Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

The Five Stages of Virtualization Security Vendor Maturity

by Neil MacDonald  |  March 13, 2009  |  Comments Off

Stage 1: Virtualization Denial – Here, the vendor hasn’t yet acknowledged the need for virtualization security solutions. Worse, they deny that customers actually need this. Typically, the vendor is afraid of cannibalizing their existing physical environment-based revenue streams. You can tell when security vendors are in denial if you go to their website, search on the word “virtualization” or “VMware” and finding little or nothing of value.

Stage 2: Virtualization Tease The vendor keeps saying they have a version “on their roadmap” or are using stall tactics like “we’re waiting on VMsafe before delivering a solution”. Worse, they appear on main stage  at a big event like VMworld to demonstrate this non-existent solution. In some torturous cases, you search the vendor’s site, find the vendor has a version of their solution running in a VM –  then find out the version is restricted for only testing and demonstration purposes.

Stage 3: Virtualization Immigrant – The vendor’s virtualization security solution works and is supported in a virtual environment. For host-based security software, this is usually just a matter of testing. For network-based solutions, may require a port of their code into an x86-based OS. Solutions here are unaware they are running in a virtual environment.

Stage 4: Virtualization Native – The vendor’s solution are aware they are running in a virtual environment and integrate into the virtualization platform’s capabilities. For example, in a VMware environment they are able to link into Virtual Center configuration tools and are VMotion aware. In most cases, these are the solutions that were created from the beginning to secure a virtual environment.

Stage 5: Virtualization Exploitive – Solutions here use the unique capabilities of the underlying virtualization platform to deliver its security protection in new and potentially transformational ways. For example, scanning multiple VMs without agents using introspection techniques available with virtualization platform APIs like VMsafe.

There are many security vendors that are still in denial, still in stage one and still dragging their feet in delivering virtualization security solutions.

Where are your vendors? Where do you want them to be?

Comments Off

Category: Virtualization Security     Tags: , , ,