It is still early for security vendors to produce software using VMware's recently released application program interfaces (APIs). But a fledgling virtualization security market is emerging to address the risks associated with the technology.
The latest entrant to the security virtualization market is Redwood City, Calif.-based Altor Networks Inc., which launched last week with a virtual security analyzer that taps into virtual switch traffic—a layer of network traffic just above the hypervisor. The vendor also plans to release a virtual network firewall when the product is ready later this year.
While IT administrators have praised the performance and cost reduction benefits of setting up virtualized systems, there is still some confusion over the complexities being introduced, said Poornima Debolle, a senior director at Altor Networks. IT pros are realizing that traditional firewalls and IDS/IPSs were designed to defend static, perimeter-based physical networks, Debolle said.
"Virtual data centers are being deployed mixing a lot of server and traffic environments that historically were very separated from an administrative and network perspective," Debolle said. "A lot of servers are getting consolidated, but more than 50% are not wearing the security glasses. We call it the blind spot into this virtual network."
VMware and Citrix Systems have been trying to address security concerns from industry experts and IT security pros. At its VMworld conference last year, industry analysts and security pros saw the benefits of the technology but voiced their skepticism that it could be easily secured.
A number of security vendors are taking part in VMware's VMsafe program. Using VMware's APIs, Symantec, McAfee, the Internet Security Systems division of IBM, EMC's RSA security division, and Check Point Software Technologies, plan to develop software that is interoperable with virtual machines.
Scotts Valley, Calif.-based Catbird Networks, Inc. and Atlanta-based Reflex Security, Inc., are the niche players in the market selling appliances that monitor and control access to the virtual network. Cupertino, Calif.-based Blue Lane Technologies Inc. developed a software-based vulnerability shield called VirtualShield, which taps into the VMware platform. The vendors are also taking part in VMsafe.
"The group of companies that emerged started off by porting traditional IPS, which ran on stand alone applications," said Phil Hochmuth, a senior analyst at Boston-based Yankee Group Inc. "These products replicated what ever they did in physical networks onto virtual networks."
The current security software available to address virtualized environments is a good start, but enterprises should focus on the products developed by many of the VMsafe partners, Hochmuth said. Those products won't be available until late summer at the earliest.
Analysts expect the market for virtualization software to change drastically over the next year. Microsoft is jumping into the mix, with the release of Hyper-V release candidate, a hypervisor-based virtualization software available with various versions of Windows Server 2008. Many security vendors see Microsoft's entry driving adoption of enterprise use of virtualization and the need for increased security.
Charles King, principal analyst for Hayward, Calif.-based Pund-IT Research, said in a report to customers that Microsoft has an opportunity to define the market. Still, VMware dominates and the x86 virtualization market is relatively small with only about 10% of servers being virtualized, King said.
"Hyper-V should provide Microsoft the means to introduce and define the benefits of virtualization to a much wider audience than established players have yet reached," King said. "If Hyper-V's features prove to be as robust and beneficial as Microsoft claims, the company could become a significant virtualization player for years to come."