Deployment of products that transform physical servers into “virtual machines” has resulted in nothing short of a data center revolution. But virtualization of everything from operating systems to applications increasingly has critics asking: Where’s the security?

“Traffic is going from virtual machine to virtual machine,” points out Neil MacDonald, vice president of research firm Gartner. “Where's the monitoring, the intrusion-detection and protection?”

MacDonald says that only a handful of security vendors — Blue Lane Technologies, Reflex Security and StillSecure among them — have adapted the capabilities of their appliances to work as software-based shields in virtualization software from vendors that include VMware, XenSource and Virtual Iron.

The traditional security industry has been largely oblivious to the radical changes wrought by virtualization, which is fast moving from development to production environments, says Andreas Antonopoulos, senior vice president and founding partner at Nemertes Research.

"We’re at a crossroads,” he says. “We will either end up messing up the virtualization market because of the security failure or revitalizing the security market for the future.”

In a paper he recently published titled "Secured Virtualized Infrastructure: From Static Security to Virtual Shields,” Antonopoulos notes: “Virtualized servers need to be protected from the outside world, but they also need to be protected from each other.

“If a single server in the pool is infected with a rapidly propagating threat, then it will be able to cross-infect all other servers that contain the same exposed vulnerability.”