The use of VMware VMsafe enabled third party products introduces third party fastpath drivers into your hypervisor. What these drivers ultimately do is interact with the VMsafe fastpath API, but is that ALL they do? That is why we need some level of certification for VMsafe fast path drivers. We need to KNOW that they do not do anything wrong, bad, or unfortunate.
In many cases when you start to discuss security of virtualization, you soon drop into a discussion of virtual networking, and management network security. In other words you are laying out the traditional security zones that exist within the networking world. Network security, virtual and physical, is extremely important however there is more to virtualization security than just your network. Here are some new ways to consider virtualization security.
The recent VMware Communities Podcast had ThinApp engineers on the call. Their mantra when presented with questions on licensing was “Ethics do not ship with the code.” In other words, applications that could end up as ThinApps could violate your End User License Agreements (EULA).
Veeam has posted a blog of their own trying to explain why they are no longer selling Veeam Backup 3.x for the Free version of VMware ESXi. It is perfectly understandable that Veeam would comply with VMware’s requests in this matter as Veeam as a company depends upon their relationship with VMware to further their own business aims. In other words, Veeam has done nothing that could be considered wrong. However, VMware making the request in the first place should be a major concern to current and future vendors of VMware products.