Home > Server Virtualization News > VMware spawns new vShield Zones network security tool
Server Virtualization News:
EMAIL THIS

VMware spawns new vShield Zones network security tool

By Alex Barrett, News Director
24 Feb 2009 | SearchServerVirtualization.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

CANNES – On the first full day of VMworld Europe, VMware announced vShield Zones, designed to help VMware administrators comply with network security policies without having to resort to physical segmentation of their virtual machines.

VMware derives vShield Zones from its hush-hush acquisition of Blue Lane Technologies last year. Prior to the acquisition, Blue Lane sold the product as VirtualShield, an inline intrusion detection product.

The problem vShield Zones attempts to fix is the seeming disconnect between network security policies and virtualization, explained Bogomil Balkansky, VMware's vice president of product marketing.

For security purposes, most organizations establish network zones with different levels of trust, such as the Internet-facing "DMZ" (or demilitarized zone) and other areas that are "behind the firewall," Balkansky said. "But when you overlay virtualization on top of that model, it breaks," Balkansky said, and you lose many of the efficiencies of virtualization, such as consolidation, better utilization and dynamic mobility.

"It's a classic problem of overprovisioning," Balkansky said, adding that "it's not so much a technical problem as a compliance problem."

Now, with vShield Zones, virtual machines can be spread around on different physical ESX hosts while still preserving the network security policies of their associated zones.

According to Tom Becchetti, senior infrastructure engineer at a Fortune 1000 company, enterprise shops' practice of segmenting virtual machines onto physical hosts is very real. The security risks of mixing VMs with different network policies are probably minimal, but "is it really worth the argument with your security team? Sometimes it's easier to take the path of separate physical hosts so that everyone involved can have their level of comfort."

On Wednesday, VMware Senior Director of Engineering and former Blue Lane CEO Allwyn Sequeira will speak in depth about vShield Zones. According to the preview, he will provide an overview of the technology and discuss use cases, such as how to collapse an Internet-facing virtualized DMZ to meet Payment Card Industry (PCI) firewall standards for cardholder privacy and isolate multiple tenants in the cloud.

The vShield Zones administration will occur from the vCenter management console. Pricing and packaging have not been announced, and availability is set broadly for the 2009 calendar year.

Check out the rest of our VMworld Europe news coverage.

Let us know what you think about the story; email: Alex Barrett, News Director. And check out our Server Virtualization blog.

Tags: VMware conference coverageServer virtualization risks and monitoringVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   





Stay Current on Trends for Server Virtualization
HomeNewsTopicsITKnowledge ExchangeTipsBlogsAsk the ExpertsMultimediaWhite PapersEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts