ARN

VMware to unveil major partnerships

VMware partners with Symantec, IBM, McAfee and others to boost security

VMware has formed partnerships with Symantec, IBM and other major security vendors to boost protection of computers running on its virtualization software, Reuters reported this week.

The initiative is called VMsafe and will be announced next week at the VMworld Europe users conference. A VMware spokeswoman contacted by Network World would not confirm the project.

But it's been public knowledge since September that VMware is working with several big industry players on a project containing "a set of APIs which could be used by antivirus, IDS and patch management vendors to enforce security at the hypervisor level," according to the blog Virtualization.info.

According to Reuters, VMware's partners include Symantec, McAfee, IBM's Internet Security Systems division, EMC's RSA division, and Check Point.

Virtual servers are prone to the same attacks as physical servers and new ones that exploit weaknesses in hypervisor technology. Some network managers wonder whether security threats in a virtualized environment could spread across an entire network, Network World reported last November.

"I am holding off on server virtualization because I have already been hearing about security issues with the hypervisor," says Craig Bush, network administrator at Exactech said in November. "One server being breached doesn't take down our entire network, but if it is possible for a hypervisor to do that, I'll just wait until the security angle is more played out before I jump into virtualization."

VMware disclosed three security problems in the DHCP (Dynamic Host Configuration Protocol) server in September, after IBM researchers discovered that it can be exploited to gain control of the computer. VMware issued software updates to eliminate the flaws.