Reflex Systems vTrust Technology in Use by Third Parties

Posted By Texiwill on February 25, 2010

When I first interviewed Reflex System’s CEO he had a desire for the vTrust^TM VMsafe-Net driver be the defacto standard for all such VMsafe-Net drivers. While others may not agree with this desire and will create their own VMsafe-Net drivers, TippingPoint is the first to integrate into Reflex’s VMC product to leverage the vTrust VMsafe-Net Driver and puts Reflex System’s on the second step of the path for vTrust^TM to be the defacto standard. At the same time TippingPoint adds an Intrusion Protection System to the Reflex System VMC family of products with Tipping Point vController.

The announcement from TippingPoint and Reflex Systems marks an interesting beginning in the VMsafe-Net space. One that may continue. Why is this interesting?

Reflex’s vTrust module with its VQL provides a simple mechanism for a third party vendor to add their own products into VMware vSphere without the need to develop a VMsafe driver. By going directly to vTrust and VQL, TippingPoint and others gain access to an existing infrastructure. This generally will cut down on development time, just piggy-backing off existing work. In essence, why reinvent the wheel, when a perfectly good one already exists. However, Intrusion Protection is equivalent to deep-packet inspection, which does not happen within the VMsafe Module but within the vController virtual appliance, which then uses VQL to tell the VMsafe modules what policies and rules to enforce. All the heavy lifting and deep-packet inspection is performed by the TippingPoint N-Point IPS with which the vController communicates.

The TippingPoint vController ends up being an integral part of an existing product, adding a much needed feature to the Reflex Systems VMC: Intrusion Protection and Detection as well as one of the first to integrate with vTrust just as Reflex Systems desires.

Unknown to anyone outside Reflex Systems however, is whether or not they will open up VQL so that others can program to it as well. Now that would extremely interesting as we could then have the OpenSource community directly working on VMsafe based tools without the need to create a VMsafe module first.

Please share:

Categories: Virtualization Management, Virtualization Security
Tags: Reflex Systems, TippingPoint, vController, VMSafe, VQL, vTrust

About the author

Edward L. Haletky is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.

Comments

Please note: Comment moderation is currently enabled so there will be a delay between when you post your comment and when it shows up. Patience is a virtue; there is no need to re-submit your comment.