VMware Has a Security Attention Deficit Disorder

Paula Musich
Paula Musich

Summary Bullets:                

  • VMware continues to shift its virtualization security priorities around, this time with a focus on the new Service Composer in the NSX virtual networking platform.
  • Despite the lack of focus on VMware’s part, third-party security providers continue to make progress with existing products, building up greater maturity and expanding their installed bases.

VMware’s attempts to deliver a cohesive set of security services for its dominant server virtualization technology in partnership with leading security providers appears to be a bit of a shell game.  Just when you thought the gold security coin was under one shell, you discover that you missed the last move and now it is under another.  In this case, VMware had been working to create a set of higher level APIs developed in conjunction with leading security partners that would be easier to work with than the former VMsafe APIs and reflect the requirements of a broader set of security functions—not just anti-virus signature scanning.  But that was before VMware acquired software-defined networking startup Nicera for over $1 billion around the time of VMworld 2012.  Fast forward to VMworld 2013 and voila!  No progress report on the security APIs, no expansion of the partners writing to those APIs, no case studies demonstrating real world deployments of security products using those APIs to deliver better security for VMware hosted applications.  Instead what you find is that VMware has shifted its attention (and resources) to trying to establish a virtual networking platform that it hopes will do for networking what the virtual machine did for computing. Continue reading “VMware Has a Security Attention Deficit Disorder”