My Photo

About

Subscribe in a reader

Archives

Subscribe to this blog's feed

Recent Posts

Security Designs

  • Virtual Security Switch Concept

Recent Comments

Add me to your TypePad People list

Categories


« April 2008 | Main | June 2008 »

May 2008

May 09, 2008

Virtualization Vendors Are Not In The Security Business?

Simon Crosby, CTO of Citrix/XenSource made a pretty bold statement yesterday that has some people agreeing with his position and others disagreeing.  In an interview with searchsecurity.com he publicy stated that virtualization vendors are not competent to try and secure virtual environments and therefore looks to 3rd party security companies to solve these concerns. 

Listen to the podcast here

Who are these 3rd party security companies?  Well, there are a number of startup companies such as Montego Networks, Blue Lane, Catbird, Altor Networks as well as some of the big guys that are working on helping the virtualization vendors with these security concerns.

I tend to agree with Simon that the virtualization vendors don't currently have the expertise to deliver appropriate security controls for virtual environments BUT should they?

Well, Chris Hoff who blogs on the topic of virtualization security a lot seems to think that they should deliver security tools and and by not delivering solutions to secure the environment they are doing their customers a disservice.

"Further, I don't expect that the hypervisor should be the place in which all security functionality is delivered, but simply transferring the lack of design and architecture forethought from the hypervisor provider to the consumer by expecting someone else to clean up the mess is just, well, typical."  Said Chris Hoff in his blog on this topic

I've spoken with a number of research analysts, venture capitalists and customers on this topic over the last several months and whenever I tell them what Montego Networks is off building they ALL seem to ask the same questions.  One of those questions is:  Why isn't VMWare or Citrix/Xensource doing this?  My response has always been that "they have publicly stated they do not want to and plan on leveraging an eco-system of security vendors to provide this". 

Well, Simon's public statement is right in line with what I've been saying all along.  The other question I get when I describe how Montego has security built into a virtual switch we've created is; shouldn't this technology be in the VMWare Virtual Switch?  And my response is "absolutely!  But it isn't!  so, someones got to do it."

So, I agree with Chris Hoff and I also agree with Simon Crosby.  The virtualization vendors don't have the expertise BUT I feel they should provide SOME security tools to ensure the environment is safe. 

There are some virtualization vendors that I have spoken with that are planning on using security as a differentiator and its my prediction that one of them will acquire security technology to do this.   Its often easier to acquire vs. try and built it yourself given you don't currently have the expertise.

So who's problem is it to solve??  Virtualization Vendors or Security Vendors??

I see the finger pointing game starting!

Fingerpointing




-John Peterson

CTO / Montego Networks

Posted at 03:44 PM | | Comments (1) | TrackBack (0)

May 15, 2008

Is Virtual Security Technology A Prime Target For Acquisition?

This week has been an interesting week in the virtual security blog world!  Simon Crosby of Citrix/XenSource stated in his podcast that he felt the virtualization vendors like VMWare and Citrix didn't have the competence to address the security challenges of virtualization and Chris Hoff blogged about it saying that the statement is a cop-out and that they should do more in securing their platforms. Alan Shimel also blogged on the topic and agreed with Hoff and I blogged about it agreeing with both Simon and Hoff. 

To restate my position on it; I think that Simon is correct in that virtualization vendors like VMWare and Citrix do not have the expertise today to address all of the security challenges.  I also agree with Hoff that they should address more of the security challenges.  So this leads me to my own opinion that some of the virtualization vendors will acquire security technologies to differentiate  themselves from others and acquire the expertise.  Many say that the virtualization market will become commoditized and  that security can help protect its value. 

Think about it.  Would you rather buy a Virtual Environment or a Secure Virtual Environment?!

So.. Onto the topic of this blog!  Is Virtual Security Technology A Prime Target For Acquisition?

I'd love your opinion so please comment!!

What triggered my blog on this topic was this rumor I heard today.  Some buzz started today that one of the virtual security startups just agreed behind closed doors to be acquired by one of the big guys.  But, who could it be?  Reflex Security, Catbird, Blue Lane, Altor Networks, VMSight, Embotics, etc.

I have an idea of who it could be but don't want to spread rumors that could be false.  The other question is whether or not there is an atmosphere of acquisition frenzy brewing in the virtualization market. 

Please comment on your thoughts - Just click the comments link bellow.

Posted at 02:12 AM | | Comments (2) | TrackBack (0)

May 21, 2008

Lancope and Montego Networks Does VM2VM Visibility with Netflow

I've blogged on this topic of Netflow enabling visibility within virtual environments in the past but thought I'd discuss this topic once again as I feel visibility within virtual networks is VERY important.

One of the big problems that comes along with virtualization is the inability to see "hidden" traffic flows within virtual networks created by VMWare, Citrix and others.  There are a number of companies off building "agents" or visibility products that can drop inside VMWare to bring back that visibility that was once had in the physical network and I think this is great!  But! These solutions although needed are yet another tool that needs to be purchased, managed and maintained.  These new solutions also only work within the virtual environment.

Wouldn't it be great if you could leverage either existing tools that give you physical network visibility or being able to use a tool that could give you both physical and virtual visibility?  It would be one less thing to manage right?  It could also probably correlate information for your entire network vs. just a subset of it.

Well, look no further.  With the enablement of a feature called Netflow within virtual switches from Montego Networks and an experimental version that exists in VMWare ESX 3.5 you can now export Netflow records to physical network monitoring solutions from the likes of Lancope, Plixer International, Mazu Networks, Arbor Networks and others.

What triggered my blog on this topic today was a webinar I listened in on this morning from CTO Adam Powers of Lancope.  He did an excellent job explaining the how VM 2 VM communications are hidden and how you can bring back that visibility by leveraging Netflow and Lancope

I would suggest everyone interested in this topic CLICK HERE to register for the next Webinar by Lancope on this topic.  It starts at 2:00 PM EST today May 21st 2008. 

Bellow are a couple of screenshots from the webinar that was hosted earlier today.

CLICK IMAGES TO ENLARGE
Netflow_diagram_2

Netflow_benefits








Also the picture bellow shows a nice graphic of how the Montego Networks HyperSwitch interacts with Netflow devices.

Montego_netflow











Again, I would suggest everyone interested in this topic CLICK HERE to register for the next Webinar by Lancope on this topic.  It starts at 2:00 PM EST today May 21st 2008.

John Peterson

Posted at 02:35 PM | | Comments (0) | TrackBack (0)