Virtualization is mind-blowing stuff, but I have never seen the metaphors get so intricate or the prose get so purple as the blog posts on VMsafe over the past week. Either VMsafe (see our previous post) has touched a nerve, or rhetoric in the security industry is even more heated than the virtualization industry. I suspect both.
Link: Chris Wolf: VMsafe is cool because … — Server Virtualization Blog.
“VMsafe is a very important technology in my opinion, as it changes
how virtual environments are secured. Today, security appliance virtual
machines (VMs) typically monitor other VMs by connecting to them over a
virtual switch.
The result is virtual network monitoring that resembles physical
network monitoring,” Wolf said. “The current model is fine until VMs
begin to dynamically move across a virtual infrastructure. ...
Wolf continued, “VMsafe also provides the framework for offloading
many security activities to special-purpose security VMs, including
roles such as antivirus monitoring. As we move to an automated or
dynamic data center, having special-purpose security appliances that
are capable of enforcing security policies at the hypervisor level can
ease security management in an environment that will be constantly
changing.
Link to another coffee spit-take rant at: Rational Survivability: VMWare's VMSafe: Security Industry Defibrilator....Making Dying Muscle Twitch Again.
As I mentioned in a prior posting,
VMware's VMsafe has the potential to inject life back into the
atrophied and withering heart muslce of the security industry and raise
the prognosis from DOA to the potential for a vital economic revenue
stream once more. ... For the purpose of this post, I'm going to focus on the security
implications of virtualization and simply summarize by suggesting that
virtualization up until now has quietly marked a tipping point where we
see the disruption stretch security architectures and technologies to
their breaking point and in many cases make much of our invested
security portfolio redundant and irrelevant. ...
So, we've got this fantastic technological, economic, and cultural
transformation occurring over the last FIVE YEARS (at least,) and the
best we've seen as a response from most traditional security vendors is
that they have simply marketed their solutions slimly as
"virtualization ready" or "virtualization aware" when in fact, these
are simply hollow words for how to make their existing "square"
products fit into the "round" holes of a problem space that
virtualization exposes and creates. ...
VMSafe represents a huge opportunity for these vendors to claw their
way back to life, making their solutions relevant once more, and
perhaps even more so.
And then in the comments to Hoff's post, Greg Ness (VP Marketing for Blue Lane) says about the VMsafe introduction that "It felt like the IT industry's equivalent of the Beatles first performance on Ed Sullivan." and then posts at his own blog. Link: Dispelling Virtsec Myths « ARCHIMEDIUS.
The hardware
infrastructure that emerged with the rise of desktop computing and the
internet is about to collapse back into the server. That
model is infinitely more scalable, more dynamic and more flexible than
the world of pipes, racks and screwdrivers. That is why virtualization
will win out over daisy chains of specialized hardware. ...
Some deep security
experts suggest that there are new hypervisor-specific attacks that
pose real, catastrophic threats. As I commented while on an
InformationWeek panel last month, the hypervisor is modern code with a
very lean attack surface. Compare that lean hypervisor code to the
layers of code and sizable population of known vulnerabilities in any
leading operating system or application/database. Then look at the rate
of change now possible in a virtual infrastructure. ...
Let’s use the hypervisor layer to deliver improved security. After
all, it is a standardized inflection point that can scale with the
servers and the traffic ...
