The Protection and Operational Benefits of Agentless Security in Virtual Environments - Osterman Research White Paper

7/23/2019 The Protection and Operational Benefits of Agentless Security in Virtual Environments - Osterman Research White Paper

http://slidepdf.com/reader/full/the-protection-and-operational-benefits-of-agentless-security-in-virtual-environments 1/12

Osterman Research, I

P.O. Box 1058 • Black Diamond, Washington • 98010-1058 • U

Tel: +1 253 630 5839 • Fax: +1 253 458 0934 • [email protected]

www.ostermanresearch.com • twitter.com/mosterm

An Osterman Research White Pape

Published March 20

SPONSORED B

The Protection and Operational Benefits o Agentless Security in Virtual Environment

W H I T E

P A P E R



The Protection and Operational Benefits of Agentless Security in Virtual Environments

©2012 Osterman Research, Inc. 1

Executive Summary

There are two important trends occurring in the security space that every organization mustaddress:

•

Increasing threat levelsNot only is the sheer volume of malware, phishing attempts and other types of securitythreats increasing, but also increasing is the risk that affected organizations face from thesepotential incursions. The consequences of a successful threat include not only loss of funds,

data and intellectual property; but also regulatory problems that can ensue, such as the

obligation to remediate events like data breaches. As a result, security capabilities mustcontinually evolve – and do so frequently.

• A need for greater efficiencyIT departments must manage a growing number of systems, services and data types, both

on-premise and in the cloud. To accommodate this increase in the number of systems andcapabilities that IT must manage, while continuing to become more cost-efficient in the

datacenter, IT organizations must accelerate virtualization and cloud investments, andensure that security now works more efficiently within this environment.

The bottom line is that a) security must improve and b) it must operate more efficiently in a

virtualized infrastructure. To accomplish these goals, the ability to deploy agentless security tothe various virtual machines (VMs) on a host physical server can have dramatic impacts on ITstaff efficiency and operational costs, while maintaining a high level of security against the

prevailing threat environment.

KEY TAKEAWAYSOsterman Research undertook a research program to understand how an agentless security

architecture, as provided by Trend Micro Deep Security, performs among a variety of itscustomers and compares to businesses using traditional agent-based security. Our goal was to

understand what customers thought of Deep Security, to determine if it improved operational

efficiency, and to determine if it helped organizations to address their security requirements in avirtualized environment. Our high-level findings from the research are summarized as follows:

• The wide range of server security capabilities from anti-virus to intrusion prevention tointegrity monitoring that are built into Deep Security enable a lower total cost of ownership

by providing security features and functions under a single umbrella from one vendor.

• The Deep Security agentless security architecture enables faster provisioning of security

capabilities on new VMs, as well as easier ongoing maintenance.

• The agentless virtual patching capabilities of Deep Security reduces the cost and complexity

of keeping systems up to date on the latest patches, allowing organizations to roll outpatches on a more scheduled and systematic basis.

• With agentless security, in particular agentless anti-virus, VM density is significantly

improved when compared to agent-based security solutions, resulting in much lower total

cost of ownership.





ABOUT THIS WHITE PAPERThis white paper discusses the results of the research program that Osterman Research

undertook to learn more about Deep Security’s capabilities. It was sponsored by Trend Micro,

information about which is included at the end of this white paper.

Virtualization and Its Security Implications

Virtualization has been used for decades, starting first in mainframe environments in the 1960sand later developed for the x86 platform during the 1990s. More recently, virtualization has

found dramatically increased interest as a result of the push toward the cloud, both public and

private. In addition to the cloud, the convergence of excess capacity in the computinginfrastructure, tightening budgets that require IT departments to do more with less, and the

growing use of Web applications, have all driven the rapid adoption of platforms like VMwarevSphere, as well as virtualization platforms from Microsoft and Citrix. The result has been

growth in the number of offerings that can take advantage of virtualization technologies and

decision makers’ willingness to embrace them. For example, virtualization is used in every

Fortune 100 company.

The primary drivers for virtualization are:

• Consolidation of servers within data centers

Because virtualization permits the deployment of multiple VMs onto a single physical server,and because virtualization is a key enabler for cloud services, organizations are embracingvirtualization as a way to reduce IT staff costs, reduce power consumption and simplify IT

management.

