VMware: Securing vApps Major Step In Cloud Migration

VMware executives said the company's new approach entails a paradigm shift from a concept in which security is added on, to one in which security is inherent across all infrastructure.

Allwyn Sequeira, vice president of security and networking solutions at VMware, said that the new approach to security would entail an "infrastructure-centric view," building secure, virtualized infrastructure with embedded security controls that would "hide the fact that it even exists," Sequeira said.

Specifically, Sequeira said VMware was continuing on its path to focus on integrating security directly onto virtualized apps, essentially allowing security to "travel" as an inherent component of applications as they move across physical infrastructure platforms.

"How do we re-architect the secure data center to meet the needs of a cloud-centric enterprise?" Sequeira asked. "The future is to build in security into the virtualized apps that can be realized on private and public cloud infrastructure."

Changing the concept of virtualized security to one that's more integrated was a logical step in an evolving IT environment that is increasingly gravitating toward the cloud.

Two of the biggest drivers of that shift are mounting security threats and the increasingly stringent security compliance regulations around virtualized and cloud environments, executives said.

"The cloud has changed the way we work," Sequeira said. "Cloud computing is not about where you run something, it's about how you run an application."

Going forward, VMware plans to "encapsulate virtualized apps" which will have the ability to move securely across a multitude of platforms, ultimately making them security-independent of the infrastructure.

"It's a disruptively different way of looking at security," Sequeira said. "The end user security focus shifts from securing desktops, to securing access, to securing vApps from any device. These self-securing vApps can then go anywhere."

VMware had already embarked on this security paradigm shift in August with the launch of its vShield product line, which virtualizes a slew of network security technologies such as firewall, VPN and load balancing. Specifically, the vShield App, a hypervisor-based application-ware firewall, enables adaptive security policies, which allows them to be transferred across cloud, virtualized and physical infrastructure.

VMware said that channel partners would be a significant part of its vShield go-to-market strategy. The company said it was actively recruiting new partners, as well as engaging current partners in an effort to develop the enablement, training and co-marketing programs around vShield solutions.

Partners Say vApp Security Not A 'Radical' Move However, company executives were unclear as to how big a role channel partners would play in facilitating the migration, the type of training and certification required and what consulting and assessment services they could provide to customers.

Meanwhile, channel partners say that the company's shift to integrate security in virtualized environments at the application layer wasn't a radical change in paradigm but more of a natural evolution for the industry.

"It's something that VMware and the industry have been moving slowly toward for years," said Steve Kaplan, vice president of data center virtualization for Houston, Texas-based INX. "It's a continued evolution. Virtual machines have the potential to be more secure than physical servers."

The concept of integrated virtualized security is still one that many end user customers are wrestling with, partners say. And it will be some time before most customers comfortably embrace virtualization as a secure platform.

Kaplan said that customers' biggest concerns were often about ensuring that the security measures and compliance were "going to be at least as appropriate in a virtual environment as a physical one."

"We make the case that, the potential is there now to make a virtual environment more secure. It has to be done carefully, very thoroughly," Kaplan said. "Virtualization touches everyone and forces a lot of collaboration and dependencies that weren't there before. Security becomes more visible as well."