VMsafe – Yet another reason to deploy server virtualization

As if improved availability, increased hardware utilization, physical server consolidation, efficient server provisioning and enabling disaster recovery weren’t reasons enough to deploy server virtualization, VMware just announced VMsafe, making operating in a virtual environment more secure. VMsafe is basically a set of APIs that enables security vendors to “hook into” the memory, CPU, disk and I/O systems of a virtual machine and monitor any and all the operations performed on an individual virtual machine basis. Essentially this creates transparent visibility into the virtual environment that was impossible to achieve before VMware opened up the doors.  Think of this as a brand new security layer in a defense-in-depth security architecture.  The improved visibility provides a tremendous opportunity for security vendors to develop new tools and products that fully leverage this new opportunity.

There is plenty of buzz amongst the community here at VMworld Europe 2008. I commend VMware for opening the “back door” and working with all the security vendors. The biggest opportunity for VMware around VMsafe is the indirect increase in adoption in VMware software solutions. I imagine businesses will soon begin to implement business workloads and mission critical applications on virtual machines solely to achieve better security than they could achieve on a physical server. In theory, other server virtualization vendors should be able to provide the same type of visibility. Microsoft? Citrix?  Expect similar announcements sooner rather than later.