• Performance

VMs can take full advantage of the performance of servers to provide a better backendexperience for services like email or CRM, as well as a better desktop experience in virtual

desktop interface (VDI) environments.

• Agility

Virtualization permits more rapid deployment, faster recovery, easier and more flexibleassignment of computing resources to specific tasks, and other advantages, making ITdepartments and organizations better able to respond to planned and unplanned events.

VIRTUALIZED ENVIRONMENTS REQUIRE A DIFFERENT SECURITY APPROACHHowever, security in a virtualized environment must address the unique threats and

infrastructure considerations of this platform. Security cannot effectively be achieved withtraditional, physical machine approaches, but instead requires virtualization-aware security iforganizations hope to keep their environments as secure as possible. Among the many

challenges associated with virtualized security are the following:

• Not only must IT maintain the security of the physical server on which the VMs are

deployed, but they must maintain security on each of the VMs, as well. This adds to IT’sworkload and increases the threat exposure for a network.





• With traditional security, scans or updates are often initiated simultaneously across all VMs

on a host, causing resource contention and performance degradation. Some vendors

suggest randomization or grouping in virtual environments to try to avoid these issues.However, randomization can take an excessive amount of time to run through a complete

scan or update and is not designed to avoid times of high system usage, while groupingdoes not account for the dynamic nature of VMs, requiring reconfiguration if VMs are

migrated or cloned.

• VMs are much more subject than physical servers to be out of date and therefore notupdated with the most recent security patches and pattern updates. VMs that lie dormant

for long periods – and so are not patched like physical servers or continually active VMs –are quite common in some organizations, such as when specific VM configurations are

created to satisfy particular types of testing or for specific applications and are activated

only occasionally. When these machines are reactivated, they are highly vulnerable tothreats that have already been patched on other VMs and so pose a significant securitythreat until they are brought up to date. For example, Intel recommends that “Care must

be taken to apply in a timely fashion security patches and configuration changes required by

policy to all VMs, including those that are not running.1

”

• Blind spots can be created when using traditional network security appliances because theyare unable to see the communication between VMs on the same host unless allcommunications are routed outside the host machine to this separate appliance. However,

this security configuration introduces significant time lags.

• Traditional security models using Security Information and Event Management (SIEM)

systems are not as useful in a VM environment because these systems cannot see inside VMs.

•

Other security challenges include: inter-VM traffic which can lead to attacks between VMson the same host; hypervisor compromises, such as hyperjacking or guest VM escape; and

mixed trust level workloads in which VMs with high-risk applications might be housed nextto VMs with critical applications and data.

In short, while virtualization offers a number of advantages, it opens up a new set of security

threats that do not exist – or are addressed with a different approach – in the world of physicalservers.

WHY AGENTLESS SECURITY MAKES SENSE IN A VIRTUAL ENVIRONMENT Agentless security in a virtual environment involves deploying a dedicated security virtual

appliance on each host physical server. This security virtual appliance integrates with the

hypervisor APIs to communicate and protect each guest VM without requiring a separatesecurity agent on each VM. The security virtual appliance coordinates and staggers scans and

updates to ensure that all active, dormant, and reactivated VMs have up-to-date security whilealso preserving resources. The advantages of this approach are several:

1 http://communities.intel.com/servlet/JiveServlet/previewBody/3833-102-1-6269/VT%20Security%20Whitepaper_final.pdf





• Traditional security solutions in which an agent is applied to each VM require significant

amounts of IT labor to manage. As in physical environments, each machine must have a

security agent installed, patched, updated and otherwise managed. In an environment inwhich many tens of VMs may run on a single physical server, this is a cumbersome and

expensive process. And this issue is exacerbated when multiple security solutions aredeployed across VMs, requiring several agents. With a security virtual appliance, multiple

types of server security can be combined in one solution, such as anti-virus, intrusionprevention, integrity monitoring, and more. Moreover, this integrated protection can be

deployed using an agentless approach that eliminates the burden of security agents onguest VMs.

