Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Building Context-Aware Security: VMware Acquires PacketMotion

by Neil MacDonald  |  August 27, 2011  |  Comments Off

VMware quietly disclosed it has acquired PacketMotion in this recent blog post by Dean Coza of VMware.

We identified PacketMotion as a cool vendor in Gartner in this 2009 research for clients. Essentially, PacketMotion uses standard Intel-based hardware appliances  (as well as a virtualized probe implementation that runs inside of virtualized environments) to deliver full layer 7 decodes of sessions, providing context-aware security monitoring with application and identity awareness.

So why the acquisition?

VMware’s vShield App offering already provides some amount of application-awareness in vShield App that was acquired from its acquisition of BlueLane, PacketMotion’s application decodes will augment this capability. The more important capability is related to delivering identity-awareness. In this recent research note for clients on vShield (“VMware Pushes Further Into the Security Market With Its vShield Offerings”), I identified identity-awareness as a key need for vShield App:

VMware provides only basic application awareness in the first release of vShield App. Richer application, identity and content awareness capabilities are expected in future releases.

Why context? In this research note for clients “The Future of Information Security is Context-Aware and Adaptive”, I stated:

Rapidly changing business and threat environments, as well as user demands, are stressing static security policy enforcement models. Information security infrastructure must become adaptive by incorporating additional context at the point when a security decision is made, and we are already seeing signs of this transformation. Network security solutions are evolving to incorporate “application awareness” and “identity awareness” into their offerings. Information protection solutions are evolving to deliver “content awareness.” Application, identity and content awareness are all part of the same underlying shift to incorporate more context at the point when a security policy enforcement decision is made. To enable faster and more-accurate assessments of whether a given action should be allowed or denied, we must incorporate more real-time context information at the point when a security decision is made.

Adding identity, application and content awareness to information security policy decision making are all examples of the same fundamental shift to make information security context-aware and adaptive.

Comments Off

Category: Next-generation Security Infrastructure Virtualization Security     Tags: , , , , , ,