VMware Acquires BlueLane: Further Differentiation Through Security
From Virtualization.com comes the news that VMware has acquired BlueLane Technologies
BlueLane is the maker of solutions that protect both physical and logical infrastructure which includes ServerShield and VirtualShield. The company has of late focused wisely on
the latter which provides application-aware firewalling, inter-VM flow visibility and analytics, application policy control, and intrusion prevention capabilities.
Coupled with the introspection capabilities provided by VMware's vNetwork/VMsafe API's natively, the integration of BlueLane's solution sets will add to the basal capabilities of the platform itself and will allow customers the flexibility to construct more secure virtualized operating environments.
The notion of enabling in-line patch-proxying as well as the "IPS-like" in-line vulnerability mitigation capabilities for VM's and additional VMM protection make this very interesting indeed. You can read more about BlueLane's approach on their website. I also interviewed Allwyn Sequeira on my blog.
VMware's acquisition of Blue Lane comes as no surprise as it became clear to me that in order to continue to strengthen the underlying platform of the hypervisor itself, I wrote earlier this month prior to rumors of Blue Lane's acquisition by other bloggers that as part of a successful differentiation strategy:
heretical given the delicate balance most "platform" providers keep with their ecosystem
partners, but VMware have already shown that they are ready to buy as well as build and
ally with prior acquisitions and security will continue to be a key differentiator for them.
They've done it once already with Determina, they'll do it again.
Of course, I actually talked about it a year ago when Determina was acquired…
I think it's actually an excellent move as it continues on the path of not only helping to ensure that the underlying virtualization platform is more secure, but the elements that ride atop on it are equally "security enabled" also.
This point was at the heart of my debate with Simon Crosby, Citrix Systems' CTO (see here and here);
focusing solely on VMM resilience and leaving the ISVs to sort out security was a bad idea. It leads to more siloes, less integration, more complexity and overall a less secure environment.
We need a unified secure ecosystem to start with instead of worrying about securing the ecosystem's products.
Form a business perspective it takes a mixture of resolve, market dominance, and confidence to cannibalize a section of your ecosystem, but it's the right thing to do in this case in order to offset competitive forces and help customers solve some really nasty issues.
I made mention of this point with emerging security ISV's at Vmworld, and was asked several times whether I really thought VMware would do this. The odd question that inevitably came next was "were does that leave security ISV's like us?" You can guess my answer. Honestly, I'm sure most of them were hoping to be bought for the same reason.
So, will this cause a run on alignment to support Hyper-V over VMware? I don't think so. ISV's who were hinging their hopes for success solely on VMware understand this risk. Microsoft has no API facility like vNetwork/VMsafe, so the options for reasonable and rational installation of their products are limited. Citrix is in the same boat.
This is the reason my next set of VirtSec presentations will focus on Hyper-V.
On a side note, I was one of Blue Lane's first customers for their patch proxy product and have been an ardent supporter of their approach for many years, despite taking quite a bit of crap for it from purists and pundits who had difficulty rectifying the approach in comparison to traditional IPS'.
This is a good thing for VMware, VMware's customers and Blue Lane. Congratulations to the BlueLane team.
Recent Comments