One of the biggest issues for enterprises considering virtualization is the effect virtual machine deployment could have on their IT security. But with the launch of a new application programming interface, VMware is hoping to address these concerns by enlisting the help of security vendors from around the world.
The VMsafe API will allow vendors to develop security products specifically at the hypervisor level, in order to combat the latest security threats posed by malware, trojans, and keyloggers. At the press time, over 20 security vendors, including McAfee, Symantec and Checkpoint Software Technologies, have signed on to build products with the technology.
"With our virtualization technology we have an unprecedented amount of visibility into hardware resources, virtual machine resources and the traffic that goes between them," said Parag Patel, vice-president of alliances at VMware. "When fighting against malware threats, you need to compete against the hackers who are always inventing new ways to break security. So we're trying to take our capabilities and make them available to security vendors and their products."
One of VMware's biggest partners in the launch is McAfee, which demonstrated its use of VMsafe during this week's VMworld Europe conference.
"We developed a code to leverage the VMsafe API and actually put our McAfee Host Intrusion Protection on the hypervisor," said Jason Yuan, group manager for project management at McAfee. "When we tried to launch a malicious driver, the program alerted us, identified the virus and shut it down before any damage were done."
Yuan said that in the traditional "Windows" environment, security vendors have not been able to develop monitoring or protection capabilities underneath the operating system. With VMsafe, he said, vendors will be able to provide security protections that were previously not possible in the physical environment.
"We've had to fight the "bad guys" at the network level, the application level, even at the kernel level in the operating systems, but the fact remains that we have always been on an even playing field with the hackers," Yuen said. "This essentially allows us to plug security infrastructure underneath the operating system."
And it appears VMsafe might even win over security analysts -- who have long warned about the dangers virtualization technology can pose to enterprise IT security.