The upcoming set of VMware APIs known as VMsafe has the potential to dramatically change the way we secure data centers today.
If the technology will be widely adopted by security vendors it’s clear that VMware competitors will try to replicate the approach or further innovate it. But until a clear, positive answer from the market, the most obvious strategy is to raise some (absolutely legit) security concerns about VMsafe and its capability to expose part of the hypervisor for new attacks.
So far Microsoft didn’t took an official position about the topic but virtualization.info had the opportunity to speak with several representatives who clearly stated how carefully the company is evaluating the security implications of a VMsafe-like approach.
Nonetheless Microsoft may be working to build the internal know-how needed to achieve the task.
Just two months ago in fact Microsoft acquired a small security firm focused on rootkit detection called Komoku.
As Christopher Hoff, Chief Security Architect at Unisys, recently discovered, Komoku did some research in the past, presenting a solution for Xen where virtual machines can do self-diagnosis and self-healing as well as learning to protect against subsequent attacks.
As a sort of irony, to develop its prototype Komoku took some inspiration from the work of Tal Garfienkel and Mendel Rosenblum (Chief Scientist at VMware), presented in 2002.
The adoption of a VMsafe-like framework could greatly benefit Microsoft: while VMware has to rely on 3rd parties (unless they want to leverage the Determina acquisition in a certain way), Microsoft has an entire portfolio of products to integrate with its upcoming hypervisor.
This may put the Redmond company in a privileged position against both virtualization and security competitors which miss each other to provide an out-of-the-box secure virtual data center.
blog comments powered by Disqus
virtualization.info Newest articles
February 9th, 2017
“We see greater potential strategic opportunity in NSX over the next decade than our franchise product vSphere has had for the past decade.”
said VMware’s CEO Pat Gelsinger talking about…
November 22nd, 2016
Encryption of virtual machines is something that has been requested for years by the security community. VMware continued to postpone its implementation due to the negative operational impact that many…
November 1st, 2016
In September 2012 Dell announced to have completed the acquisition of Quest Software, a Californian company with an history in systems management, security, business intelligence and, falling back in our…
October 21st, 2016
Citrix announced its financial results for third quarter 2016.
The revenues for the second quarter were $841 million for an increase of 3% compared to Q3 2015.
Net income was $132…
October 19th, 2016
2016 edition of VMworld US has been quite turbulent, on the other hand during VMworld Europe, happening these days in Barcelona, the company announced a few more products for the…
October 18th, 2016
Log Insight is a log aggregation, management and analisys tool, that VMware first introduced in 2013 and now is usually compared with Splunk.
Yesterday VMware announced Log Insight’s new major…
October 13th, 2016
Yesterday Microsoft announced the general availability of Windows Server 2016 which the company defines as a cloud-ready OS.
Beside fancy definitions, one of the most relevant perks of this release…
September 22nd, 2016
During Oracle OpenWorld 2016 the company released version 3.4.2 of its enterprise virtualization solution.
Oracle VM is available for both x86 and SPARC based processor architectures and uses the Xen hypervisor…
September 1st, 2016
Today was the last day of VMware’s flagship conference VMworld in Las Vegas, an highly controversial edition which left a good chunk of the audience disoriented if not properly disappointed….
August 11th, 2016
Last week Gartner updated its Magic Quadrant for Cloud Infrastructure as a Service (IaaS) for the year 2016. The Magic Quadrant for the year 2015 was released in May last year…
August 2nd, 2016
Ansible is one of the four main players in the automation market, younger then the well known Chef and Puppet, has been launched in 2013 in Durham, N.C. and acquired…
July 19th, 2016
Yesterday IBM announced its results for Q2 2016.
If we compare with the same quarter in 2015 earnings per share, from continuing operations, decreased 22%. Net income, from continuing operations,…
June 24th, 2016
Red Hat announced its financial results for the first quarter of fiscal year 2017.
Total revenue for the first quarter was $568 million, with an increase of 18% from the…
June 24th, 2016
Today Red Hat released in beta version 4.0 of its KVM-based virtualization platform Red Hat Enterprise Virtualization (RHEV).
As a major release RHEV 4.0 ships a wide series of enhancements including: