VMware moves to plug security holes
By Miya Knights in Cannes,
VMware, the virtualisation vendor, this morning announced the introduction of a new security technology called VMware VMsafe, designed to protect applications running in virtual machines.
Dr. Mendel Rosenblum, VMware chief scientist unveiled the new technology at the vendor's first European user conference, VMworld Europe, saying it was capable of protecting software running in the data centre in ways previously not possible in physical environments.
"It's a better model for protection engines to sit within the virtual infrastructure because here we can see into the memory, CPU, disk and I/O systems," he said. "That is why we have published APIs [application programming interfaces] to encourage the security industry to develop products to sit on top of the virtual environment."
He added that the VMsafe APIs could allow vendors to develop advanced security products that combat the latest generation of malware, by enabling integration at the VMware hypervisor layer and providing the transparency to detect, prevent or eliminate threats and attacks such as viruses, trojans and keyloggers from ever reaching a virtual machine.
The company said 20 security vendors have already signed up to the VMsafe technology and are building products to enhance the security of virtual machines.
One such vendor is McAfee, whose chief technology officer and executive vice president of product development and research, Christopher Bolin, endorsed the VMsafe strategy presented by Rosenblum.
He said: "Virtual machines remain just as vulnerable today as the software running in traditional data centre environments. That's why we've been working with VMware these last months to develop VMsafe and make sure its open to other security vendors."
A case in point was demonstrated earlier this week when US security vendor Core Security Technologies highlighted an unpatched flaw it said it had discovered in VMware's virtualisation software. It said the fact that VMware has no way of properly validating PathNames to its shared folders feature could potentially allow an attacker to create or modify executable on the host operating system using a custom-coded PathName.
Bolin said: "[Of the] tsunami of malware we saw emerge during 2007 - accounting for 37 per cent of all the malware we seen since we've been in business - we've not yet seen any exploits targeting virtual environments." But he added that greater adoption of the technologies will lead to them becoming a greater target in future.
advertisement
Latest Internet Features
Microsoft: One year under Steve Ballmer
It's been one year since Bill Gates left Microsoft in Steve Ballmer's hands. What kind of year have we seen?
- The top ten UK web brands
- Can Microsoft make a success out of Silverlight?
- A short history of Phorm
- Top of the flops: 10 pieces of tech that died before they’d lived
- Can Google or Microsoft get any bigger?
- Focus on... Flexible working
- 10 big internet names that have fallen
- The history of search engines
- Top 10 mobile Twitter apps
Latest Internet Reviews
Mozilla Firefox 3.5 review
Rating: 
advertisement
Latest News Videos in Internet
Video: How to set up a Smoothwall firewall
PlayWe take you through how to setup your own low-cost firewall system using nothing more than a low spec PC and free software.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?