Last week there was a bit of a surprise when someone announced Catbird Security made an agreement to purchase vShield App and only App from VMware. This left quite a few of us scratching our heads wondering why VMware would let this particular security software go. This announcement was incorrectly relayed and quite far from the truth. Catbird Security has written an agreement with VMware to OEM vShield App. This OEM agreement provides Catbird with a missing piece to the security puzzle as well as proving out VMware’s concept of virtualization security, that they should be the low level bits providing an API for higher level tools to use.
Within the VMware virtual environment, Catbird was one of the few players that does not have a VMsafe-Net based product, instead they provide a product that sits either inline or off a SPAN or psuedo SPAN port within the vSphere and Xen virtual networks. With this OEM agreement Catbird now can control one of the existing VMsafe-Net based introspection API with very little change to its own code base. This is simply a win-win for VMware and Catbird.
It also moves virtualization security forward, where tools become firewall agnostic within the virtual environment: either using their own, vShield App, and hopefully more in the future. Catbird has other arrangements with HyTrust as well and as such is not trying to reinvent the wheel, but instead attempting to work with the ecosystem while concentrating on what they do best: Compliance and Security Policy.
If you choose to use vShield App over the Catbird firewall, Catbird’s interface does not change, just the back-end communication to the firewall component of the product via Catbird’s TrustZones policy enforcement controls. For those that use Catbird, this provides seamless integration for those who want or also use vShield App.
There are still some questions about this integration however:
- Does this also imply Catbird can control vShield Zones via the API?
- Will Catbird expand to control vShield Edge?
- Will Catbird expand to control and respond to vShield App with Data Security alerts?
- How do we correlate security controls between the vShield and Catbird products given that they do not have a common log environment? How can I determine by looking at the vShield logs that Catbird sent down the control?
Catbird has gone a different route than any other security vendor with respect to introspection. Instead of creating their own they have teamed up with a vendor partner (VMware) to take advantage of the work already performed, saving themselves development and test time. This also gains VMware access to a compliance product that is proactive within the virtual environment – something they were also missing from their portfolio.
Catbird and HyTrust are in the middle of a growing trend toward integrations between virtualization security vendors, which strengthens the overall market and bodes well for the future. With lean budgets it is far better to team up to sell product than it is to try and reinvent the wheel where everyone looses.
Review the latest (as of today) End-to-End Virtualization Security whitepaper for information on new products in the virtualization security space as well as other integrations and team-ups.