threat

This is a cross-post of a blog article written by Gregory Ness, former VP of Marketing for Blue Lane Technologies who is currently working for InfoBlox.

The tech industry loves great battles between rivals, and it is often tempting to frame challenges within the context of specific competitive battles. Many see the entrance of Microsoft or even Citrix into virtualization as VMware’s biggest threat. I beg to differ.

VMware’s biggest threat is virtualization-lite, or the confinement of the virtualization business case to within hypervisor VLANS. VMware needs to get enterprises to the bigger picture, the full realization of the benefits of virtualization in the data center, including VMotion. If it cannot, then its sheer share of the data center market will be many times smaller than otherwise, with or without Microsoft or Citrix.

Getting beyond virtualization-lite should be VMware’s number one goal. That would involve unprecedented work with related IT eco-system elements. VMsafe was a great step forward, but it didn’t deliver dynamic security solutions capable of protecting moving VMs.

Another area directly impacted and often overlooked is the network itself. That is, can a static network infrastructure manage, protect, maintain and/or deliver dynamic systems and endpoints? If it cannot, then that is a problem for VMware and an opportunity for the network solutions players.

That is why I think the biggest VMware requirement for success is dynamic infrastructure, or Infrastructure 2.0.

There are substantial virtualization and cloud computing initiatives that will also depend upon dynamic infrastructure. We’ve talked about this issue at Archimedius from both the standpoint of virtualization security and cloud computing. Yet I’m discovering that the issue is much bigger than that. Some enterprises get this and are moving to more dynamic infrastructure; yet others are trying to figure it out.

I think this issue is bigger for IT and networking than a weak global economy. It promises to produce an explosion of breakthroughs in network, endpoint and application intelligence.

The question is asked by Senior Reporter from Forbes Andy Greenberg, who attended the security industry’s big annual confab, the RSA Conference, and wrote up an article aptly titled ‘Virtualization Dark’s Side’. He writes:

“In the past few months, security researchers have revealed bugs in practically every piece of virtualization software, including products from virtualization heavyweights VMware and Microsoft.

Exploiting those bugs, attackers can use what researchers call “virtual machine escape,” or “hyperjacking.” By taking control of the hypervisor, the piece of software that controls all the virtual computers within a machine, an attacker can “escape” from any single virtual computer hosted on the machine and quickly multiply his or her access to a company’s data.”

Virtualization security researchers and experts were quick to point out the weaknesses of virtualization and several techniques to breach the security.

Joanna Rutkowska, the founder of security research firm Invisible Things Lab, reportedly described a new type of virtualization-based malware that could be used to take control of a machine running virtualization software. Because virtualization allows companies to store many virtualized software “images” of computers on a single physical machine, an attack like the one Rutkowska envisions would allow a hacker “not only to control a single machine but to siphon data from any virtual machine it contains”.

Rutkowska also described how an intruder could install what she calls a “blue pill,” a second, malicious hypervisor that controls the original hypervisor and all of the virtual machines beneath it.

Fortunately, she also said that the attacks she discussed are likely too new to have ever been used by real-world cybercriminals, and are unlikely to become common.

What do you think?

Guest Post: VMware’s Biggest Threat Isn’t Microsoft

Is Virtualization The Biggest Security Vulnerability In IT Today?