As said many times while virtual appliances are an interesting approach to software delivery which surely highlights great benefits of server virtualization, they hide some remarkable security risks.
VMware is already caring to address some of them assuring customers a reliable set of providers through its Virtual Appliance Marketplace, but updating process still remains solution’s weakest part.
Now the company could strengthen its effort by releasing a minimal OS image as suggested base for virtual appliances.
Hints about this move come from the new ACE 2.0 Management Server, available as installable binary application but also as self-contained virtual appliance, which sports a mechanism for image update. The appliance user manual exposes the new name of VMware Virtual Appliances Framework, which is described as:
- The basic appliance operating system
- The management interface and back-end services for the appliance-specific functionality: network, updates
Such initiative if commonly agreed by all vendors, along with similar initiatives like VMcasting, could simplify virtual appliances maintainance and greatly reduce exposure times during new exploit diffusion periods.