During the Virtualization Security Podcast on 5/13, IBM’s David Abercrombie joined us to discuss IBM’s Virtualization Security Protection for VMware (VSP) which contains several exciting uses of the VMsafe API for VMware vSphere. These being:
- Network: Network Monitoring, Firewall, Access Control, and a Protocol Analysis Module
- Memory: Rootkit Detection
This lead me to start to think of how the existing vendors are pushing the Introspection APIs such as VMsafe to their current limits. So what is being done with the Introspection APIs? Many of these technologies are listed within the End to End Virtualization Security Whitepaper. Yet, there are some new use cases to consider.