Virtualization Security was one of the BIG Deals at VMworld with several announcements:
- VMware vShield Edge, App, and End Point
- Trend Micro will have the first product making use of vShield End Point
- Cisco Virtual Security Gateway (VSG)
- HyTrust and their growing list of technology partners
But the biggest news is that Virtualization Security is finally on the radar of most if not all C-level as it is now seen as the gate to entering the cloud. But before we can solve the cloud security issue we have to solve the virtualization security issues. VMware’s announcement has the most impact on the virtualization security ecosystem. At once they are competing head-to-head with some vendors while providing a platform to use for other vendors.
The Virtualization Security Podcast on 8/5 was all about VMware vShield Zones and how the currently beta version will provide defense in depth, be a lever to achieve Secure Multi-Tenancy, and its impact on the virtualization security ecosystem. Dean Coza, Director of Product Management for Security Products at VMware joined us to discuss the vShield Zones Beta which consists of 3 parts given names and a nameless third part that was hinted at and we shall see more about at VMworld. vShield Zones consists of
- vShield Zones Edge
- vShield Zones Application
- vShield Zones API
- Something else without a name…
During the Virtualization Security Podcast on 5/13, IBM’s David Abercrombie joined us to discuss IBM’s Virtualization Security Protection for VMware (VSP) which contains several exciting uses of the VMsafe API for VMware vSphere. These being:
- Network: Network Monitoring, Firewall, Access Control, and a Protocol Analysis Module
- Memory: Rootkit Detection
This lead me to start to think of how the existing vendors are pushing the Introspection APIs such as VMsafe to their current limits. So what is being done with the Introspection APIs? Many of these technologies are listed within the End to End Virtualization Security Whitepaper. Yet, there are some new use cases to consider.
There are now more players in the virtualization security product space. While at RSA Conference 2010 I walked the show floor in search of these vendors to discover what they were doing. While some vendors do not address virtualization security, the vast majority are either looking to do so or actually have a virtualization security product.
The products fall into three categories:
While at RSA Conference I visited the RSA Innovation Sandbox and noticed that three out of ten finalists were virtualization security vendors:
- Altor Networks
- Catbird Security
Altor Networks won the Innovation Sandbox contest and all that goes with it. Congratulations to them, but Altor’s win is actually a win for all virtualization security players. It shows that virtualization security is extremely important to the data center as well as moving forward to the cloud.
When I first interviewed Reflex System’s CEO he had a desire for the vTrustTM VMsafe-Net driver be the defacto standard for all such VMsafe-Net drivers. While others may not agree with this desire and will create their own VMsafe-Net drivers, TippingPoint is the first to integrate into Reflex’s VMC product to leverage the vTrust VMsafe-Net Driver and puts Reflex System’s on the second step of the path for vTrustTM to be the defacto standard. At the same time TippingPoint adds an Intrusion Protection System to the Reflex System VMC family of products with Tipping Point vController.