Gartner Blog Network


Building Context-Aware Security: VMware Acquires PacketMotion

by Neil MacDonald  |  August 27, 2011  |  Comments Off on Building Context-Aware Security: VMware Acquires PacketMotion

VMware quietly disclosed it has acquired PacketMotion in this recent blog post by Dean Coza of VMware.

We identified PacketMotion as a cool vendor in Gartner in this 2009 research for clients. Essentially, PacketMotion uses standard Intel-based hardware appliances  (as well as a virtualized probe implementation that runs inside of virtualized environments) to deliver full layer 7 decodes of sessions, providing context-aware security monitoring with application and identity awareness.

So why the acquisition?

VMware’s vShield App offering already provides some amount of application-awareness in vShield App that was acquired from its acquisition of BlueLane, PacketMotion’s application decodes will augment this capability. The more important capability is related to delivering identity-awareness. In this recent research note for clients on vShield (“VMware Pushes Further Into the Security Market With Its vShield Offerings”), I identified identity-awareness as a key need for vShield App:

VMware provides only basic application awareness in the first release of vShield App. Richer application, identity and content awareness capabilities are expected in future releases.

Why context? In this research note for clients “The Future of Information Security is Context-Aware and Adaptive”, I stated:

Rapidly changing business and threat environments, as well as user demands, are stressing static security policy enforcement models. Information security infrastructure must become adaptive by incorporating additional context at the point when a security decision is made, and we are already seeing signs of this transformation. Network security solutions are evolving to incorporate “application awareness” and “identity awareness” into their offerings. Information protection solutions are evolving to deliver “content awareness.” Application, identity and content awareness are all part of the same underlying shift to incorporate more context at the point when a security policy enforcement decision is made. To enable faster and more-accurate assessments of whether a given action should be allowed or denied, we must incorporate more real-time context information at the point when a security decision is made.

Adding identity, application and content awareness to information security policy decision making are all examples of the same fundamental shift to make information security context-aware and adaptive.

Category: next-generation-security-infrastructure  virtualization-security  

Tags: adaptive-security-infrastucture  context-aware-security  next-generation-data-center  next-generation-security-infrastructure  vmware  vshield  vsphere  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.