Three Ways to Secure Virtual Apps

Applications are virtualized by encapsulating application files and registry settings into a single package that can be deployed, managed, and updated independently from the underlying operating system (OS). The virtualized applications do not make any changes to the underlying OS and continue to behave the same across different configurations for compatibility, consistent end-user experiences, and ease of management.

Virtualization has become extremely popular with 80% of enterprises having a virtualization program or project (Gartner Virtualization Reality Report). VMware’s ThinApp is one of the most popular products used to virtualize an app. This whitepaper focuses on the integration and value of using VMware ThinApp® technology with eEye’s vulnerability management solution, Retina.

Why Virtualize Applications?

There are hundreds of reasons to virtualize an application and here are a few common scenarios:

• Simplify Windows 7 migration - Easily migrate legacy applications such as Internet Explorer 6 to 32- and 64-bit Windows 7 systems. Virtual apps enable you to eliminate costly recoding, regression testing, and support costs.
• Eliminate application conflicts - Isolate desktop applications from each other and from the underlying OS to avoid conflicts. For example, you can run Internet Explorer 6 seamlessly on Windows 7 alongside newer Internet Explorer browsers.
• Consolidate application streaming servers - Enable multiple applications and “sandboxed” user-specific configuration data to reside safely on the same server.
• Augment security policies - Deploy virtualized packages on “locked-down” PCs and allow end users to run applications without compromising security.
• Increase mobility for end users - Deploy, maintain, and update virtualized applications on USB flash drives for ultimate portability.

Vulnerability Trends

Security professionals must account for virtual applications as part of their standard vulnerability management process as increased popularity and exposure hasn’t gone unnoticed by hackers.

Vulnerabilities have been on the rise and that trend is expected to continue. In 2010, there were 8562 publicly disclosed vulnerabilities which is a 27% increase over the previous year and in 2011 37% of publicly disclosed vulnerabilities do not have a vendor supplied patch. In addition, vulnerability severity has increased with the majority of vulnerabilities categorized as medium or higher (IBM X-Force 2011 Mid-year Trend and Risk Report).