In October 2008 VMware acquired the security vendor Blue Lane Technologies, which offered an interesting inline patching technology for physical and virtual environments.
Rumors say that this was a very opportunistic acquisition considering the economical turmoil and the limited capabilities of Blue Lane to stay profitable.
True or not, the VMware desire to drive virtualization through security and become a leader in that market is evident.
The company already offers a software patching component, Update Manager (OEM’ed from Shavlik Technologies), but will also release a new host intrusion prevention system (HIPS) built on Determina technology, and all its products will benefit the revolutionary point of inspection/prevention that VMsafe APIs will provide.
Last week during the VMworld Europe 2009 (see virtualization.info live coverage of day 1 and day 2), VMware officially announced that the Blue Lane VirtualShield is now relabeled as vShield Zones.
The product will be available later this year, probably as part of the upcoming vSphere 4.0 platform.
For some reasons VMware is deeply changing the message associated to this product: instead of saying that vShield Zones can act as a proxy, intercepting, blocking and/or correcting several layer 7 attacks, the company is describing it more as a security wrapper (similar to VMware ACE) that can enforce the security compliance on any give virtual machine no matter the virtual network it is deployed into.
In other words VMware seems to suggest that this tool can compete and even replace traditional firewalls, making useless those network architectures that include DMZs. Uh-oh.
Read more