• Agent-based security installed on each VM does not get around the problem of dormant

machines with out-of-date security being reactivated and therefore becoming a security

threat until they are brought up to date. Properly architected agentless security systems,on the other hand, can coordinate security updates across active, dormant, cloned, andreactivated VMs, ensuring that they always have up-to-date security.

•

Agentless security requires much less virtual system resources (CPU, memory and disk)compared to traditional agent-based solutions on each VM. Resource-intensive operations,

such as full system scans, are run from the separate security virtual appliance. Andcoordinating and staggering scans across guest VMs helps to preserve resources, avoidingresource contention issues, such as anti-virus storms. This results not only in better

performance of the physical host on which the VMs run, but also much higher VM density –better supporting one of the primary benefits of virtualization.

Improving Security and Operational Efficiency

ABOUT THE RESEARCH CONDUCTED FOR THIS WHITE PAPERTo understand more about the security and operational benefits of agentless security andvirtual patching using Trend Micro Deep Security, Osterman Research conducted in-depth

interviews with a number of Deep Security customers across a range of industries and

organization sizes. In addition, we also conducted a separate research program focused onagent-based security processes in order to provide comparative data with Deep Security. Thegoal of this research was two-fold:

• To understand the “before” picture in these organizations: how their security infrastructure

was managed prior to the deployment of Deep Security and what prompted these

organizations to seek a more comprehensive and easier-to-manage server securitycapability.

• To understand the “after” picture: how Deep Security has helped organizations to

accomplish their security objectives and to determine if these organizations’ expectationshave been met.

The interviews for this white paper were conducted during August and September 2011.





KEY BENEFITS UNCOVERED IN THE RESEARCHOur research uncovered a number of important benefits that Deep Security-enabled

organizations have experienced:

• Time savings for initial deployment

One of the fundamental advantages of an agentless security approach is the ability to avoiddeploying security agents on every VM in an environment. Our research found that the

initial deployment effort with Deep Security took some effort, often because of problems

with corrupt databases on agent-based systems or other issues had to be rectified beforeDeep Security was installed. Even so, the effort required to deploy Deep Security wascomparable to setup times encountered with individual agent-based solutions: a food

processing company with whom we spoke, for example, initially required only 10 hours to

deploy Deep Security with vShield Endpoint on 16 VMs with another four hours to fullydocument the environment – an average of only 53 minutes per VM for the very first

deployment of Deep Security.

Where Deep Security saves significant setup time is when customers need to install multiple

separate point security solutions – for example, for separate solutions such as anti-virus,host firewall, host IPS, and integrity monitoring. By providing these technologies in a singleintegrated virtual appliance, Deep Security reduces overall setup time relative to other

market alternatives that deploy multiple agent-based solutions, as shown in the followingtable.

TABLE 1

Sample Anticipated Savings in Initial Install/Setup Time with Deep Security

Activity

Agent-Based

Security

Deep

Security

Install/setup time for agent-based AV on email servers 44 min

53 min

Install/setup time for an agent-based host firewall 38 min

Install/setup time for agent-based host IDS/IPS 40 min

Install/setup time for agent-based file-integrity monitoring 32 min

Install/setup time for agent-based log inspection 28 min

TOTAL MINUTES REQUIRED PER SERVER 182 min 53 min

SERVERS DEPLOYED PER YEAR* 20

SALARY FOR IT LABOR ($80,000/year) $38.46/hour

TOTAL COST $2,333 $679

INITIAL INSTALL/SETUP SAVINGS WITH DEEP SECURITY $1,654

* Note that these savings are based on a conservative estimate of 20 servers deployed per year.

Many organizations will have considerably more servers, which will result in higher savings.

• Faster deployment on new VMs

After the initial deployment and working through the problems that existed with theprevious environments, however, standing up new VMs is extremely fast. Withoutexception, our research found that Deep Security permitted easier on-going management of

security provisioning for new VMs. Some organizations had to do provisioning frequently,such as a food processing company that must provision roughly 200 new VMs per quarter,down to some organizations that perform this activity only a few times per quarter.





Our research found that provisioning with Deep Security requires little or no extra time pernew VM, offering substantial savings over what organizations have found in their previous

security environments. Below are examples of how quickly organizations were able to

provision new VMs when not hindered by their security solutions:

o

A Canadian firm found that provisioning a new VM requires only two minutes comparedto 15 minutes with their previous security solution.

o

A Turkish steel manufacturer can provision a new VM in less than five minutes.

o

A US food processing company requires only 2-3 minutes to provision on a new VM.

