McAfee and Citrix will work together to develop hypervisor-native detection capabilities into Citrix XenClient and Citrix XenServer. McAfee, in turn, will offer its Management of Optimized Virtual Environments (MOVE) platform, an open platform that provides security to virtualized environments. McAfee's MOVE platform will take advantage of these enhanced hypervisor-native capabilities, making it easier to provide security by performing runtime checks on the integrity of each virtual machine.
At the same time, McAfee is also working on its ePolicy Orchestrator platform, which will provide the user interface needed to configure and manage products developed on the MOVE platform. The collaboration will enable the Xen ecosystem, including Xen-based clouds, to offer endpoint security services as a native property of the virtual infrastructure.
The MOVE platform is expected to increase the security options for those investing in virtualization for the datacenter, applications, or desktops. McAfee believes this new platform will accelerate delivery of security solutions by filling the holes that aren't being addressed today. For McAfee and partners, MOVE will ensure that the solutions are optimized for performance within virtual deployments, that the programming interface is sound and secure by being thoroughly tested and verified, and that the platform allows a common path to develop to all of the major virtualization vendors.
Thinking about all of this, one question pops into my head: When it gets right down to it, how does this announcement address virtualization security challenges differently than VMware's VMsafe announcement made back in February 2008 during VMworld Europe? Wasn't VMware exposing an API to third-party companies to provide for security? And wasn't McAfee signed up as a VMsafe partner?
McAfee's Worely said that unlike the VMware VMsafe solution, the Citrix/McAfee platform will be open and hypervisor-agnostic. She said the platform is being designed to secure XenDesktop deployments on the three leading hypervisors: Citrix XenServer, Microsoft Hyper-V, and VMware ESX. McAfee is doing this in part because their customers have told them they plan to have heterogeneous environments when it comes to hypervisors, and they would like McAfee to offer the same solution that works in a mixed environment. VMsafe, on the other hand, works with VMware ESX or vSphere environments only.
Simon Crosby, CTO of the Data Center and Cloud Division at Citrix, said that VMware's VMsafe 1.0 initiative has yet to deliver any substantially new solutions in the area of security. VMsafe 1.0 offers APIs that allow "helper" virtual appliances to gain access to network packets traversing the virtual switch, block I/O traffic to/from storage, and guest virtual machine memory. But Crosby doesn't believe that VMsafe or any other initiative currently out there addresses the key challenges in virtualized security, which are the following:
- An optimized virtual infrastructure security service that is hypervisor-independent
- A hypervisor-native detection service that enables a quantum leap forward in secure virtualization, expressed via an open API to third-party detection and remediation tools such as McAfee's