IBM Corp. has developed a new rootkit-detection system designed to make it easier to detect malicious attacks on virtualized data centers.
Called the IBM Virtual Protection System, the software operates outside of the virtual machine and can identify malicious software when it is installed in any of the virtual machines on the server. Because the system runs outside of the virtual machine’s operating system it can detect hard-to-identify problems such as rootkits.
It also gives administrators a single security product to run across virtual machines, said JR Rao, a senior manager with IBM security research. “I don’t want to have 10 copies of antivirus running there,” he said. “If one firewall can protect 10 of these virtual machines, that’s what I want to do.”
IBM likens the system to a virtual doorman for the cloud, designed to keep the bad guys out of virtualized servers.
The company is also offering an Integrated Trusted Virtual Data Center, a service that gives customers a way to do things such as isolate which jobs can run on which computers — preventing, for example, two rival companies from ever sharing the same system in a virtualized environment.
Both products are available through IBM’s services group.