The evil effects of the red-eye on my 6'3" body are now gone so it is time to unveil the security that was most impressive at VMworld 2010. While security concerns are an ever present theme of businesses planning on evolutions to private and public cloud services, most of the security vendors try to catch the virtualization wave with architectures designed for the physical world. However, there were noteworthy cases of innovative security that can be applied to virtual and physical environments that captured my "Top Security in Show" awards:
- Top Security in Show: Trend Micro really knocked it out of the park with their enhancements to anti-malware and data protection for hybrid clouds! Moving signature file processing outside of individual VMs and including VM components in their white-list check allows VDI customers to increase server density without sacrificing anti-malware security, and their encryption in the cloud may prove to be an attractive way to deliver desktops. Even better is that these features have attractive values for farms of physical desktops as well. While their competitors talk about virtualization, Trend Micro is leading the way with product.
- Second: Intel, RSA, and Terremark demonstrated use of Intel's Active Management Technology (AMT) in a real world scenario featuring security as an enabler of enhanced business services. Shown was the Terremark service provider reaching out through AMT to wake up the endpoint, authenticate the endpoint as a customer device (RSA key management) and validate the compliance of its software configuration. Potentially, the SP could enhance bandwidth utilization by scheduling PC maintenance tasks in off-hours, identify the device as a customer and check SLA terms, download patches or a refreshed VM, and upload regulated data for backup and retention. Cool stuff and gets my #2 spot for potential.
- Third: HyTrust, not generally regarded as a security vendor, HyTrust effectively federates identities to enable service providers to offer multi-tenant virtual data centers, and enterprises to disperse their infrastructure across multiple cloud vendors. HyTrust manages privileged user operations within a dynamic virtual data center. It's new security features allow SPs to ensure that customers can only manage their systems and data, and that the customer name is not disclosed when using SSO to bridge to other cloud services. It is pretty clever, and advances the manageability of IT in the cloud.
- Honorable mention: Check Point, Shavlik. Check Point featured its Secure Gateway Virtual Edition and also has a secure remote access play with Abra to enhance hybrid cloud security; Shavlik was applying software configuration management to gold images and VMs to simplify vulnerability management in a virtual environment. Both companies get two thumbs up.