Menu

TMCnet News

[March 03, 2008] VMware Opens To Security Tweet (Information Week Via Thomson Dialog NewsEdge) VMware is offering security software vendors a way to tie into its ESX hypervisor via APIs. The move comes amid a heightened sense that virtual machines aren't quite as secure as people might like them to be. By letting security vendors see the message traffic flowing through ESX, they can plug in systems that monitor VM activities for viruses, Trojans, and keyloggers, for example. VMware says 20 security software suppliers already are interested in doing just that. They include the Good Housekeeping names of the security industry, such as Check Point, McAfee, Symantec, and, of course, RSA, which like VMware is owned by EMC. The new APIs, dubbed VMsafe, "acknowledge a problem that a lot of people were sweeping under the carpet," says Andi Mann of Enterprise Management Associates, an IT consulting firm. The day before the VMsafe announcement, Core Security Technologies, a security testing firm, said it had demonstrated in a lab a vulnerability that makes use of a shared folder accessed by VMware's Workstation or Player. The vulnerability in VMware's desktop virtualization products could let a Trojan or virus jump from the virtual machine onto the host. Researchers haven't seen any real-world implementations that exploit this vulnerability, and VMware plans to fix it in its regular upgrade cycle. By using the more open APIs, security systems will be able to monitor for suspicious activity, says Parag Patel, VP of VMware alliances. So if a virtual server starts downloading passwords and e-mail addresses, the system will know it's likely an intruder who has gotten into the e-mail or identity management system, and stop it. Such systems don't exist today, but VMware's new plan to share security APIs, says Mann, "bodes well for the future." --- Safety Check APIs let vendors protect: MEMORY AND CPU, with views into VM memory pages and CPU states NETWORKS, via packet-filtering inside hypervisors PROCESS EXECUTION, by monitoring and control using in-process APIs. STORAGE, by manipulating VM disk files as they exist on storage devices http://informationweek.com/ Copyright 2008 United Business Media US, LLC. All rights reserved. Copyright ? 2008 CMP Media LLC [ Back To TMCnet.com's Homepage ]