Two former executives from virtual machine security company are launching a product that regulates traffic flowing to and from virtual machines created with VMware‘s server virtualization products.
Montego Networks provides “firewall-like capability that has a filtering effect from virtual machine to virtual machine,” says Burton Group analyst Pete Lindstrom.
“Lots of folks are starting to talk about inter-VM traffic,” Lindstrom says. “There’s definitely room for thinking about security in this area.”
Montego, based in Lexington, Mass., is a self-funded company founded by CEO Bob Darabant and CTO John Peterson, who previously held positions with Reflex Security, which also sells technology aimed at securing virtual machines.
Darabant, Reflex’s head of sales and marketing, and Peterson, Reflex’s chief product officer, say they left Reflex because they felt it didn’t have enough working capital, and founded Montego last August.
Montego’s “HyperSwitch” product will be released April 15 with a free version and an enterprise edition that costs US$495 per physical server per year. It will be distributed mostly through reseller and OEM agreements.
HyperSwitch lets customers enforce policies for data transmission within the virtual network, so they can defend against viruses or control what types of content can be passed among users and virtual machines. For example, customers can prevent certain virtual machines from communicating with other certain virtual machines, or block a virtual machine from sending specific types of traffic. Identity-based controls can allow or deny a user access to a specific virtual server, or allow access to a virtual machine but not to certain content contained within.
“We can restrict users based on where they’re coming from in the network, and also based on their identity, from accessing certain types of content on the servers,” Peterson says.
In addition to regulating data traffic, Montego’s technology offers load balancing to ensure high availability for virtual servers, as well as controls that determine which applications are serviced first when there are multiple requests. For customers who use additional security products, such as those from Blue Lane, Catbird and StillSecure, Montego enables switching of traffic so that customers can have certain types of traffic inspected by another product.
Montego’s technology supports servers using VMware today, but company officials say by the third quarter of this year it will also work with server virtualization products from Citrix, Virtual Iron and Microsoft.
Besides Montego, companies making similar products include the startup Altor Networks, which this month announced a product allowing visibility into the data traffic between virtual machines.