VMTN Blog

Link: VMware shares secrets in security drive | CNET News.com.

VMware has traditionally restricted access to its hypervisor code and, while the vendor has made no official announcement about the API sharing program tentatively called "Vsafe," VMware founder and chief scientist Mendel Rosenblum said that the company has started sharing some APIs (application program interfaces) with security vendors.

"We would like at a high level for (VMware's platform) to be a better place to run," he said. "To try and realize that vision, we have been partnering with experts in security, like the McAfees and Symantecs, and asking them about the security issues in a virtual world."

Rosenblum says that some of the traditional tools used to protect a hardware server work just as well in a virtualized environment, while others "break altogether."

"We're trying to fix the things that break, to bring ourselves up to the level of security where physical machines are," he said. "But we are also looking to create new types of protection."

Rosenblum said the APIs released as part of the initiative offer security vendors a way to check the memory of a processor, "so they can look for viruses or signatures or other bad things."

Others allow a security vendor to check the calls an application within a virtual machine is making, or at the packets the machine is sending and receiving, he said.

"I don't want to be reverse engineering our products to find exploits or figure out signatures," Rosenblum said. "Fundamentally, that means we have to partner. Fortunately, there is a bunch that are happy to partner and I encourage that."