Security in the virtualization space, or virtsec as its being called by some, is supposed to be a big deal. Why? For one, security is a huge topic of concern in the physical world. Consumers and businesses spend large sums of money every year to protect their physical end-points and keep malware from entering their datacenter or homes. And when you transition over to a virtual world, why wouldn't you still be concerned about the very same problem and issues? After all, just because a machine is virtual doesn't mean it's impervious. And security seems to be one of the top reasons why many people in the industry are slow to adopt virtualization into their production environments. And so, VMware has introduced us to their solution called VMsafe.
I was originally exposed to this concept back at VMworld two years ago (it didn't have a name like VMsafe back then - it was just an idea or concept at the time). But now, the VMsafe initiative was finally launched at VMworld Europe 2008 and the cat has been released from the bag. The technology allows security software vendors like McAfee to write anti-virus and malware protection software against an API that will be provided with the VMware ESX Server hypervisor environment.
Everything I heard made sense to me at the time, but I wanted to know more about the security of the security end-point. VMsafe can stop the malware before it gets to the virtual machine, but what keeps the malware writers from focusing their attack on the API or the VMsafe virtual machine? According to an article in a VMworld Europe magazine, this shouldn't happen.
"Security purists and VMware's competitors will undoubtedly argue that providing access to the hypervisor, albeit in a highly controlled manner, increases the risk of the hypervisor's own integrity being compromised, and with it the security of every virtual machine that runs on top of it. VMsafe is architected in a manner that eliminates this threat by having the security product run in an isolated space outside of the context of the hypervisor."
Good. So VMsafe is safe. But safe from what? Interestingly, while describing this whole concept of security and VMsafe during the keynote presentation, Christopher Bolin, CTO of McAfee talked about academic and online discussions over the potential threats to VMware and other virtualization technologies. And despite these discussions, Bolin said that they haven't yet seen any real malicious attacks against virtualization and VMware specifically. That's impressive.
Read the rest of my article at InfoWorld, here.