEO of AV-TEST The Forrester Wave™: Endpoint Security, Q1 2013 Received highest score among all vendors for our product roadmap and strategy. Top ranking scores on performance and satisfaction, in addition to our advanced anti-malware technologies.
Comprehensive Protection Providing 360 protection from all threats Protection Service for Business Business Suite In-House IT Policy Manager Management as a Service Internet Gatekeeper Messaging Security Gateway PSB Portal Out-sourced IT Server Security Client Security Email and Server Security Mobile Security Linux Security AV for Workstations PSB Server Security PSB Email and Server Security PSB Workstation Security Protection Service for Email PSB Mobile Security
Karmina Senior Analyst Security in the news
Security in the News
Security in the News
Security in the News
Security in the News
What is virtualization ?
In the beginning……… ……….Cueball and Associates buy their first server Domain Controller • • • Email Server File and Storage F-Secure Policy Manager Backup Domain Controller CRM Accounting Software Each application requires a separate server Most of the time, the server’s use 5-25% of their resources – VERY INEFFICIENT In large datacenters, most of the power consumed by hardware is just heating the room in idle cycles.
Hardware Resources
Sharing is caring
Benefits of Virtualization • • • • Hardware Cost savings Resource Utilisation is around 80%, better efficiency Reduced power costs (servers and air-conditioning) Capital and operations expenses cut by half, with annual savings of more than £1,000 for each server virtualized • Less space needed in datacentre for physical servers • High Availability, better disaster recovery without complicated clustering • Faster Provisioning of servers • Easy to upgrade • Allows for easy testing and evaluation of applications and Operating Systems
Virtual machines are already mainstream “Roughly two-thirds of x86 server workloads are virtualized, the market is mature and competitive, and enterprises have viable choices” – Gartner, June 2013, Magic Quadrant for x86 Server Virtualization Infrastructure 16 February 14, 2014 © F-Secure Confidential
Other types of Virtualization • • • • Desktop Virtualization – Thin Clients, VDI Storage Virtualization Network Virtualization Application Virtualization
Desktop Virtualization Trends SMB’s are increasingly using virtual desktops Source: Virtualization: A 2013 HorizonWatching Trend Report
Virtualization = Cloud Computing ?? Virtualization – Physical Infrastructure Cloud Computing – Software or a service.
Most common cloud services Web hosting Virtual servers 20 February 14, 2014 Email and collaboration tools Virtual desktops (VDI for BYOD) © F-Secure Confidential
Security for Virtual Environments with optimal performance
Which is more important? Protection level Performance 22 February 14, 2014 © F-Secure Confidential
Special demands in virtual environments Traditional security threats apply, but… Limited hardware capacity Shared hardware usage Added weight to the scanning process 23 February 14, 2014 © F-Secure Confidential Significant impact on desktop virtualization Need to optimize and offer a good user experience Need to invest in additional capacity
Traditional anti-virus in virtual machines Takes up a lot of resources from the hardware Difficult to manage Higher costs High performance impact 24 February 14, 2014 © F-Secure Confidential
F-Secure Security for Virtual and Cloud Environments 25 February 14, 2014 © F-Secure Confidential
Optimized performance Reduced resource usage for virtual environments Performance optimized to reduce hardware costs Light (small footprint) security client for virtual machines Optimized use of hardware capacity High availability and scalability with multi-server deployment 26 February 14, 2014 © F-Secure Confidential
Multi-platform coverage Supports all popular virtualization platforms, including mixed and hybrid environments with multiple virtual platforms 27 February 14, 2014 © F-Secure Confidential Hypervisor agnostic – works with VMware, Citrix, MS Hyper-V, etc Hybrid solution supports different environment combinations
Reduced complexity Single unified central management and standard clients Built-in functionality in standard clients 28 February 14, 2014 © F-Secure Confidential All parts of the solution centrally managed with the same management tool Reduced complexity due to easy deployment
Security for Virtual and Cloud Environments Virtual Machine Physical Machine
Security solution for virtual and cloud environments 1. Uncompromised, best protection against malware, exploits, phishing and other network based attacks 2. Reduced memory, CPU and disk space consumption on virtual machines 3. Can be deployed in any virtualization or cloud environment including mixed and hybrid environments 4. An added feature for the award-winning endpoint and server protection products 5. Scanning offloaded to a dedicated Scanning and Reputation Server
How it works?
Client • Standard F-Secure workstation and server software • One-time installation on virtual machine template • Includes F-Secure award-winning technologies • Centrally managed with a single unified management console Scanning and Reputation Server • Easy deployment with pre-configured virtual appliance • Isolates performance consuming operations from clients • Centrally managed with the same management console as clients Elements Management, provisioning, monitoring • F-Secure Policy Manager installed on Windows or Linux server • Provides policies , configuration and updates for all managed parts of the solution • Status, monitoring, st atistics and licensing
Security for Virtual and Cloud Environments
SVCE Licensing The things you need to know • What is the number of • End points in total • Virtualized end points The products you need 1) Client installations • Client Security or Server Security • Amount of devices 2) Offload scanning server • Scanning and Reputation Server • Amount of clients offloading the scanning How to sell it? n x CS/SS SKU + n x SRS SKU = SVCE Price
SVCE Pricing example – From physical to hybrid environment 200 workstations (100 Physical PCs and 100 Virtualised) 200 x Client Security (100-499) 100 Connections to Scanning and Reputation Server • Multiple SRS Servers can be deployed for scalability and redundancy. • 1 Scanning and Reputation Server (4GB RAM and 4 vCPU) for 100 virtual machines running on the same hypervisor host
No more compromises! Request trial Bunmi.Sowande@f-secure.com Robert.morgan@f-secure.com
Questions ?? Next webinars 12th February - Why SMBs are outsourcing Security to Managed Service Providers – bit.ly/fswebinar4 12th March – Why do you need to protect your mobile devices? - bit.ly/fswebinar5
How it works Component What it does? Policy Manager provides centralized management for products installed on physical and virtual machines Policy Manager Console the administration console to define policies, deploy F-Secure software and monitor status of security Client Security, Server Security and Email and Server Security endpoint security protection installed on physical or virtual desktops and servers respectively Management Agent communicates with Policy Manager, applies defined policies and sends status information and alerts to the Policy Manager Server Automatic Update Agent responsible for downloading and installing software and database updates Offload Scanning Agent offloads malware scanning and content reputation checking to minimize the performance impact Scanning and Reputation Server the virtual appliance based on hardened Linux platform. It provides malware scanning and content reputation services.

