VMware have announced the upcoming acquisition of Wanova. The combination of VMware View and Wanova Mirage will be an an industry first pairing that could well dramatically redefine the VDI market. It is increasingly common to find vendors acknowledging that a VDI-only solution is not enough. Citrix know it. Quest know it. Desktone know it. We’ve critiqued before that by having a VDI only view, VMware doesn’t “get” desktops. With their Wanova acquisition VMware gets desktops.
There have been several interesting posts in the blogosphere about virtualization security and how to measure it. Specifically, the discussions are really about the size of the hypervisor footprint or about the size of patches. But hypervisor footprints from a security perspective are neither of these. The concern when dealing with hypervisor security is about Risk not about the size of the hypervisor or the size of a patch it is purely about the Risks associated with the hypervisor in terms if confidentiality, availability, and integrity.
There is quite a bit of documentation on bare metal or Type 1 hypervisors, including my own book, VMware vSphereTM and Virtual Infrastructure Security: Securing the Virtual Environment, but there is not much material on the proper security of hosted environments, or Type 2 hypervisors, such as Microsoft Virtual Server, VMware Workstation, Fusion, Player, or Server as well as Qemu, Virtuozzo, or OpenVZ.