VMware moves to plug security holes
By Miya Knights in Cannes,
VMware, the virtualisation vendor, this morning announced the introduction of a new security technology called VMware VMsafe, designed to protect applications running in virtual machines.
Dr. Mendel Rosenblum, VMware chief scientist unveiled the new technology at the vendor's first European user conference, VMworld Europe, saying it was capable of protecting software running in the data centre in ways previously not possible in physical environments.
"It's a better model for protection engines to sit within the virtual infrastructure because here we can see into the memory, CPU, disk and I/O systems," he said. "That is why we have published APIs [application programming interfaces] to encourage the security industry to develop products to sit on top of the virtual environment."
He added that the VMsafe APIs could allow vendors to develop advanced security products that combat the latest generation of malware, by enabling integration at the VMware hypervisor layer and providing the transparency to detect, prevent or eliminate threats and attacks such as viruses, trojans and keyloggers from ever reaching a virtual machine.
The company said 20 security vendors have already signed up to the VMsafe technology and are building products to enhance the security of virtual machines.
One such vendor is McAfee, whose chief technology officer and executive vice president of product development and research, Christopher Bolin, endorsed the VMsafe strategy presented by Rosenblum.
He said: "Virtual machines remain just as vulnerable today as the software running in traditional data centre environments. That's why we've been working with VMware these last months to develop VMsafe and make sure its open to other security vendors."
A case in point was demonstrated earlier this week when US security vendor Core Security Technologies highlighted an unpatched flaw it said it had discovered in VMware's virtualisation software. It said the fact that VMware has no way of properly validating PathNames to its shared folders feature could potentially allow an attacker to create or modify executable on the host operating system using a custom-coded PathName.
Bolin said: "[Of the] tsunami of malware we saw emerge during 2007 - accounting for 37 per cent of all the malware we seen since we've been in business - we've not yet seen any exploits targeting virtual environments." But he added that greater adoption of the technologies will lead to them becoming a greater target in future.
advertisement
Latest Internet Features
Q&A – Tom Ilube, head of Garlik
The chief executive of identity management provider Garlik discusses how to keep yourself and your information safe online.
- Ten of the most infamous ‘black hat’ hackers
- What next for Microsoft?
- Becta, open source and education: Too little, too late?
- Working 9-5: Not a way to make a living?
- Managing the public face: Why perception is king in IT
- Who'd be an ISP?
- The impact of the Eee PC
- Creating a mobile data management policy
- How Google is redesigning your data centre
Latest Internet Reviews
Acer Aspire One
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with HTC chief Peter Chou
PlayThe company that brought us the XDA phone is at it again, and should give both Apple and BlackBerry a run for their money.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?