Empfohlen

Acronis+IW_Webinar_10Nov2015
Acronis+IW_Webinar_10Nov2015Acronis+IW_Webinar_10Nov2015
Acronis+IW_Webinar_10Nov2015Amer Zia
 
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT Infrastructure
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT InfrastructureThroughwave Day 2015 - Throughwave Next Generation Enterprise IT Infrastructure
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT InfrastructureAruj Thirawat
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm Technologies
 
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...Netgear Italia
 
Acronis presentation
Acronis presentationAcronis presentation
Acronis presentationInteractiveIdeas
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmwareAnton An
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
Acronis access for blaud event
Acronis access for blaud eventAcronis access for blaud event
Acronis access for blaud eventBLAUD
 

Empfohlen

Acronis+IW_Webinar_10Nov2015
Acronis+IW_Webinar_10Nov2015Acronis+IW_Webinar_10Nov2015
Acronis+IW_Webinar_10Nov2015Amer Zia
 
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT Infrastructure
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT InfrastructureThroughwave Day 2015 - Throughwave Next Generation Enterprise IT Infrastructure
Throughwave Day 2015 - Throughwave Next Generation Enterprise IT InfrastructureAruj Thirawat
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm Technologies
 
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...
Webinar NETGEAR - Acronis Backup 12 e ReadyCloud per il backup e l'accesso re...Netgear Italia
 
