Comments on: VMware Launches vSphere (and Security Makes the Keynote) http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/ A Member of the Gartner Blog Network Thu, 09 Feb 2012 23:32:29 +0000 hourly 1 http://wordpress.org/?v=3.0.4 By: Doing Things Better With Virtualization http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/comment-page-1/#comment-1779 Doing Things Better With Virtualization Tue, 22 Dec 2009 14:49:22 +0000 http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/#comment-1779 [...] is the first virtualization platform to offer production releases of introspection capabilities with VMsafe in its vSphere release of its virtualization platform earlier this year. Since then, a few vendors such as Altor and Reflex Systems have released [...] [...] is the first virtualization platform to offer production releases of introspection capabilities with VMsafe in its vSphere release of its virtualization platform earlier this year. Since then, a few vendors such as Altor and Reflex Systems have released [...]

]]> By: No Security (or Management) Controls are Absolute When Users run as Administrators http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/comment-page-1/#comment-1763 No Security (or Management) Controls are Absolute When Users run as Administrators Thu, 17 Dec 2009 19:50:58 +0000 http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/#comment-1763 [...] outside of the OS container that the user has administrative rights in. However, these technologies are just emerging and aren’t yet mainstream on servers, let alone enterprise [...] [...] outside of the OS container that the user has administrative rights in. However, these technologies are just emerging and aren’t yet mainstream on servers, let alone enterprise [...]

]]> By: Neil MacDonald http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/comment-page-1/#comment-224 Neil MacDonald Wed, 13 May 2009 12:58:26 +0000 http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/#comment-224 Todd, Yup. As I have discussed, VMsafe is not a pancea, but it does challenge the industry to think how information security might be delivered differently in virtualized infrastructure. I expect many vendors will appear offering products that tap into the VMsafe APIs, so the maturity index I proposed is usfeul: http://blogs.gartner.com/neil_macdonald/2009/03/13/the-5-stages-of-virtualization-security-vendor-maturity/ I'll hit the issue of VMsafe fast-path/slow-path in a future blog post. Those are engineering names (horrible marketing names!) that point to where the network packet processing is taking place -- in the hypervisor or in a guest VM. Todd,

Yup. As I have discussed, VMsafe is not a pancea, but it does challenge the industry to think how information security might be delivered differently in virtualized infrastructure. I expect many vendors will appear offering products that tap into the VMsafe APIs, so the maturity index I proposed is usfeul:

http://blogs.gartner.com/neil_macdonald/2009/03/13/the-5-stages-of-virtualization-security-vendor-maturity/

I’ll hit the issue of VMsafe fast-path/slow-path in a future blog post. Those are engineering names (horrible marketing names!) that point to where the network packet processing is taking place — in the hypervisor or in a guest VM.

]]> By: Todd Ignasiak http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/comment-page-1/#comment-219 Todd Ignasiak Wed, 13 May 2009 00:35:05 +0000 http://blogs.gartner.com/neil_macdonald/2009/04/22/vmware-launches-vsphere-and-security-makes-the-keynote/#comment-219 The vSphere launch is terrific for virtualization security. Now that VMsafe is nearing availability, vendor placement in the ‘stages of virtualization security’ may stratify even more. VMsafe becomes the baseline, but even in VMsafe solutions there is potential for a broad range of performance and functionality. VMsafe includes Memory, Disk, and Network components. Within VMsafe-Network, there is a huge performance difference between fast-path and slow-path solutions, with fast-path solutions leveraging the hypervisor for packet processing directly in the vKernel. The ability to efficiently leverage multiple VMsafe APIs for delivering defense-in-depth designed uniquely for virtual servers is an exciting prospect. The vSphere launch is terrific for virtualization security. Now that VMsafe is nearing availability, vendor placement in the ‘stages of virtualization security’ may stratify even more. VMsafe becomes the baseline, but even in VMsafe solutions there is potential for a broad range of performance and functionality. VMsafe includes Memory, Disk, and Network components. Within VMsafe-Network, there is a huge performance difference between fast-path and slow-path solutions, with fast-path solutions leveraging the hypervisor for packet processing directly in the vKernel. The ability to efficiently leverage multiple VMsafe APIs for delivering defense-in-depth designed uniquely for virtual servers is an exciting prospect.

]]>