The software runs on the same machine hosting the virtualization software, between the hypervisor and the virtual machine, Check Point says.
[ Read related story on VMware's new low-footprint ESX hypervisor. ]
In addition to protecting virtual servers from each other the software can perform network address translation between the virtual servers and the external network, obscuring their actual IP addresses from the outside, the company says.
VPN-1 Virtual Edition contains all the features of the conventional VPN-1 including unified threat management, so it can extend more than just VPN and firewalling to the virtual machines. (Compare UTM products.)
Check Point suggests that businesses might install VPN-1VE on a single hardware server along with e-mail and Web servers to create a device to support remote offices, rather than resort to multiple servers and security appliances.
The software can be managed centrally via Check Point's SmartCenter platform.
The current version of VPN-1 Virtual Edition is focused on protecting virtual machines, but as more VMware APIs are made available, Check Point says it plans to write a version that will also protect the hypervisor itself.
Licenses for VPN-1 VE cost the same as for the traditional VPN-1. A package of licenses to protect five virtual machines costs $7,500. Customers with spare VPN-1 licenses can apply them to VPN-1 VE, the company says. The new software is available for download from Check Point's Web site.
Network World is an InfoWorld affiliate.
This story, "Check Point goes virtual with VPN-1" was originally published by Network World.