As security controls are virtualized (e.g. firewalls, IPS, web application firewalls and so on), one of the more significant concerns is performance and throughput. II remember a demonstration about a year ago where an IPS running in a VM virtual appliance easily consumed 2 out of 8 cores in a multicore system. A 25% overhead for security controls didn’t make sense. That was then. Hardware advances continue. Within the next year, 64 core systems will be common. Now 2 out of 64 cores is a different story. 3% overhead? That I’ll take.

VMWare's VMsafe program is bringing more security options to the world of server virtualization.

There are a number of gotchas that can occur if you don't set up vShield Zones correctly, but you can avoid them with these pointers.

Did you think VMware and the Cloud could help you meet your Data Center Security certifications? Well they can.I have been reading through the ISO 27001 / ISO 27002 standards on data security. [..]

Is VMsafe the same as vShield?I have been getting this question a bit since my last post on VMware vShield Zones . It is a question that people really should be asking because there is confusion between the two technologies that needs to be cleared up.vShield Zones is a product that is released and uses the existing network switching techniques in vSwitches to intercept, monitor and control Layer 2/3 networking traffic. It only does networking. It happens to be part of vSphere licensing wise and it was released after vSphere was released.

ESX service console not impacted by OpenSSL security vulnerabilities with CVE-2009-0590, CVE-2009-0591, and CVE-2009-0789 identifiers (1010917) ESX Service Console is not impacted by the following security vulnerabilities in OpenSSL: · CVE-2009-0590...

VMware and EMC's RSA Security Division Accelerate Deployment of Information-Centric Security for the Virtual Data Center

In today's news in brief, Reflex Systems' new vTrust is an early example of a security product based on VMware's new VMsafe application programming interface.

Two years ago VMware announced their intention to develop and release a set of capabilities which would provide a more resilient and secure hypervisor while also extending a set of API’s to a limited number of vetted third-party security ISV’s. These APIs were designed to regain visibility and add capabilities such as virtual introspection across compute, network and storage realms in order to solve some really difficult issues that I’ve spoken about extensively in my Four Horsemen of the Virtualization Security Apocalypse talks.

VMware and RSA announced a strategic plan to embed RSA's data-loss prevention (DLP) and encryption technologies into VMware's new vSphere 4, virtualization software for the data center.