Aug2009

Reflex VMC — The First VMsafe Certification

Reflex Systems announced today that they have the first VMware VMsafe Certification for their Reflex VMC product.   This announcement brings two things to light. The first is that VMware has made a very smart move to certify VMsafe drivers for …
Read More “Reflex VMC — The First VMsafe Certification”

Aug2009

Measuring Hypervisor Footprints

There have been several interesting posts in the blogosphere about virtualization security and how to measure it. Specifically, the discussions are really about the size of the hypervisor footprint or about the size of patches. But hypervisor footprints from a security perspective are neither of these. The concern when dealing with hypervisor security is about Risk not about the size of the hypervisor or the size of a patch it is purely about the Risks associated with the hypervisor in terms if confidentiality, availability, and integrity.

Aug2009

Hosted Virtualization Security – Type 2 Hypervisors

There is quite a bit of documentation on bare metal or Type 1 hypervisors, including my own book, VMware vSphereTM and Virtual Infrastructure Security: Securing the Virtual Environment, but there is not much material on the proper security of hosted environments, or Type 2 hypervisors, such as Microsoft Virtual Server, VMware Workstation, Fusion, Player, or Server as well as Qemu, Virtuozzo, or OpenVZ.

Jul2009

VMsafe Firewalls, Are They Real Firewalls or Something More?

The biggest question I ask myself when I see VMsafe appliances is: will it replace my current virtual firewall setup? Replace my Anti-virus? or Both? I am seeing a trend that gives me pause. That is a VMsafe appliance being more than one thing. For example, Trend Micro is an Anti-Virus company that bought Third Brigade (a firewall company) and are now in the mix of merging the two technologies into one. What has happened to one tool that does one thing and does that one thing very well?