The reduced amount of time for provisioning can result in significant cost savings for an

organization. For example, let’s assume that 200 new VMs will be configured each quarter

and, using the Canadian firm’s experience, this will result in a total time investment perquarter of six hours 40 minutes (200 machines x 2 minutes per machine). With theirprevious security solution, this would have required 50 hours (200 machines x 15 minutes

per machine). Assuming a fully burdened annual salary for an IT staff member of $80,000,this translates to an annual cost savings of $6,667 and 173 IT staff-hours – a significant

savings for a single aspect of managing VMs. This data is converted into savings per 1,000users in the table below.

Moreover, and almost without exception, the companies we interviewed told us that it is

easier to provide ongoing management for agentless security on existing VMs with Deep

Security, resulting in further cost savings. Sample anticipated savings from Deep Security interms of the time required for ongoing management is shown in the following table.

TABLE 2

Sample Anticipated Savings in Ongoing Management with Deep SecurityCalculations per 1,000 Users

Activity Agent-Based

SecurityDeep

Security

Provisioning of new VMs introduced after initial install in hours per

month per 1,000 users5.8 0.8

Reconfiguration of security due to VM migration and load balancing

in hours per month per 1,000 users6.8 0.9

Manual administration of pattern updates in hours per month per1,000 users

2.6 0.3

TOTAL HOURS REQUIRED PER YEAR PER 1,000 USERS 182.4 24.0

SALARY FOR IT LABOR ($80,000/year) $38.46/hour

TOTAL COST PER 1,000 USERS $7,015 $923

ANNUAL MANAGEMENT SAVINGS WITH DEEP SECURITY $6,092

• Patching is significantly easier

Patching is a critical issue when comparing agentless and agent-based security solutions.For example, as noted earlier, when a VM that uses agent-based security is offline it will not

be updated with the latest patches, making it vulnerable to security threats when it is





brought back online – the longer it is offline, the more vulnerable it is. However, with a

dedicated security appliance, virtual patching can be applied to active, dormant, cloned or

reactivated virtual machines. Virtual patching shields vulnerabilities before they can beexploited. This eliminates emergency patching, frequent patch cycles, and costly systemdowntime, saving on administrative time and costs and protecting critical systems,

applications, and data.

Our research found that patching using Deep Security is generally easier when compared to

previous environments. For example, one interview subject told us, “client patch updates[in their previous environment] were not as streamlined as with Deep Security.” Anotherinterviewee told us that the virtual patching in Deep Security, “has been the single biggest

benefit” they have experienced with the solution. With their normal patch process in

Windows, they had to schedule downtime to perform the patching, typically between2:00am and 4:00am on a Sunday morning. Now, IT simply sets up the patch and runs it

whenever it’s convenient, perhaps every 90 days. This can result in enormous revenuesavings, such as in the case of a retailer that is selling products through its Web site on a

24x7 basis.

Organizations can spend up to one third of their time on patch management in conventionalenvironments, including patching servers, desktops, laptops, and other endpoint devices. Add this to costly downtime, and patching in conventional environments can be very

expensive. Instead, virtual patching with Deep Security can save organizations a

considerable amount while also ensuring that their critical systems, applications, and dataremain safe.

• Improved VM density

Another important benefit of Deep Security is its ability to provide higher VM density. For

example, one interviewee told us the following about their VDI efforts, “our primary reasonfor moving to Deep Security was to increase our VM guest density per ESX host. We went

from 50 to 80 guest VMs per host, which essentially paid for the upgrade…and gave usbetter performance than using traditional agent-based AV for the VMs.”

The increase in machine density is one of the most important benefits of Deep Security.Using the example above – going from 50 to 80 VDI images per host – the cost savingsprovided by the increase in density alone would be 35%, as shown in the table below.

The following table shows a sample of the savings that can be achieved with VDI density

improvements based on that achieved by a Deep Security customer. Potentially highersavings can be attained depending on a company’s VDI deployment. And additional VM

density improvements can be reached with server deployments in addition to VDI.





