I had the pleasure of speaking with Simon Crosby recently. For those of you who do not recognize the name or are not familiar with XenServer, let me enlighten you. Simon was a co-founder of XenSource (now XenServer), which is a hypervisor that Citrix acquired in order to compete in the VDI (virtual desktop infrastructure) space. He left to become one of the co-founders and the CTO of Bromium, and now I understand why! After you listen to our podcast conversation, so will you.
Bromium’s central product is a hardware-based hypervisor (they call it a “microvisor”). Its core function is to truly isolate tasks at the desktop level, each essentially in its own tiny virtual machine (VM). It isolates tasks because applications are too large; this is ALL about security. Regardless of where a user is accessing applications or even just consuming data via the internet, if that user has the Bromium agent on his or her device while surfing the web, each tab of the user’s web browser is being isolated in a tiny, hardware-based VM created on the fly and waiting for an attack. Once the end user is finished, the tiny VM deletes itself. This is how Bromium not only keeps the end user’s access device safe but also keeps the business enterprise environment safe. You can listen to Simon describe how this happens via our podcast conversation, here: Virtualization EUC Podcast.
Bromium currently works on Windows 7 and 8, Mac OS X, and Android X86 client operating systems. According to Simon, Bromium is in forty to forty-five enterprise companies, and they all will be fully functioning in production sometime this year. We went into the Sarbanes Oxley and HIPAA ramifications, and we had an interesting conversation about consumer vs. business uses of VDI and bring-your-own-device trends. Keep in mind that Bromium is currently focusing only on business use of its product. It must in order make any real money; it is low hanging fruit, and it just makes sense for Bromium to take a big old bite of it.
The state of Anti-Virus is heavily discussed here, because if Bromium’s product is widely adopted, it will render Anti-Virus redundant. Simon’s thought on this, and this is a direct quote, is: “Just ditch it and get on with a better future.” Of course, this is easier said than done, because Anti-Virus is written into practically all audit compliance scenarios.
Also, I would like to add that I did not edit this podcast in any way; I left everything in. There are several areas in which I disagree with Simon, including the future of access devices and VDI, particularly for business use cases. At the same time, he has some great counter-points that deserve consideration. Please take a moment and listen to the conversation; I believe that Bromium will have a large impact on the future of end-point device security. I have been in server-based computing for over fifteen years, and Anti-Virus has been a massive headache from day one. Bromium could be a real game changer.