Acronis presentation
Acronis presentationAcronis presentation
Acronis presentationInteractiveIdeas
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmwareAnton An
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportDell EMC World
 
Acronis access for blaud event
Acronis access for blaud eventAcronis access for blaud event
Acronis access for blaud eventBLAUD
 
vRealize Network Insight 3.3
vRealize Network Insight 3.3vRealize Network Insight 3.3
vRealize Network Insight 3.3VMware
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuardMarketingArrowECS_CZ
 
Delivering Backup as a service
Delivering Backup as a serviceDelivering Backup as a service
Delivering Backup as a service4sl
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm Technologies
 
CyberCloud
CyberCloud CyberCloud
CyberCloud kylefharvey
 
Crm implementation (oracle)
Crm implementation (oracle)Crm implementation (oracle)
Crm implementation (oracle)Lauren Taylor
 
Security Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying ValueSecurity Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying ValueJan Robin
 
Cloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCiaran Roche
 
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWAREPOST Telecom for Business
 
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...VMware
 
EarthLink Business Cloud Hosting
EarthLink Business Cloud HostingEarthLink Business Cloud Hosting
EarthLink Business Cloud HostingMike Ricca
 
Ibm spectrum storage protecion
Ibm spectrum storage protecion Ibm spectrum storage protecion
Ibm spectrum storage protecion Coenraad Smith
 
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...POST Telecom for Business
 
TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0Robb Boyd
 
Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...PT Datacomm Diangraha
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareNetgear Italia
 
Nutanix
NutanixNutanix
Nutanixrosslili
 
7 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud17 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud1AISDC
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud ServicesJohn Rhoton
 
Datacenter virtualization
Datacenter virtualizationDatacenter virtualization
Datacenter virtualizationNetmagic Solutions Pvt. Ltd.
 
Cloud computing – an emerging paradigm
Cloud computing – an emerging paradigmCloud computing – an emerging paradigm
Cloud computing – an emerging paradigmNazneen Sheikh
 
Cloud computing by Bhavesh
Cloud computing by BhaveshCloud computing by Bhavesh
Cloud computing by BhaveshBhavesh Khandelwal
 

Weitere ähnliche Inhalte

Was ist angesagt?

vRealize Network Insight 3.3
vRealize Network Insight 3.3vRealize Network Insight 3.3
vRealize Network Insight 3.3VMware
 
Delivering Backup as a service
Delivering Backup as a serviceDelivering Backup as a service
Delivering Backup as a service4sl
 
Crm implementation (oracle)
Crm implementation (oracle)Crm implementation (oracle)
Crm implementation (oracle)Lauren Taylor
 
Security Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying ValueSecurity Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying ValueJan Robin
 
Cloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCiaran Roche
 
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWAREPOST Telecom for Business
 
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...VMware
 
EarthLink Business Cloud Hosting
EarthLink Business Cloud HostingEarthLink Business Cloud Hosting
EarthLink Business Cloud HostingMike Ricca
 
Ibm spectrum storage protecion
Ibm spectrum storage protecion Ibm spectrum storage protecion
Ibm spectrum storage protecion Coenraad Smith
 
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...POST Telecom for Business
 
TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0Robb Boyd
 
Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...PT Datacomm Diangraha
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareNetgear Italia
 
7 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud17 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud1AISDC
 

Was ist angesagt? (18)

vRealize Network Insight 3.3
vRealize Network Insight 3.3vRealize Network Insight 3.3
vRealize Network Insight 3.3
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Delivering Backup as a service
Delivering Backup as a serviceDelivering Backup as a service
Delivering Backup as a service
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overview
 
CyberCloud
CyberCloud CyberCloud
CyberCloud
 
Crm implementation (oracle)
Crm implementation (oracle)Crm implementation (oracle)
Crm implementation (oracle)
 
Security Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying ValueSecurity Grade Servers and Storage - Quantifying Value
Security Grade Servers and Storage - Quantifying Value
 
Cloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran RocheCloud Networking Presentation - WAN Summit - Ciaran Roche
Cloud Networking Presentation - WAN Summit - Ciaran Roche
 
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
[Event] Digital transformation : Empower digital workspace - PRESENTATION VMWARE
 
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
VMware: Enabling Software-Defined Storage Using Virtual SAN (Business Decisio...
 
