VMware plans to deploy security inside ESX in 2011

eWeek Magazine published an article about how VMware plans to deploy security inside the Hypervisor in 2011. Allwyn Sequeira, who is Chief Technical Officer for VMware ‘s Security and Network Solutions divisions told a group of technical writers and analysts that security for applications deployed in cloud systems needs to be built into the hypervisor itself and not reside independently in the stack.

"…When security is automated within the hypervisor — thus untouched by humans — data is going to be far better protected. This is one of VMware’s main goals for 2011, to secure applications running in the cloud in more efficient ways.

"In the future, we want to build security into virtualized applications that can be realized on both public and private cloud infrastructure," Sequeira said. "I call it IAAS: It’s about apps, stupid…"

VMware is planning on moving anti-virus and anti-spam processing off virtual machines and will insert them into the hypervisor as a component. This component will be supplied by one of VMware’s partners. Policy and configuration management will be provided by a Representational State Transfer (REST) API or through the user interface. These improvements can be expected in vSphere next year.

It’s interesting to note that VMware remains vague about which partner will provide the solution, in July this year virtualization.info reported that VMware partnered with TrendMicro in order to provide an antivirus framework, and at that time the earlier announced partnership with McAfee was unclear since McAfee partnered with Citrix to provide a similar solution. The fact that VMware still mentions “one of its partners”, and not explicitly mentioning TrendMicro may suggest that a solution provided by McAfee can still be expected.