Software
News
6/26/2008
12:00 PM
Joe Hernick
Joe Hernick
Features
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Analytics Summary: VMware Security

As IT groups spawn new virtual machines at a breakneck pace, security is too often an afterthought. Can VMware's dominance of the enterprise server virtualization market buy us some breathing room?

Our survey on the state of VMware security revealed some startling facts: Just four in 10 consider hyperjacking a realistic threat, and nearly half take a laissez-faire approach to virtual machine provisioning and management. Some even let business units deploy VMs with no oversight, perhaps because 20% assert that VMs are safer than physical servers.

The reality, and a concept that many IT and business managers fail to grasp, is that a virtual server is still a server. A production VM--and its host--must be held to the same level of rigor as a comparable physical production server, with identical change management policies for approval, deployment, patching, and other processes.

InformationWeek Reports

For now, accepted best practices are at least as important as VM-specific toolsets. Still, hypervisors must have security baked in from the beginning. Armies of attackers are no doubt working feverishly for the bragging rights that will come with being among the first to hyperjack--that is, to gain control over--a high-value physical server that hosts VMs.

So are industry-leading virtualization vendors doing enough to keep us safe? For example, will VMware's VMsafe program, which provides APIs with hooks into the ESX hypervisor, pay off for IT, or even help keep Microsoft's Hyper-V at bay?

Maybe, on both counts. Every security vendor we interviewed for our VMware Security Analytics Report, is focusing on product development for VMware. And every security vendor we interviewed for this report also has plans for Hyper-V or Xen product development. Making like Switzerland between VMware and Microsoft is a rational move, a reality backed up by our survey of 423 business technology professionals. VMware is still the dominant player in server virtualization, with 56% of installations, most of them Infrastructure 3/ESX. But our poll reflects the growing influence of Microsoft: 24% of respondents listed either Hyper-V or Virtual Server 2005 as their primary server virtualization platform.

This is far from typical estimates of 70% to 80% VMware ownership of the server virtualization landscape. An outlier? Perhaps. We expected Hyper-V to make a mark, but we must admit to being surprised by these results.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Google in the Enterprise Survey
Google in the Enterprise Survey
There's no doubt Google has made headway into businesses: Just 28 percent discourage or ban use of its productivity ­products, and 69 percent cite Google Apps' good or excellent ­mobility. But progress could still stall: 59 percent of nonusers ­distrust the security of Google's cloud. Its data privacy is an open question, and 37 percent worry about integration.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.