Traveleads is one of the UK’s biggest travel management companies. Headquartered in Leeds, it also has a secondary site in Edinburgh with 65 employees spread between the two locations. The server estate is fully virtualised using VMware vSphere® as the desktop estate, meaning Traveleads is 100% virtualised. When it needs specialist outside help, the firm works with an award-winning virtualisation consultancy practice based in Newcastle-upon-Tyne, called SITS Group—an IT services organisation focused on cloud and virtualisation technologies, which it has been working with since 2011.
Back in 2011, SITS Group consultants installed a virtual server and desktop infrastructure in the Traveleads offices. However, at the time SITS did not consult around security— given the embryonic state of many security vendor’s products to interface with a fully virtualised environment—therefore Traveleads chose to run third-party software of its choice to keep cyber threats at bay, in this case, Windows® Defender.
“Ever since we first virtualised around 2011, we were looking for a suitable security solution and there didn’t seem to be anything designed from the ground up with virtualisation in mind. We researched a lot, and tried many products but hadn’t been happy with the way they worked in virtualised environment,” says Traveleads director of technical services, Robert Barnes.
The problems associated with installing non-virtual ready security into such environments are twofold. First, they tend to cause performance issues such as so-called “security storms.” This refers to the degradation of service that occurs when an AV product simultaneously scans multiple-guest VMs on a single physical host. In the worst cases it can bring systems to a standstill. Secondly, security designed for physical environments might not be able to spot specific cyber attacks designed to exploit virtual systems, for example via inter-VM attacks.
Traveleads was hit by a ransomware attack earlier this year. The firm managed to contain the threat within hours, with no damage to the company, and restore from back-ups, but the event refocused minds on the task of bringing in a dedicated security platform built for virtualised set-ups.
Director of Technical Services, Traveleads
After extensive internal testing, SITS Group decided to start consulting around Trend Micro™ Deep Security™ in 2015. As a result of this, they recommended Trend as a product to integrate with the heavily virtualised estate. SITS Group’s Commercial Director Phil Cambers commented: “We had been aware of Trend’s continuing development to integrate with VMware vShield™ and after extensive internal testing we felt the timing was right to start consulting around security in a virtual environment using Trend Micro Deep Security.” Deep Security™ modules for anti-malware, intrusion detection and virtual patching were chosen and deployed in spring 2016.
The flagship server security platform, Trend Micro™ Deep Security™, features a comprehensive range of protection capabilities across physical, virtual, cloud, and hybrid environments. More specifically, it features:
Traveleads has already seen an improvement in performance, with no reported hitches or slowdowns since installing the product. That process itself has been made much easier thanks to a training program Trend Micro offered Barnes as part of the package, which he says provided “good insight into how the whole thing works and hangs together.”
As for the future, Traveleads and Barnes are far more confident they’ll be able to repel any future ransomware attacks with Trend Micro™ Deep Security™ in place. It’s also helping them to meet increasingly high customer IT security requirements. “We have noticed in the last couple of years an increasing level of expectation from customers in respect of data security requirements” says Barnes, “but meeting such specifications has been made easier for us as a result of having Deep Security in place.”