TABLE 3 Anticipated Savings through VM Density Improvement for VDI Efforts

Activity

Agent-Based

Security

Deep

Security

Number of VMs supported per host 50 80

Total VMs 1,000Total physical hosts required 20 13

CAPEX cost per physical host (2 CPU, 2 Core)* $8,954 $8,954

OPEX cost per physical host per year (power, cooling, and rack space per 2

CPU 2 Core)*$1,050 $1,050

TOTAL CAPEX COST OVER THREE YEARS $179,080 $116,402

TOTAL OPEX COST OVER THREE YEARS $63,000 $40,950

TOTAL THREE-YEAR COST $242,080 $157,352

TOTAL THREE-YEAR SAVINGS FROM IMPROVED VM DENSITY $84,728

THREE-YEAR SAVINGS FROM IMPROVED DENSITY PER VM $84.73

* The CAPEX and OPEX cost estimates are based on figures from VMware.

SUMMARIZING THE BENEFITSUsing agentless security in Trend Micro Deep Security provides savings across the deployment

and use of the product, including installation, ongoing management, VM patching, and VMdensity improvements. These savings estimates in the tables above were based on input fromcurrent Deep Security customers. Actual savings will vary based on many factors, one of the

most significant factors being the degree of virtualization. However, regardless of the extent of

virtualization, all customers interviewed experienced operational benefits and cost savings usingTrend Micro Deep Security.

A comparison of agent-based and agentless security is shown in the following table.

TABLE 4Comparison of Agent-Based and Agentless Security

Parameter Agent-Based Security Agentless Security

Initial deployment

Variable. More time is needed when

several point products are installedacross VMs.

Can require several hours of effort,

largely to correct corruption andother problems in the previous

environment, but saves time withmultiple security modules integrated

into one solution.

On-going deployment to new VMsCan be time-consuming, particularlyin environments with large numbers

of VMs.

Very fast: as little as 2-3 minutes per

VM.

Patching

Slow, requires scheduled downtimeto perform patching. Requires

significant IT effort to accomplish.

Networks are vulnerable to security

threats during gap created between VM instantiation and patches. Can

spike server resources.

Very fast, can be accomplished with

no downtime. Little IT effort

required to accomplish. No gaps

exist when dormant VMs areactivated.

VM densityModest because of significant

processor horsepower required.

Much higher because processors do

not have to run multiple security

agents on each guest VM.





OTHER BENEFITS OF DEEP SECURITY

• A single console simplifies management

Almost without exception, interviewees told us that having a single console in Deep Security

has simplified management of their security infrastructure. For example, one interviewee

told us that the single console has been a great benefit when compared to their previousenvironment that required the use of three or four separate tools – one for the technicians,

one for the Windows administrators, etc.

• Wide range of features

One of the fundamental advantages of Deep Security is the wide range of features it offersacross physical, virtual, and cloud environments, including firewall, intrusion detection and

prevention, Web application protection, application control, integrity monitoring, log

inspection and other capabilities. Our research, which was focused more on in-depthanecdotal analysis, suggests that most Deep Security customers are using only a fraction ofthe total capabilities available in the offering. This suggests that as these organizations roll

out more features of Deep Security as their virtual environments expand, more of the

functions currently being managed by competing products will be shifted to managementunder Deep Security. This will likely result in lower total cost of ownership for functions as

a) fewer vendors will ultimately be used to manage security capabilities, and b) there will befewer vendors to contact if issues arise in the future. This is consistent with other OstermanResearch surveys that have found most organizations wanting to consolidate security under

a single vendor for purposes of increased efficiency and lower cost.

• Recommendations for Deep Security

Interviewees provided some additional insight into their experience with Deep Securitywhen asked if they would recommend the solution to others – particularly telling was thefact that every individual with whom we spoke would recommend Deep Security:

o “Agentless AV is a great improvement on resident solutions as there is always a concernthat installing components may have an effect on the server configuration at a software

level and from a performance level.”

o “We would definitely recommend Deep Security…it’s a package of compliance tools in a

single environment and helped us roll out a new environment that needed PCIcompliance in the context of IPS, host firewall capabilities, etc.”

o

“We would absolutely recommend Deep Security – we don’t know of any other products

that can provide integrated server security.”

