Recently, I encountered a few "not so wonderful" moments while surfing the Web. Luckily for me, I use a virtual machine to do my Web browsing, but the misfortune reminded me of a technology that I recently saw which is currently being worked on in the Symantec Research Labs. The R&D effort is called Symantec Vibes, which stands for Virtualization-Based Endpoint Security Solution.
[ Find out more about application and desktop virtualization under the hood from the InfoWorld Test Center | Track the latest trends in virtualization in InfoWorld's Virtualization Report blog and newsletter ]
We know that Symantec has been keeping an eye on malicious attacks coming from viruses, spyware, and trojans for many, many years now. And these security threats continue to grow at a rapid pace. Symantec said that threats are up 600% and that new threats are becoming very targeted. And with most of us on the Internet these days, threat delivery is that much easier.
During one of the recent Symantec tradeshows, I was able to get a sneak peak into some of Symantec's R&D lab efforts. Something new that I had learned was that Symantec invests nearly 15% of its annual global revenue on research and development, and they have teams of engineers across the globe who are focused on pure research in order to come up with the next big thing for the company. Virtualization is important to the company, and Symantec is quickly becoming a key player in this market after having made a few key acquisitions. The company has been putting the pieces together to beef up their endpoint virtualization story, and their R&D team is looking to make new things happen with virtualization technology as well.
And this brings me back to Vibes. Symantec's R&D engineers are working on a new virtual machine technology that is focused on protecting users from online attacks while surfing the Web. It works under the concept of setting up multiple virtual machines on a user's physical machine. And then, it enables a user to perform operations of different security levels and different scenario based transactions in each of the different virtual machines. The Vibes prototype puts a new spin on things to significantly improve browser security.
The technology challenge here is to have the software perform these operations by automatically recognizing the security level of individual operations, and then to seamlessly switch between different virtual machines in a way that is transparent to the user and to the Web site. In this way, even if there is a malicious attack, the user's machine is spared and the user's sensitive information is protected.
Sounds great, right? So how does it work? Vibes has three operating modes. First, the Playground. This mode is used for executing suspicious active content. Perhaps you've stumbled onto an unknown site that has an attachment, but you aren't sure about its safety. Better to be safe than sorry. Next, the User mode. This is used for carrying out day-to-day activities. And finally, the Trusted mode. Trusted mode is launched when a user enters in sensitive information. As an example, if a user is on a shopping Web site and is about to enter in credit card information, it would detect the SSL protocol and seamlessly switch over to a more secure virtual execution environment to carry out the transaction.
And again, it is the intelligence of the Vibes environment that automatically switches between each mode as it is needed (based on its security level recognition), without requiring the user to do or notice anything.
Vibes is independent of guest operating system (Linux or Windows) and hypervisor (VMware, Xen, or Hyper-V). But Vibes is still just a prototype architecture, not yet a product. Hopefully that changes soon enough. When I'm surfing the Web, I just want to enjoy it and not worry about every little thing becoming a security hole in my environment. Come on Symantec R&D engineers, let's see this thing get to market!