Unanticipated Problems for Endpoint Security: New Approaches to Managing

Reading time: 4 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

A relatively new phrase from Gartner is gaining attention – bimodal. Their definition is as follows,

Bimodal IT refers to having two modes of IT, each designed to develop and deliver information- and technology-intensive services in its own way. Mode 1 is traditional, emphasizing scalability, efficiency, safety and accuracy. Mode 2 is nonsequential, emphasizing agility and speed.

The phrase is about organizations pursuing two paths. The traditional path is used for core infrastructure pieces such as email servers, back-up, financial systems, and so-on. These are services that do not require rapid change – indeed, slow and steady change is advisable. On the other side is continuous delivery – a non-stop cycle of releasing new applications and functionality, constantly trying new things, expanding what works, and abandoning what fails. Few organizations have need of only one of the two approaches.

The bimodal IT approach can cause unanticipated problems for endpoint security. Basically, traditional endpoint security is built to secure physical servers, laptops, and desktops. The tools used for continuous delivery include virtualization (of the datacenter and desktops), and public cloud computing.

Two distinct problems arise. At the endpoints, traditional security isn’t well-suited to working in virtualized or cloud environments. The architecture of traditional antimalware clients creates performance headaches. On the management side, traditional management consoles can’t keep-up with the highly dynamic nature, and rapid pace of change. As virtual or cloud instances are created and destroyed, they clutter traditional consoles.

These problems may lead organizations to invest in point solutions for virtualized datacenters and public cloud. However, this leads to other problems, such as losing a single policy decision point, and insight and control, across all endpoints.

Bitdefender GravityZone is designed to avoid these problems. First, the management console is highly flexible and scalable. It is a self-contained cloud, based on a hardened Linux virtual appliance that can be cloned as many times as needed, horizontally scaling a single management deployment. GravityZone has an embedded, open-source database (mongoDB), web servers, and everything else that is needed, avoiding external dependencies.

Due to its scalability, GravityZone contains multiple modules for each part of your extended environment. Security for Virtualized Environments protects virtualized endpoints with a very low performance impact. Security for Endpoints protects traditional, physical systems. Other modules provide protection of Amazon Web Services instances, Exchange, and mobile devices.

With GravityZone, you need-not split your endpoint security management between the two modes of Bimodal IT, or be forced to bolt-on a traditional approach to virtualized and cloud endpoints.