The limits of today’s security solutions for the virtualization market

SkyRecon is the last vendor focused on security which partners with VMware. Many others already re-aligned their offering to conquer the emerging virtualization market: Reflex Security, Blue Lane, Catbird, SteelEye, etc.

While having some security products supported inside a virtual machine is mandatory ( recognizes the lack of support as the top challenge in virtualization adoption today), unfortunately none of these companies is bringing serious innovation in the space.

No matter if the solution is endpoint security, continous data protection (CDP), intrusion detection system (IDS) or something else. Each of them is just the traditional product inside a virtual machine (with support for this scenario).

No product in these categories acts at hypervisor level, introducing a new way to centralize security control and management, despite virtualization provides the unique opportunity.

This implies two major problems, one technical and another strategical:

  • from a technical point of view these solutions deploy an agent in each protected/monitored/etc virtual machine, duplicating several times the same identical software and wasting precious physical resources which could be used instead to achieve higher consolidation ratios.
    Besides being inefficient this approach doens’t mitigate at any level the security management hell that we already experience today, having to handle at least three different agents per protected computer (typically: patch management, antivirus and firewall).
  • from a strategical point of view these solutions will soon see their own major partner, VMware, becoming an unbeatable competitor.
    It’s well-known in fact that VMware is exploring how to introduce security at hypervisor level since many years and its recent demonstration of continuous availability (along with Determina acquisition) is a confirmation of the effort.

Once VMware (and the other virtualization players) will start offering these features at the hypervisor level, providing more effective security control while avoiding physical resource wasting, which product customers will buy?