Quoting my latest article on Virtual-Strategy Magazine:
Christopher Bolin, CTO of McAfee, was the sole representative for security vendors making it on stage at VMworld Europe 2008 during the announcement for the new VMware VMsafe security technology.
During his presentation, Bolin said there was a virtual tsunami of malware in 2007, with 37% of all malware coming in during that very same year. On an average business day, McAfee sees over 500 unique pieces of malware coming into their research department. And still Bolin said that with all of the academic and online discussions about potential threats to VMware and other virtualization technologies, and despite these discussions taking place, his company still hasn't seen any real malicious attacks against virtualization or VMware specifically.
I must admit, I can't help but find it a wee bit humorous that one of the biggest takeaways from the VMsafe announcement was that there was no record of any attack on the hypervisor yet. That's great news for us in the virtualization community today; and thankfully, these 20+ vendors plan on beating malware to the punch.
But if there haven't been any real malicious attacks against the hypervisor as of yet, why all the hoopla now?
Andi Mann, Research Director at Enterprise Management Associates, says it bodes well for the future that VMware is thinking about security. "For a long time it was one of the biggest unaddressed issues in virtualization. With few exceptions (e.g. Blue Lane, Configuresoft), virtualization security meant people and process management. And if your people and process failed you? Well, you were completely exposed."
So, what's changed?
...
Find out and read the rest of the article, here, at Virtual-Strategy.com.