Security Management Strategies for the CIOVMware Inc. launched a new technology it calls VMsafe, designed to protect applications running in virtual machines.
Under VMsafe, the Palo Alto, Calif.-based virtualization software vendor would release application program interfaces (APIs) to security vendors, allowing them to develop security software that integrates with VMware software.
VMware executives have been under increased pressure to
Requires Free Membership to View
address security concerns from industry experts and IT security pros. At its VMworld conference last year, industry analysts and security pros saw the benefits of the technology but voiced their skepticism that it could be easily secured.
Like many software vendors, VMware has also addressed a number of bugs in its software. Core Security was the latest firm to discover a dangerous file sharing flaw in Windows-hosted versions of VMware Workstation, ACE, and Player. If exploited an attacker could gain access to a host system.
 |
||||
|
|
|||
|
||||
Pete Lindstrom, an analyst at Midvale, Utah-based Burton Group said he would watch to see how an API program would be managed. Lindstrom said the timing is right since threat level to virtualized environments is low, because many firms are in the early adoption phase of deployments.
"When you hear folks speak about standards, APIs and toolkits it's great for flexibility, however, you're gross risk associated with the hypervisor increases," Lindstrom said.
The hypervisor is an ultra-thin layer of software that runs directly on server hardware independently of the operating system, enabling users to create virtual machines on the server to run applications.
VMWare is addressing the hypervisor through its API program. It said its VMsafe technology would allow security vendors to build products that integrate into the VMware hypervisor.
VMware said the software will increase transparency into the memory, CPU, disk and I/O systems of the virtual machine. It said 20 security vendors, including Symantec, McAfee, the Internet Security Systems division of IBM, EMC's RSA security divison, and Check Point Software Technologies, plan to develop software that is interoperable with virtual machines.
"The industry has come out in full force to support VMware VMsafe technology with plans for a whole new class of security products that offer customers new advantages to running applications in virtual machines." Raghu Raghuram, vice president of datacenter products and solutions, said in a statement.
Join the conversationComment
Share
Comments
Results
Contribute to the conversation