Eight reasons for adopting the no-proxy terminal security protection technology

Anyone familiar with terminal security knows that terminal security management is a time-consuming and laborious task. terminals are widely distributed, diverse, and difficult to control. Traditional terminal security protection methods need to deploy proxies on terminals to ensure that these proxies are always effective and can be updated in a timely manner. This is a challenging task.

The arrival of the era of virtualization and cloud computing has completely changed all of this. The virtual infrastructure brings new management and control measures to the enterprise's computing environment, making no proxy security possible. Compared with the traditional proxy mode, the non-proxy mode has many advantages:

1. Simplified deployment

Virtualization technology can help administrators quickly and simply deploy the system. Deploying a New System Using a virtual machine template is a simple and pleasant task, with no proxy mode, the Administrator does not need to deploy or update the agent in the model machine to better ensure the compliance of the Virtual Machine and reduce the volume and management workload of the virtual machine. The added work is to deploy a secure virtual device SVA on each physical server. Taking the conventional integration ratio of as an example, the deployment workload is reduced by 4/5. If the application scenario is VDI, A server can deploy dozens of virtual desktops, and the deployment workload is only a fraction of the proxy mode.

Ii. simplified management

Maintaining the terminal, especially the security proxy inside the terminal, is one of the important tasks of the Administrator. In proxy mode, the Administrator must monitor the agent status on each terminal at any time, promptly detects problems such as no proxy, abnormal proxy functions, and obsolete proxy. If the protection is not in place, the security of the entire network will be greatly affected. The non-proxy mode is used, and the management workload of this Part does not exist. The added work is the management of security Virtual Device SVA. According to the above, the management workload is only a fraction to a tenth of the proxy mode.

3. Avoid virus scanning storms

Security agents occupy a large amount of Host resources when performing virus scanning. in virtual infrastructure, virus scanning has a more significant impact on performance. When a virtual machine is started and periodically performs scanning or when a worm virus is prevalent, if the scanning behavior cannot be effectively controlled, a virus scan storm may occur, seriously affecting the performance of the business system or even service interruption. In non-proxy mode, the scanning of multiple virtual machines running on the same physical server is uniformly scheduled, and resource occupation is effectively controlled, eliminating the occurrence of virus scanning storms.

4. Reduce resource usage

The Security Proxy running on the host occupies the CPU, memory, and disk resources of the host. Engine and virus-defined updates occupy network resources. In recent years, malicious programs have grown rapidly, and the volume of Anti-Virus products and virus definition files has increased. Although security vendors have continuously introduced new technologies to reduce the impact of security agents on hosts, still cannot effectively solve this problem. This problem does not exist in the non-proxy mode. When the number of terminals is large, the number of resources saved will be considerable.
Figure 1 shows the comparison of memory resource usage in two modes, and Figure 2 shows the comparison of the bandwidth usage of virus update in two modes.
650) this. width = 650; "border =" 0 "alt =" when there are too many other large numbers of small numbers of numbers "src = ".. /attachment/201201/005605492 .jpg"/> 650) this. width = 650; "border =" 0 "alt =" "src =" http://img1.51cto.com/attachment/201201/163151403.jpg "/>

5. Keep up to date

In traditional mode, if the host is often shut down or offline, security products cannot be updated in a timely manner. When the host is powered on or connected again, the system is vulnerable to infection and damage. 0-day attacks are increasing. If the real-time update of Anti-Virus products and virus definitions cannot be ensured, the protection effect will be greatly reduced. No proxy mode is used, as long as the security Virtual Device SVA is guaranteed to be online at any time, it can be updated in a timely manner.

6. higher density and lower cost

As mentioned above, the no-proxy mode can greatly reduce resource usage and completely eliminate virus scanning storms. Therefore, it can increase deployment density and reduce hardware procurement costs. In addition, non-Proxy Security protection products for virtualization platforms usually provide the physical CPU-based authorization mode, in which the product is purchased, it is much more cost-effective than purchasing by the number of deployed nodes. The higher the deployment density, the higher the price/performance ratio.

7. Better security

Many malicious programs take security products as their targets. Security products must have good self-protection functions, but such self-protection functions are not effective. Once a security product is infected with malicious code, it not only fails to provide protection, but also accelerates the delivery of malicious code. This hidden danger is eliminated in non-proxy mode. Security Virtual Device SVA adopts a dedicated system with a high security level, which significantly improves the overall security in the agentless mode.

8. Higher efficiency

In non-proxy mode, physical hosts are the basic unit of security protection, activities generated on all virtual machines running on a physical host are monitored by the security Virtual Device SVA deployed on the physical host. When multiple virtual machines perform the same activity, SVA can use the cache technology to accelerate scanning to improve scanning efficiency, especially those operating systems and application files that are already present in multiple virtual machines, the scanning performance will be greatly improved.

650) this. width = 650; "border =" 0 "alt =" too many times? "Src =" ../attachment/201201/005444725 .jpg"/>

For more information about the no-proxy terminal security solution, visit:

VMware vShield Endpoint cloud security solution:
Http://www.vmware.com/cn/products/datacenter-virtualization/vshield-endpoint/overview.html

TrendMicro Deep Security non-Proxy Security Solution:
Http://cn.trendmicro.com/cn/products/enterprise/DSDeepSecurity/index.html

BitDefender SVE No proxy security solution:
Http://www.bitdefender.com/sve

This article is from the blog "Simon [love life, love learning]". For more information, contact the author!