When I first interviewed Reflex System’s CEO he had a desire for the vTrustTM VMsafe-Net driver be the defacto standard for all such VMsafe-Net drivers. While others may not agree with this desire and will create their own VMsafe-Net drivers, TippingPoint is the first to integrate into Reflex’s VMC product to leverage the vTrust VMsafe-Net Driver and puts Reflex System’s on the second step of the path for vTrustTM to be the defacto standard. At the same time TippingPoint adds an Intrusion Protection System to the Reflex System VMC family of products with Tipping Point vController.
Reflex’s vTrust module with its VQL provides a simple mechanism for a third party vendor to add their own products into VMware vSphere without the need to develop a VMsafe driver. By going directly to vTrust and VQL, TippingPoint and others gain access to an existing infrastructure. This generally will cut down on development time, just piggy-backing off existing work. In essence, why reinvent the wheel, when a perfectly good one already exists. However, Intrusion Protection is equivalent to deep-packet inspection, which does not happen within the VMsafe Module but within the vController virtual appliance, which then uses VQL to tell the VMsafe modules what policies and rules to enforce. All the heavy lifting and deep-packet inspection is performed by the TippingPoint N-Point IPS with which the vController communicates.
The TippingPoint vController ends up being an integral part of an existing product, adding a much needed feature to the Reflex Systems VMC: Intrusion Protection and Detection as well as one of the first to integrate with vTrust just as Reflex Systems desires.
Unknown to anyone outside Reflex Systems however, is whether or not they will open up VQL so that others can program to it as well. Now that would extremely interesting as we could then have the OpenSource community directly working on VMsafe based tools without the need to create a VMsafe module first.