VMware moves to plug security holes
By Miya Knights in Cannes,
VMware, the virtualisation vendor, this morning announced the introduction of a new security technology called VMware VMsafe, designed to protect applications running in virtual machines.
Dr. Mendel Rosenblum, VMware chief scientist unveiled the new technology at the vendor's first European user conference, VMworld Europe, saying it was capable of protecting software running in the data centre in ways previously not possible in physical environments.
"It's a better model for protection engines to sit within the virtual infrastructure because here we can see into the memory, CPU, disk and I/O systems," he said. "That is why we have published APIs [application programming interfaces] to encourage the security industry to develop products to sit on top of the virtual environment."
He added that the VMsafe APIs could allow vendors to develop advanced security products that combat the latest generation of malware, by enabling integration at the VMware hypervisor layer and providing the transparency to detect, prevent or eliminate threats and attacks such as viruses, trojans and keyloggers from ever reaching a virtual machine.
The company said 20 security vendors have already signed up to the VMsafe technology and are building products to enhance the security of virtual machines.
One such vendor is McAfee, whose chief technology officer and executive vice president of product development and research, Christopher Bolin, endorsed the VMsafe strategy presented by Rosenblum.
He said: "Virtual machines remain just as vulnerable today as the software running in traditional data centre environments. That's why we've been working with VMware these last months to develop VMsafe and make sure its open to other security vendors."
A case in point was demonstrated earlier this week when US security vendor Core Security Technologies highlighted an unpatched flaw it said it had discovered in VMware's virtualisation software. It said the fact that VMware has no way of properly validating PathNames to its shared folders feature could potentially allow an attacker to create or modify executable on the host operating system using a custom-coded PathName.
Bolin said: "[Of the] tsunami of malware we saw emerge during 2007 - accounting for 37 per cent of all the malware we seen since we've been in business - we've not yet seen any exploits targeting virtual environments." But he added that greater adoption of the technologies will lead to them becoming a greater target in future.
advertisement
Latest Internet Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- 15 tech charities that need your help
- Christmas Gadget Roundup
- Why enterprise search is not internet search
- Web helps Wiggly Wigglers win big
- Netbooks vs. Smartphones: Making business mobile
Latest Internet Reviews
EXCLUSIVE - eSoft ThreatWall 250
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?