Last week, there were several major virtualization security announcements, that taken singularly may only apply to the specific products, but taken together show the growth of the virtualization security ecosystem.

Taken individually these are all great announcements, but taken together, we now have a growth in the entire virtualization security ecosystem.

  1. CC EAL4+ certification implies that governments and other users that have been delaying upgrades to vSphere for lack of certification can now upgrade to vSphere.
  2. Trend Micro Deep Security 7.5, is the first product to make use of the new non-kernel space vShield APIs for the implementation of third party security products. In addition, Deep Security 7.5 offloads Anti-Virus to a dedicated A/V engine outside any virtual machine.
  3. HyTrust is now fully integrated into vSphere 4.1 and better integrated into vCenter making it easier to migrate from VMware’s Roles and Permissions that live within vCenter and each ESX or ESXi host to a centralized authorization and authentication product.

The real winner of all these announcements is the security of your vSphere based virtual or cloud environment.

Having the CC EAL4+ certification should give most people a rise in the Trust they place with vSphere. HyTrust improves the Trust of administration of your virtual or cloud environments while Trend Micro provides improved Anti-Virus support.

While at CSI2010 I heard that people are still finding Virtual Machines that do not run Anti-Virus or Anti-Malware programs either for fear of the performance hit for such a program, or the belief that VMs are safer. By making use of the VMware vShield transport layers and the vShield API for vShield Endpoint, Trend Micro’s Deep Security 7.5 removes performance concern and allows your to easily implement Anti-Virus within your virtual environment.

Using a VM does not magically secure your VM, Anti-Virus is a must and Trend Micro’s Deep Security 7.5 provides the very first fully integrated Anti-Virus product that is virtualization aware.

These announcements further show that we are now reaping the rewards of plans laid long ago by VMware when VMware vSphere was under development. VMware and the third party security vendors have listened to our concerns and have delivered solid security products.

Share this Article:

Share Button
Edward Haletky (367 Posts)

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.

[All Papers/Publications...]

Connect with Edward Haletky:


Related Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *


5 − two =