Virtual Security: The New Security Tool?

n 1996, I found a tiny package floating around the Internet called VMware. I booted up my Linux laptop and proceeded to install this little animal. Within minutes I started the application and booted my first virtual PC. Compelled to investigate further, I decided to load Windows 95, completely convinced that it would fail miserably — Win95 on Linux, are you kidding me? To my surprise, I was browsing the Web using IE, in Windows 95 from a virtual PC running on Linux in just a few hours. Little did I know at the time that virtualization would make the huge rebirth that it has today. Rebirth seems like the appropriate word. Anyone familiar with IBM and Tandem, to name a couple, are familiar with virtualized computing. But these solutions fell victim to the distributed computer resource model emerging in the late 1980s and in full bloom in the mid-1990s. By the time I was introduced to VMware it seemed almost out of place and time, an oxymoron with seemingly little value when piles of servers were the answer and technology was the key business enabler. But today it's not about the technology — it's about services — IT and security services mapped to business drivers, making technology transparent to the mission. It is within this framework and IT business management evolution that vir-tualization was reincarnated. My first Internet page hadn't finished loading in my Win95/Linux system when the thought of security chilled my spine. At that time I was enamored by trusted operating systems (TOS). The thought of compart-m e n t a l i z a t i o n f r o m t h e N I C t o t h e applications, and everything in between, was, for me, security nirvana. I was an Argus PitBull, Solaris TOS, and HP Virtual Vault bigot; I was convinced TOS was the future. Now with virtualization, compart-mentalization was holistic, fully encompassing my environment, an environment I could manipulate, adjust, specialize, and distribute seamlessly. My TOS convictions began to waver. Today, virtualization has many solutions. VMware, now part of EMC, is locking horns with Microsoft. With virtualization part of Longhorn, it is clear that giants are making big bets, and so are some of their customers. Virtualization appears to many executives as the ultimate money press, squeezing every last cycle from the pools of vast underutilized resources. All …