EarthLink Business Cloud Hosting
EarthLink Business Cloud HostingEarthLink Business Cloud Hosting
EarthLink Business Cloud Hosting
 
Ibm spectrum storage protecion
Ibm spectrum storage protecion Ibm spectrum storage protecion
Ibm spectrum storage protecion
 
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
[Event] Digital transformation : Enterprise cloud one os one click - PRESENTA...
 
TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0TechWiseTV Workshop: HyperFlex 3.0
TechWiseTV Workshop: HyperFlex 3.0
 
Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...Seminar Accelerating Business Using Microservices Architecture in Digital Age...
Seminar Accelerating Business Using Microservices Architecture in Digital Age...
 
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del RansomwareWebinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
Webinar NETGEAR - Come Netgear può aiutare a mitigare gli effetti del Ransomware
 
Nutanix
NutanixNutanix
Nutanix
 
7 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud17 Essentials of AIS BusinessCloud1
7 Essentials of AIS BusinessCloud1
 

Ähnlich wie Securing Virtual and Cloud Environments

Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud ServicesJohn Rhoton
 
Cloud computing – an emerging paradigm
Cloud computing – an emerging paradigmCloud computing – an emerging paradigm
Cloud computing – an emerging paradigmNazneen Sheikh
 
Introducing Acronis Backup as a Service
Introducing Acronis Backup as a ServiceIntroducing Acronis Backup as a Service
Introducing Acronis Backup as a ServiceIngram Micro Cloud
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2jeffirby
 
Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Ricardo Resnik
 
Virtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The GiantsVirtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The Giantseblake
 
Cloud University: 2015 - A Year of Grape Opportunity
Cloud University: 2015 - A Year of Grape OpportunityCloud University: 2015 - A Year of Grape Opportunity
Cloud University: 2015 - A Year of Grape OpportunityIngram Micro Cloud
 
iland Cloud Infrastructure
iland Cloud Infrastructureiland Cloud Infrastructure
iland Cloud Infrastructuremidtownchic
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld
 
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPraktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPrimend
 
DELL Technologies - The Complete Portfolio in 25 Minutes
DELL Technologies - The Complete Portfolio in 25 MinutesDELL Technologies - The Complete Portfolio in 25 Minutes
DELL Technologies - The Complete Portfolio in 25 MinutesDell Technologies
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPNAjay Nawani
 
CloudOps evening presentation from Savvis
CloudOps evening presentation from SavvisCloudOps evening presentation from Savvis
CloudOps evening presentation from SavvisAlistair Croll
 
Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesAditi Shrivastava
 
Mindshare Hosting Presentation
Mindshare Hosting PresentationMindshare Hosting Presentation
Mindshare Hosting PresentationChristian_A_Breaux
 

Ähnlich wie Securing Virtual and Cloud Environments (20)

Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud Services
 
Datacenter virtualization
Datacenter virtualizationDatacenter virtualization
Datacenter virtualization
 
Cloud computing – an emerging paradigm
Cloud computing – an emerging paradigmCloud computing – an emerging paradigm
Cloud computing – an emerging paradigm
 
Cloud computing by Bhavesh
Cloud computing by BhaveshCloud computing by Bhavesh
Cloud computing by Bhavesh
 
Introducing Acronis Backup as a Service
Introducing Acronis Backup as a ServiceIntroducing Acronis Backup as a Service
Introducing Acronis Backup as a Service
 
Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2Accelerated Saa S Exec Briefing V2
Accelerated Saa S Exec Briefing V2
 
Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3
 
Virtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The GiantsVirtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The Giants
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Cloud University: 2015 - A Year of Grape Opportunity
Cloud University: 2015 - A Year of Grape OpportunityCloud University: 2015 - A Year of Grape Opportunity
Cloud University: 2015 - A Year of Grape Opportunity
 
iland Cloud Infrastructure
iland Cloud Infrastructureiland Cloud Infrastructure
iland Cloud Infrastructure
 
VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101VMworld 2014: Virtualization 101
VMworld 2014: Virtualization 101
 
Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)Security As A Service In Cloud(SECaaS)
Security As A Service In Cloud(SECaaS)
 
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendusedPraktiline pilvekonverents - IT haldust hõlbustavad uuendused
Praktiline pilvekonverents - IT haldust hõlbustavad uuendused
 
DELL Technologies - The Complete Portfolio in 25 Minutes
DELL Technologies - The Complete Portfolio in 25 MinutesDELL Technologies - The Complete Portfolio in 25 Minutes
DELL Technologies - The Complete Portfolio in 25 Minutes
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPN
 
IBM MQ v8 enhancements
IBM MQ v8 enhancementsIBM MQ v8 enhancements
IBM MQ v8 enhancements
 
CloudOps evening presentation from Savvis
CloudOps evening presentation from SavvisCloudOps evening presentation from Savvis
CloudOps evening presentation from Savvis
 
Encoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization servicesEncoding Enhancers Woolpack virtualization services
Encoding Enhancers Woolpack virtualization services
 
Mindshare Hosting Presentation
Mindshare Hosting PresentationMindshare Hosting Presentation
Mindshare Hosting Presentation
 

Kürzlich hochgeladen

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Kürzlich hochgeladen (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Securing Virtual and Cloud Environments

