Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
IT World Events
Site Map - Affiliates
Computerworld Publication PageNetworkWorld Publication PageCIO Canada Publication PageITJobUniverse.ca - The Information, Communication and Technology (ICT) Job Board
Enter your  QUICKLINK number to go directly to that article.
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"
Provided by: Citrix
read more
From fear to value: CIO strategies for propelling business through the economic crisisFrom fear to value: CIO strategies for propelling business through the economic crisis
Provided by: IBM
read more
Reaping the rewards of your service-oriented architecture infrastructureReaping the rewards of your service-oriented architecture infrastructure
Provided by: IBM
read more
Yuk it Up
Featured White Papers
Download the Network Barometer Report, which aggregates findings from secure network infrastructure assessments conducted for more than 150 organisations around the world. It provides some surprising stats on the state of network (un)readiness prevalent today; the reasons why organisations are failing at remediating known vulnerabilities; recommendations on assessing your own infrastructure, and on ways to improve your state of readiness to support the business; and more.
Early-generation server load-balancing technology has proven to be an invaluable asset, especially for organizations hosting widely utilized Web applications. But business requirements evolve, as do the processes and technologies used to fulfill them. The many changes and trends that have taken hold since SLBs were first introduced expose the need for enterprises to step up from a simple load-balancing solution to a more comprehensive application delivery solution . This paper is intended to serve as a guide for organizations looking to replace their early-generation SLBs, providing details on the top eight criteria to use during an evaluation process.
Featured Spotlight
Keep up on who's hiring, who's downsizing and how the government is helping. News, job opportunities, recruiters and employment lawyers are all available.
Sign-Up for
Security
eNewsletter Delivered Weekly
Click here
Page 1 of 1

Digg it Twitter

VMware unveils security developer tool

By: Rafael Ruffolo - ComputerWorld Canada  (28 Feb 2008)

McAfee VP says VMsafe makes it possible to develop security monitoring software that was not possible in the physical servers. But an Info-Tech analyst warns virtualization can make security more complicated

One of the biggest issues for enterprises considering virtualization is the effect virtual machine deployment could have on their IT security. But with the launch of a new application programming interface, VMware Inc.’s is hoping to address these concerns by enlisting the help of security vendors from around the world.

The VMsafe API will allow vendors to develop security products specifically at the hypervisor level, in order to combat the latest security threats posed by malware, trojans, and keyloggers. At the press time, over 20 security vendors, including McAfee Inc, Symantec Corp. and Checkpoint Software Technologies Ltd., have signed on to build products with the technology.

“With our virtualization technology we have an unprecedented amount of visibility into hardware resources, virtual machine resources and the traffic that goes between them,” said Parag Patel, vice-president of alliances at Palo Alto, Calif.-based VMware. “When fighting against malware threats, you need to compete against the hackers who are always inventing new ways to break security. So we’re trying to take our capabilities and make them available to security vendors and their products.”

One of VMware’s biggest partners in the launch is Santa Clara, Calif.-based McAfee, which demonstrated its use of VMsafe during this week’s VMworld Europe conference.

“We developed a code to leverage the VMsafe API and actually put our McAfee Host Intrusion Protection underneath the operating systems on the virtual machines,” said Jason Yuan, group manager for project management at McAfee. “When we tried to launch a malicious driver, the program alerted us, identified the virus and shut it down before any damage were done.”

Yuan said that in the traditional “Windows” environment, security vendors have not been able to develop monitoring or protection capabilities underneath the operating system. With VMsafe, he said, vendors will be able to provide security protections that were previously not possible in the physical environment.

“We’ve had to fight the “bad guys” at the network level, the application level, even at the kernel level in the operating systems, but the fact remains that we have always been on an even playing field with the hackers,” Yuen said. “This essentially allows us to plug security infrastructure underneath the operating system.”

And it appears VMsafe might even win over security analysts – who have long warned about the dangers virtualization technology can pose to enterprise IT security.

From a security viewpoint, John Sloan, senior research analyst with Info-Tech Research Group, said that because the virtual machines are abstracted from the hardware, virtualization can appear to provide an extra layer of protection.

“On the negative side though, there is the fact that you have a physical machine running a hypervisor full of virtual machines. This brings the added complexity of having to worry about more than one layer of security,” Sloan said.

And because of this, Sloan is hopeful that VMware’s API can be a positive first step for improving virtualization security. With the biggest security headaches around virtualized infrastructure stemming from companies having too many unmanaged virtual machines, Sloan said the API should help address one of the most overlooked areas of virtualization: security management.

“That’s where the security problems come into play when companies replace physical server sprawl with virtual server sprawl,” Sloan said. “Virtualizing all your machines doesn’t do anything to make it easier to manage them from a security standpoint. So, the VMsafe may actually provide a good catch-up in terms of addressing this area at the hypervisor layer.”

David Senf, director of security and software research at IDC Canada, agreed, saying that while sandboxing security measures inside virtual machines is still a must, the fact that vendors can now go underneath the hypervisor should ease the concerns of any enterprise that has been on the fence about virtualization.

“A virtual machine could run firewall software, for example, in a sort of 'software appliance' for additional security, but remember that this only deals with a subset of all potential attacks,” Senf said. “Just because applications are nestled in the seeming safety of a virtual machine does not guarantee security from all threats.”

Senf said that firms need to actively consider additional IT security and policy management issues that come about from desktop and from server virtualization.

Page 1 of 1
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

White Papers
Improving business through smart energy and environment policy
Businesses and public entities today face increasing pressure to develop policies that are both good for the planet and good for business. A framework developed by IBM offers businesses and other organizations a comprehensive approach to energy and environmental issues. The framework helps identify and prioritize environmental efforts by breaking down problems and opportunities into seven distinct business areas, which can then be segmented into manageable projects.
Copyright InformationPrivacy Policy Site MapAbout UsMedia CentreReprint ServicesMobileFeedbackContact Us
ComputerWorld Canada | NetworkWorld Canada | CIO Canada | IT Business | CDN | Direction Informatique | PCWorld Canada | Macworld Canada | IT Job Universe | my IT Vendor
©2009 ITworldcanada.com All rights reserved.