Digital Edition

SYS-CON.TV
Virtualization Security: VMware Crosses the Rubicon
Will The Netsec Industry Finally Wake Up to the Potential of Virtsec?

While the press and blogs are buzzing about cloud computing, VMware has made probably one of the most significant cloud-related announcements ever made; and with : vShield Zones has added even more distance between rivals when it comes to data center and cloud security.

Last year at VMworld in Cannes, VMware announced the VMsafe VMware security partner ecosystem. The virtualization security "industry" had been notably silent (other than a colorful row between security blogger/expert Chris Hoff and Citrix CTO Simon Crosby) for the rest of 2008. Virtualization expert Rich Miller even mentioned the sound of security silence at VMworld Las Vegas in September:

The theme I noted most at VMworld 2007 a year ago was "security."  This year, it seemed noticeably absent.  My sense is that the industry has yet to catch up and capitalize on VMsafe. Because all of the "next generation" of offerings from VMware and the independent providers are still in development, no one made too much of security issues.

The contrast between the Cannes security ecosystem exuberance and VMware crossing the Rubicon at VMworld Cannes 2009 marked a stunning and much needed shift in the virtualization space. It was the first serious step by any vendor towards a real solution for securing the cloud and moving data center virtualization deployments from virtualization-lite (hypervisor VLANs) to "rack and stack" cloud environments.

While Microsoft and Citrix make price adjustments VMware launches genuine innovation that could significantly change the economics of IT in production environments. Security is a critical differentiator when it comes to deploying virtualization in production data centers and creating cloud environments.

This move is not without risk, as VMware had invested great effort in lining up a security partner ecosystem which was kicked off the year before in Cannes, which I celebrated via an interview with Tarry Singh during my recent tenure at Blue Lane (which was acquired by VMware in 2008).

If the Blue Lane acquisition didn't send a chill down the spine of the network security industry, this announcement should. It signals a new era in security introduced, ironically, by a virtualization vendor. Despite the virtsec exuberance and optimism introduced by the new and novel security requirements, much of the network security industry was caught flat-footed. And that still seems to be the case.

Gartner VP Neil MacDonald summed it up with his recent blog about the traditional security vendors:

Many are clinging to business models based on their overpriced hardware-based solutions and not offering virtualized versions of their solutions. They are afraid of the inevitable disruption (and potential cannibalization) that virtualization will create.

The writing is on the wall for network security vendors who have elected to wait and see if the "cloud computing hype" is just a passing fad or are clinging to obsolete technology or business models. The vShield announcement could also a double-edged sword for the virtsec startup vendors: 1) who could be more isolated than ever from the virtsec momentum within VMware and yet 2) possibly more strategic now that VMware has played a real security card in the marketing battle.

With the VMware vShield Zones announcement, any vendor who thinks that virtualization and security are two separate and distinct matters is headed for the distinctive Club Maginot school of static security expertise. They are about to relive the fates of French officers watching German planes fly over the massive, integrated and ambitious French defense investment at one of its strongest points (in Belgium). The wall was designed for WW1 and was partly responsible for a rapid German conquest of France in early WW2.

Virtualization and cloud are introducing new demands on security, because they are introducing new, unprecedented levels of mobility and automation for systems and endpoints. The economic payoffs are so promising that cloud promises to have a substantial impact on the computing era. The question is, are those who think in terms of static networks (whether they are security or network vendors or pros) fully prepared for the requirements of Infrastructure 2.0?

Yet the increased velocity of change is also making the network itself more strategic and yet more challenged. This collision between automated systems and manually managed networks will produce significant opportunities for networking vendors and professionals who understand the power and opportunity of automation; and significant risks for those still riding the "kludge train" of manual reactions to the automation revolution now proliferating within the bowels of IT.

I am a senior director at Infoblox. You can follow my comments in real time at www.twitter.com/archimedius.

 

About Greg Ness
Gregory Ness is the VP of Marketing of Vidder and has over 30 years of experience in marketing technology, B2B and consumer products and services. Prior to Vidder, he was VP of Marketing at cloud migration pioneer CloudVelox. Before CloudVelox he held marketing leadership positions at Vantage Data Centers, Infoblox (BLOX), BlueLane Technologies (VMW), Redline Networks (JNPR), IntruVert (INTC) and ShoreTel (SHOR). He has a BA from Reed College and an MA from The University of Texas at Austin. He has spoken on virtualization, networking, security and cloud computing topics at numerous conferences including CiscoLive, Interop and Future in Review.



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are rep...
Serveless Architectures brings the ability to independently scale, deploy and heal based on workload...
Technological progress can be expressed as layers of abstraction - higher layers are built on top of...
When building large, cloud-based applications that operate at a high scale, it’s important to mainta...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it wil...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience w...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the m...
Big Switch's mission is to disrupt the status quo of networking with order of magnitude improvements...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the c...
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, disc...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
NanoVMs is the only production ready unikernel infrastructure solution on the market today. Unikerne...
SUSE is a German-based, multinational, open-source software company that develops and sells Linux pr...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (No...
All in Mobile is a mobile app agency that helps enterprise companies and next generation startups bu...
Dynatrace is an application performance management software company with products for the informatio...
Yottabyte is a software-defined data center (SDDC) company headquartered in Bloomfield Township, Oak...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...