  • 1. Securing Virtual and Cloud Environments January 15th 2014
  • 2. Securing Virtual and Cloud Environments Agenda Bunmi Sowande Technical Specialist – F-Secure (UK) bunmi_Sowande@f-secure.com 07818 515 687 • • • • • What is virtualization? Benefits of virtualization Virtualization = Cloud ?? Security in Virtual and Cloud Environments F-Secure Security for Virtual and Cloud Environments
  • 3.
  • 4. Awarded Best Protection & Praised by Certified and Awarded by Analysts numerous 3 parties! rd “Out of all corporate endpoint protection products reviewed, F-Secure Client Security offered by far the best protection.” Andreas Marx, CEO of AV-TEST The Forrester Wave™: Endpoint Security, Q1 2013 Received highest score among all vendors for our product roadmap and strategy. Top ranking scores on performance and satisfaction, in addition to our advanced anti-malware technologies.
  • 5. Comprehensive Protection Providing 360 protection from all threats Protection Service for Business Business Suite In-House IT Policy Manager Management as a Service Internet Gatekeeper Messaging Security Gateway PSB Portal Out-sourced IT Server Security Client Security Email and Server Security Mobile Security Linux Security AV for Workstations PSB Server Security PSB Email and Server Security PSB Workstation Security Protection Service for Email PSB Mobile Security
  • 12. In the beginning……… ……….Cueball and Associates buy their first server Domain Controller • • • Email Server File and Storage F-Secure Policy Manager Backup Domain Controller CRM Accounting Software Each application requires a separate server Most of the time, the server’s use 5-25% of their resources – VERY INEFFICIENT In large datacenters, most of the power consumed by hardware is just heating the room in idle cycles.
  • 15. Benefits of Virtualization • • • • Hardware Cost savings Resource Utilisation is around 80%, better efficiency Reduced power costs (servers and air-conditioning) Capital and operations expenses cut by half, with annual savings of more than £1,000 for each server virtualized • Less space needed in datacentre for physical servers • High Availability, better disaster recovery without complicated clustering • Faster Provisioning of servers • Easy to upgrade • Allows for easy testing and evaluation of applications and Operating Systems
  • 16. Virtual machines are already mainstream “Roughly two-thirds of x86 server workloads are virtualized, the market is mature and competitive, and enterprises have viable choices” – Gartner, June 2013, Magic Quadrant for x86 Server Virtualization Infrastructure 16 February 14, 2014 © F-Secure Confidential
  • 17. Other types of Virtualization • • • • Desktop Virtualization – Thin Clients, VDI Storage Virtualization Network Virtualization Application Virtualization
  • 18. Desktop Virtualization Trends SMB’s are increasingly using virtual desktops Source: Virtualization: A 2013 HorizonWatching Trend Report
  • 19. Virtualization = Cloud Computing ?? Virtualization – Physical Infrastructure Cloud Computing – Software or a service.
  • 20. Most common cloud services Web hosting Virtual servers 20 February 14, 2014 Email and collaboration tools Virtual desktops (VDI for BYOD) © F-Secure Confidential
  • 22. Which is more important? Protection level Performance 22 February 14, 2014 © F-Secure Confidential
  • 23. Special demands in virtual environments Traditional security threats apply, but… Limited hardware capacity Shared hardware usage Added weight to the scanning process 23 February 14, 2014 © F-Secure Confidential Significant impact on desktop virtualization Need to optimize and offer a good user experience Need to invest in additional capacity
  • 24. Traditional anti-virus in virtual machines Takes up a lot of resources from the hardware Difficult to manage Higher costs High performance impact 24 February 14, 2014 © F-Secure Confidential
  • 25. F-Secure Security for Virtual and Cloud Environments 25 February 14, 2014 © F-Secure Confidential
  • 26. Optimized performance Reduced resource usage for virtual environments Performance optimized to reduce hardware costs Light (small footprint) security client for virtual machines Optimized use of hardware capacity High availability and scalability with multi-server deployment 26 February 14, 2014 © F-Secure Confidential
  • 27. Multi-platform coverage Supports all popular virtualization platforms, including mixed and hybrid environments with multiple virtual platforms 27 February 14, 2014 © F-Secure Confidential Hypervisor agnostic – works with VMware, Citrix, MS Hyper-V, etc Hybrid solution supports different environment combinations
  • 28. Reduced complexity Single unified central management and standard clients Built-in functionality in standard clients 28 February 14, 2014 © F-Secure Confidential All parts of the solution centrally managed with the same management tool Reduced complexity due to easy deployment
  • 29. Security for Virtual and Cloud Environments Virtual Machine Physical Machine
  • 30. Security solution for virtual and cloud environments 1. Uncompromised, best protection against malware, exploits, phishing and other network based attacks 2. Reduced memory, CPU and disk space consumption on virtual machines 3. Can be deployed in any virtualization or cloud environment including mixed and hybrid environments 4. An added feature for the award-winning endpoint and server protection products 5. Scanning offloaded to a dedicated Scanning and Reputation Server
  • 32. Client • Standard F-Secure workstation and server software • One-time installation on virtual machine template • Includes F-Secure award-winning technologies • Centrally managed with a single unified management console Scanning and Reputation Server • Easy deployment with pre-configured virtual appliance • Isolates performance consuming operations from clients • Centrally managed with the same management console as clients Elements Management, provisioning, monitoring • F-Secure Policy Manager installed on Windows or Linux server • Provides policies , configuration and updates for all managed parts of the solution • Status, monitoring, st atistics and licensing
  • 33.
  • 34. Security for Virtual and Cloud Environments
  • 35. SVCE Licensing The things you need to know • What is the number of • End points in total • Virtualized end points The products you need 1) Client installations • Client Security or Server Security • Amount of devices 2) Offload scanning server • Scanning and Reputation Server • Amount of clients offloading the scanning How to sell it? n x CS/SS SKU + n x SRS SKU = SVCE Price
  • 36. SVCE Pricing example – From physical to hybrid environment 200 workstations (100 Physical PCs and 100 Virtualised) 200 x Client Security (100-499) 100 Connections to Scanning and Reputation Server • Multiple SRS Servers can be deployed for scalability and redundancy. • 1 Scanning and Reputation Server (4GB RAM and 4 vCPU) for 100 virtual machines running on the same hypervisor host
  • 37. No more compromises! Request trial Bunmi.Sowande@f-secure.com Robert.morgan@f-secure.com
  • 38. Questions ?? Next webinars 12th February - Why SMBs are outsourcing Security to Managed Service Providers – bit.ly/fswebinar4 12th March – Why do you need to protect your mobile devices? - bit.ly/fswebinar5
  • 39. How it works Component What it does? Policy Manager provides centralized management for products installed on physical and virtual machines Policy Manager Console the administration console to define policies, deploy F-Secure software and monitor status of security Client Security, Server Security and Email and Server Security endpoint security protection installed on physical or virtual desktops and servers respectively Management Agent communicates with Policy Manager, applies defined policies and sends status information and alerts to the Policy Manager Server Automatic Update Agent responsible for downloading and installing software and database updates Offload Scanning Agent offloads malware scanning and content reputation checking to minimize the performance impact Scanning and Reputation Server the virtual appliance based on hardened Linux platform. It provides malware scanning and content reputation services.

