ARN

VMware strives to expand security partner ecosystem

VMware yesterday said it has added more security vendor partners to its vShield product-development program in which security firms work with the company to develop data protection specifically designed for VMware's flagship virtualization platform, which today is vSphere 5.0.

Slideshow: Products at VMworld

At a VMworld presentation, Allwyn Sequeira, VMware's chief technology officer of security and vice president of security and network solutions, announced that McAfee, Symantec, Sophos, Kaspersky Lab, BitDefender and Lumension Security were now signed as part of the vShield program. However, these new partners themselves made little fanfare about it and weren't represented on stage.

So far, only Trend Micro has been a VMware partner for vShield, developing anti-malware specifically designed with VMware for virtual machines using the agentless approach proposed by VMware to try and avoid the performance issues traditional agent-based anti-malware can engender when scanning virtualized environments. (HP TippingPoint and Sourcefire have developed VMware-specific intrusion-prevention systems.)

McAfee begged off discussing vShield altogether but today, Sean Doherty, Symantec chief technology officer and vice president of the security group, said Symantec is looking at how it might leverage the vShield approach, but there were as yet no formal decisions about precisely what Symantec would do.

Symantec isn't totally in agreement with VMware's agentless approach. "We believe you can't totally do antimalware without an agent," said Doherty, adding Symantec does expect to have something more decisive to say about vShield by yearend.

Along with technical issues, there are political implications to the vShield approach for security vendors with a large installed base of customers as the vShield program asks for considerable investment in time and money to develop what are new types of security products under VMware's oversight, plus sharing of threat-detection information with vShield Manager in a middleware approach.

In an interview with Network World, Sequiera acknowledged the vShield program in many respects "does represent a challenge to the status quo" and that sometimes new ideas may be "viewed with suspicion." He says it is up to VMware to prove its concepts about the agentless approach are viable, and Trend Micro, with its Deep Security product, "was the first to jump on this." But he said he expects the new vShield partners may end up with a different product outcome than Trend Micro.

The pressure to make vShield and its APIs a success is on VMware in some respects because VMware's earlier security API , the VMsafe APIs, weren't that successful. Sequiera candidly acknowledges that, saying, "we got the APIs wrong the first time," adding that "the major security vendors have found it hard to integrate with VMsafe."

There are a handful of security products besides anti-malware in the market based on the VMsafe APIs, which are expected to be phased out eventually. VMware is reluctant to pin down an exact date, though some vendors anticipate end of next year.

Because VMware has so far reserved the role of software-based firewalls and data-loss prevention under vShield to its own products, that has also contributed to unease among security vendors. But Sequiera says VMware is in discussions with Cisco on a firewall role in vShield. And there could be many other changes that could perk vendor interest. VMware insists its vShield APIs are open but in the early days of vShield has taken the approach of working very closely with a few selected vendors.

In general, the potential for building a new generation of security products specifically designed for VMware's virtualization software may be just beginning. Sequiera said there is work underway with Intel to make use of the security and encryption available in the Trusted Platform Module (TPM) hardware. VMware may have more to say about that by year-end, but bringing in TPM use into virtualization could provide strong authentication and security in the future.

Read more about wide area network in Network World's Wide Area Network section.

Nominations for the 2012 ARN IT Industry Awards open on Tuesday, June 12.

More about: BitDefender, Cisco, Hewlett-Packard, HP, Intel, Kaspersky, Kaspersky Lab, LAN, Lumension, McAfee, Sophos, Sourcefire, Sourcefire, Symantec, TippingPoint, TippingPoint, Trend Micro, VMware
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: anti-malware, bitdefender, Configuration / maintenance, Data Center, hardware systems, kaspersky lab, Lumension, mcafee, security, sophos, sourcefire, symantec, trend micro, Virtualization, VMware, VMworld; VMware; Symantec; security; McAfee
ARN Directory | Distributors relevant to this article
Alloys , Annuity Systems , Anyware Corporation , Aquion , ASI Solutions , Australasian PC Distributors (APCD) , Australian IT Spares , Avnet Technology Solutions , Banksia Software , Bluechip Infotech , Compucon Computers , Dicker Data , Distribution Central , Express Data , Express Online , Firewall Systems , ICT Distribution , Impact Systems Technology , Leader Computers , Lynx Technologies , Multimedia Technology , NewLease , SMS eTechnologies , Synnex Australia , Topstar Computer International , Wavelink , Westcon Group , WhiteGold Solutions , XiT Distribution , Xpress I.T. , Dynamic Supplies , COMPUTERLINKS , Fusion Power Systems , Sektor
ARN Directory | Vendors relevant to this article
HP , Sophos , Symantec , VMWare , Kaspersky Lab , Trend Micro
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/avg/213_avg-internet-security-3-pc-2-year-10-pack-reta
AVG (AU/NZ) Pty Ltd

AVG Internet Security 2012 10 Pack Retail Specials

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.