Bromium have released vSentry 1.1 which will brings Bromium’s benefits of micro-virtualization and hardware based security to a far wider range of enterprise desktops. This is the release you’ve been waiting for: and if you’ve not been waiting, this is definitely the release to consider.
We’ve spoken before about Bromium when they unveiled their micro-virtualization trustworthy security vision. Bromium’s message and focus was simple “standard workspace security is reactive, not proactive“. Whatever you have in terms of anti-virus or malware detection is only good once a new threat is found, understood, a patch created and deployed. This poses the very important question “what is the impact of the time delay between threat found and threat contained?”. Bromium’s goal was to dramatically reduce that “and”.
You may contest, “ah, but I can solve this workspace threat issue by making physical desktops, virtual desktops”. This is not the case. We evidenced this in Virtual desktops (VDI) are different, but not hugely better in terms of security, than physical desktops. You do not deliver better security by simply virtualizing the desktop.
So what does vSentry v1.1 bring? How is it better than v1? What can this mean for your organisation?
On the 8/9 Virtualization Security podcast, we continued our discussions on defense in depth with a look at end-user computing devices, specifically laptops and endpoint desktops, with Simon Crosby, CTO of Bromium. While we also discussed phones and tablets, we were focused more on the technology preview that now is Bromium vSentry. Bromium vSentry looks to protect laptops (and other machines) from unknown and zero-day attacks in a unique hardware-assisted way. There is now a new tool in our defense in depth toolbox that meets an ever-growing need. But what is the need, and what is the tool?
Desktop security start-up Bromium announced the general availability of vSentry, at the Gartner Security and Risk Management management Summit in London today. Their first product to be based on the Bromium Microvisor designed to protect from advanced malware that attacks the enterprise through poisoned attachments, documents and websites.
Are virtualised desktops – be they hosted desktops (VDI) or session desktops (RDSH) more secure than physical? We’ve questioned before the benefits of a virtual desktop infrastructure with respect to security. Is VDI secure? Is VDI inherently more secure than “traditional desktops”? In our article Virtual Desktop Security? Are They Secure? We considered VDI vendor claims that there are several big virtual desktop security wins:
- Centralized Management
- Centralized Patching
- Improved Availability & Flexibility
- and importantly, data is held in the data center where it can be monitored and audited – not stuck out on end devices.
One year after announcing that he and XenSource co-founder Ian Pratt were leaving Citrix to launch Bromium with former Pheonix Technologies CTO Gaurav Banga; Simon Crosby was back at the GigaOM Structure conference in San Francisco today to unveil Bromium’s micro-virtualization technology together with its plans to transform enterprise endpoint security. Bromium, despite the occasional blog post calling into question the security limitations of current desktop virtualization solutions and despite today’s announcement of the Bromium Microvisor, has very little to do with desktop virtualization. Desktop virtualization whether it be VDI, or IDV or anything in between, is a management technology, a means of getting an appropriately specified endpoint configuration in front of the user. Bromium has set itself a bigger challenge, one that is applicable to every endpoint and every operating system – the extension of the precepts of trustworthy computing to mainstream operating systems.
The 6/30 Virtualization Security Podcast with Simon Crosby Founder and CEO of Bromium started with a discussion of SaaS security but soon went to a discussion of Data Security. Simon left Citrix not to long ago to form a new company, Bromium, to seriously look into how the hypervisor itself can provide better security for data manipulations than it does today. But first we started off with SaaS and how you can Identify the user within a cloud.