Hinweis der Redaktion

  1. We have been awarded Best Protection..
  2. Let’s look at the detail of our security offering…
  3. Target – Originally 40 million people, this weekend 70, some say 110 millionNeiman Marcus – This weekendUSB Sticks – Cut hole in ATM, installed malware, patched the security vulnerabilities. Required 2 codes from different gangs, trust issuesWindows XP, usually old versions. End of Life in April 2014, may yet be the security story of 2014
  4. Skype – Twitter, Facebook and Wordpress accounts. Not using two factor authentication. This weekend, Microsoft news and Xbox accounts were also hacked.
  5. Snapchat was warned about the attack, however, they brushed it off, saying the risk was theoretical. After the attack, they blamed the researcher who found the vulnerability, did not apologise until Jan 9th. Improvements, not clear, but users can now opt out.
  6. From December 31 to January 3, Adverts on Yahoo’s websites lead to malware. 27,000 infections every hour the malware was live on the site. Over the period of the attack that could mean as many as two million machines were infected.
  7. Number of Servers very quickly add upServers are designed to run one operating system and one application at a timeAsk the admin what his five most important applications are, and he will point to 5 or more servers.
  8. Reductions in hardware requirements by a ratio of 10:1 or better.
  9. This is up from around 50% in June 2012…….a very rapid upward trend !!
  10. Desktop - Desktop virtualization is software technology that separates the desktop environment and associated application software from the physical client device that is used to access it.Storage - the amalgamation of multiple network storage devices into what appears to be a single storage unit. Network -
  11. Virtualization makes cloud computing possible by decoupling software from hardware. Virtualisation – high upfront costs (save money in the long run), cloud – subscription service. virtualization can be a method for delivering a private cloud, but it doesn’t work the other way around. “Every square is a rectangle but not every rectangle is a square. Every cloud is composed of virtual infrastructure but not every virtual infrastructure is part of a cloud.”
  12. Our performance is on par with the best competition – but with the best protection level
  13. Competition does not offer support for mixed / hybrid environments
  14. F-Secure Security for Virtual and Cloud Environments (SVCE) is a security solution for virtual environments. It is hypervisor agnostic and thus can be deployed in any virtualization (VI or VDI) environment. Unlike other security vendors offering agent-less or silent-agent based solutions, F-Secure SVCE is an added feature for the existing F-Secure award-winning end-point and server protection products. It allows to offload CPU intensive scanning operations to a dedicated F-Secure Scanning and Reputation Server (SRS) and reduce CPU and/or memory consumption on virtual machines. While this results increased VM density per hypervisor, it still provides the best protection possible against malware, exploits, phishing and other network based attacks. 
  15. Adding SRS increases the license cost, butSAVES MORE IN HARDWARE