VMware to embed RSA security into vSphere 4
VMware and RSA announced a strategic plan to embed RSA's data-loss prevention (DLP) and encryption technologies into VMware's new vSphere 4, virtualization software for the data center which will soon ship.
The trend toward software virtualization is well under way "but we're not waiting until the entire transformation is done before embedding security," said RSA president Art Coviello in making the strategic-partnership announcement. RSA is the security division of EMC and VMware is majority-owned by EMC. The first step of the strategy entails embedding RSA's data-loss prevention technology into vSphere in order to monitor or block unauthorized transfers of content held in vSphere
Eventually, according to the plan outlined Wednesday, RSA's public-key encryption technology would also be tightly coupled to vSphere to enhance data security. But executives from RSA and VMware acknowledge the virtual-machine (VM) security strategy both are committing to is still in the early stages with no specific shipment dates.
Today DLP for vSphere, the virtualization software for creating the equivalent of cloud computing inside the enterprise , is not much more than a "proof-of-concept" which RSA is demonstrating in its booth here at the RSA Conference, admits Brett Hartman, chief technology officer at RSA.
"The RSA DLP integrates with vShield, the firewall on the VMware side, for content control as it flows from VM to VM," said Hartman.
The goal is to prevent unauthorized data flows in an efficient manner by having the DLP software tightly coupled into vSphere, probably through software plug-ins, according to RSA senior vice president of products, Chris Young. The long-awaited VMware VMsafe technology is included in vSphere, which will give security vendors a set of application programming interfaces (APIs) at the hypervisor level to more efficiently make use of third-party security products in virtualized environments.
Steve Herrod, chief technology officer at VMware, said it's anticipated there will be a need for a VMsafe 2.0 version to support the range of tightly-coupled security functions that VMware envisions for vSphere in the future.These would include RSA's encryption technologies for public- and private-key encryption and data integrity checking.
But one of the toughest challenges RSA and VMware face in their quest to embed DLP and encryption functions into vSphere is devising a management platform defining how virtualization and security policies work together in a common management framework. "There has to be a consistent model," Hartman said. "How do the policies work together? We're still working on that."
Herrod pointed out that another RSA product, SecurID for authentication, is supported today in vSphere as well as log-management support using RSA security-event management product enVision.
Network World
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
vmware
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