Summary

Deep Security is a comprehensive package of security tools that offers a wide range of features,functions and deployment models. Our research with Deep Security customers clearly indicates

that it makes security provisioning on VMs easier and faster, makes patching simpler, improves

VM density, and simplifies management. These benefits result in lower overall security costsand dramatic improvements in IT staff efficiency.





About Trend Micro

ABOUT DEEP SECURITYTrend Micro Deep Security is a comprehensive, adaptive, and highly efficient server security

platform that protects enterprise applications and data from breaches and business disruptions

without expensive emergency patching. Tightly integrated modules easily expand the platformto ensure server, application, and data security across physical, virtual, and cloud servers, as

well as virtual desktops. Choose from agentless and agent-based protection, including anti-malware, intrusion detection and prevention, firewall, web application protection, integritymonitoring, and log inspection. This comprehensive server security platform helps you simplify

security operations while enabling regulatory compliance and accelerating the ROI of

virtualization and cloud projects.

ABOUT TREND MICRO As a global leader in cloud security, Trend Micro develops Internet content security and threatmanagement solutions that make the world safe for businesses and consumers to exchange

digital information. With over 20 years of experience, Trend Micro is recognized as the market

leader in server security for delivering top-ranked client, server, and cloud-based dataprotection solutions that stop threats faster and protect data in physical, virtualized, and cloud

environments.

Since its inception in 1988, Trend Micro has pioneered innovative technologies and services that

protect users against threats on new and emerging platforms and devices. As the newestplatform change, cloud computing, revolutionizes the way people share and make access todigital information, Trend Micro is prepared. By extending Trend Micro security to virtualized

and cloud-computing environments, businesses and consumers can securely take advantage of

new technologies in the public or private cloud.

Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud securityinfrastructure, Trend Micro’s solutions stop threats in the cloud, delivering proactive protectionfaster than any other security vendor. Test results confirm the effectiveness of Trend Micro’s

security from the cloud, with Smart Protection Network-powered solutions blocking over 4

billion threats daily for customers worldwide.

Trend Micro delivers timely threat intelligence, service, and support to its global customer baseand defends tens of millions of customers round-the-clock through TrendLabsSM – a worldwide

network of threat research and product service and support centers. As new threats andvulnerabilities emerge, Trend Micro remains committed to timely threat intelligence and ongoing

innovation to help customers secure data, ensure compliance, reduce costs, and safeguardbusiness integrity.

By providing security “from the cloud” with our industry-leading Trend Micro™ Smart Protection,

Network™ and security “for the cloud” with our server, data storage and encryptiontechnologies, Trend Micro is the best choice for Securing Your Journey to the Cloud.





Appendix

CURRENT ENVIRONMENTS PROTECTED WITH DEEP SECURITYThe infrastructures about which we interviewed were varied as shown by the following

examples:

TABLE A

Sample Organizations Interviewed for the Research

Organization Environment

Healthcare company in the southeast US 33 physical VMware ESX host servers running 431 virtual

servers, 4,000 PCs, Windows 7 virtual desktop being rolledout at physician sites

Dutch retailing group with worldwide

operations

Using Deep Security primarily to meet requirements for file

integrity monitoring and host-based intrusion protection in aheavily regulated environment

Canadian provider of insurance and

related servicesOperating 45 VMs on three VMware ESX host servers

Turkish university Running 60+ VMs in a VMware vSphere 4 cluster with four

hosts

Turkish steel manufacturer Running 10 VMs

US-based food processing company Running 800 virtual desktops on 10 physical VMware ESXhost servers

The environments about which we interviewed ranged from small server deployments to large

datacenters. They were quite heterogeneous and are using a number of other solutions beyond

those offered by Trend Micro.

© 2012 Osterman Research, Inc. All rights reserved.

No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission ofOsterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without priorwritten authorization of Osterman Research, Inc.

Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this documentor any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws(including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws

referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of theinformation contained in this document.

THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS,

CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULARPURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL.

Documents

The Protection and Operational Benefits of Agentless Security in Virtual Environments - Osterman Research White Paper