Virtualization pros are still digesting how VMware’s PacketMotion acquisition last month will fit in with its vShield security tools.
The move appeals to some highly
PacketMotion’s PacketSentry product and its various network monitoring probes provide user access management, alerting administrators when sensitive data is being accessed and by whom. PacketMotion can also stop non-compliant traffic with firewalls and monitor database and file-share activity. The PacketSentry product line is mostly hardware-based, with the exception of the recently released VirtualProbe, a “packet sniffer” that monitors traffic between virtual machines (VMs).
VirtualProbe, as well as the company’s user access management offerings, are of particular interest to VMware, according to Dean Coza, director of security product management, in a blog post announcing the acquisition. “[Existing vShield] capabilities give us the what and the how of [the virtual security] equation (the sensitive data and its location). PacketMotion can provide the who (who is accessing it).” VMware will integrate PacketMotion’s intellectual property into the vShield product line, according to the post.
User access management appeals to some prospective vShield customers. Angelo Luciani, a network specialist for a financial institution in Canada, expects to deploy vShield App in the next month and is intrigued by PacketMotion’s agentless database and file-share activity monitoring.
Today, Luciani’s firm uses two agent-based products for these features: Lumigent’s Database Activity Monitoring and Blue Lance Inc.’s LT Auditor, which the PacketMotion product could replace.
“I’m really interested in seeing how VMware is going to incorporate these various products into vShield,” Luciani said.
As it stands, managing agents can be cumbersome, Luciani said, but PacketMotion “could give us immediate notification whether a DBA’s going into an area or doing something that they’re not supposed to be doing, rather than waiting to find out the next day from a report.”
Horizon on the horizon?
VShield is the obvious slot in VMware’s product line for PacketMotion’s products to fit, but some industry observers also see a future for them in VMware’s Horizon Mobile and Horizon Application Manager application delivery and management services.
“PacketMotion technology is based on the fact that you’re using a well-known directory service at all times, whether it be LDAP or Active Directory,” said Edward Haletky, CEO and analyst for The Virtualization Practice, LLC. “Horizon Mobile and Horizon App Manager… require a well-known directory service in order to be used… If [VMware] made [PacketMotion] part of Horizon, it’d make a whole lot more sense. Even though we need that audit trail everywhere else, we can’t always guarantee we have a well-known directory service.”
In the meantime, Haletky said, “[VMware] really needs to integrate this well the first time to make it useful. But they have a lot of work.”
Unless VMware wants to sell hardware, its first challenge will be to run the PacketMotion software as a virtual appliance, Halteky said. The conversion from physical to virtual in this case won’t be a small undertaking.
“Think about what they’re doing, why it was hardware in the first place -- for a large-scale network, that’s a lot of data to process. So how do you process all that data quickly in a virtual environment?” Halteky said.
Who will buy?
Virtualization pros can see how PacketMotion fills the gap in the vShield lineup, but whether they’ll actually install is another matter.
Users in midsized enterprises see this as a play for larger shops, particularly those with compliance concerns.
“Larger companies typically have more compliance regulations they fall under,” said Bill Hill, infrastructure IT lead for a Portland, Ore.-based logistics company. “For me, I don’t have that. We’re not a public company. We don’t handle credit cards. We don’t handle public health records and stuff like that. The only compliance is something we have internal that would be self-imposed.”
But users in large enterprises pass the “hot potato” back again, speculating that PacketMotion’s intellectual property will find a home in the SMB market, where users are more likely to adopt public or hybrid clouds rather than building their own private clouds.
“We are spinning some stuff up but it’s probably a year or two out,” said Christian Metz, a systems administrator at a Fortune 300 insurance company. “It’s all going to be private anyway. We’re not going to any public cloud…it’s just going to be internal customers that we interact with directly, so for this organization in particular, [PacketMotion’s user access management] is probably not going to be a piece that we would be looking into purchasing at all, at least not at this stage.”
Overall, channel partners say vShield adoption has been slow so far, because adoption of the kind of cloud computing model that necessitates such products is also still in its infancy.
“There are very few companies that have actually jumped into cloud yet,” said Shannon Snowden, consulting partner with New Age Technologies. “Right now you’ve got to cobble together a lot of different vendors and a lot of different products…right now it’s a little bit of wishful thinking.”
Beth Pariseau is a senior news writer for SearchServerVirtualization.com. Write to her at firstname.lastname@example.org.