Simon Crosby, the godfather of Xen, on virtualization, security and wimpy private clouds

As startup Bromium nears the end of stealth mode, its founder describes the security benefits of virtualization

1 2 Page 2
Page 2 of 2

I think many of the excuses for building private clouds are wimpy, too. People want to build private clouds because they don't want to lose control. By the way, there's always a good reason for not wanting to lose control. One of them is, it's my job. The other one is the regulatory frameworks within which we work today really are articulated in terms of technologies that were cool 20 years ago. And you can't really state anything to a regulator in terms of the data if you can't find the hard disk. So how is the guy supposed to allow the data out of the data center? People will continue to build private clouds, spend a bunch of money on servers they don't need when it would be much better to use some shared resources that providers could do for you and do it at much better cost we'll simply be on to an opex based equation instead of a capex dominated. They could do it in a heartbeat if we could actually secure the regulatory frameworks for it and if we could just get the vendors to do the obvious things in terms of adopting security technologies.

Does Bromium address this broad range of problems?

Bromium is 25 engineers. That's all we are, so the answer obviously is no. We don't have a product out and we won't for a little while, but we're going to take on a piece of it.

When are you going to announce what you're up to?

I think we're on early in the new year. We're in the stage where we're sending systems to potential early customers for them to kick around and give us feedback on.

Which of these problems will you address?

Bromium does nothing about finding bad guys and we never will. We know nothing about forensics or how attacks are evolving. That's not our core competency. I think the only thing we would claim is that we're pretty good at doing virtualization stuff and virtualization can be used to build more trustworthy systems if you can figure out how to execute different domains of trust in the appropriate context so it becomes a technology which can make a system more trustworthy. But we will never be competent at finding the bad guys.

Virtualization through isolation of diverse execution paths can isolate. So if you think about what XenClient does you have a corporate desktop and you have a personal desktop. Stuff that I do on my personal desktop which is connected to the big Internet is not going to touch my corporate desktop. So there you have isolation at a granularity of my corporate identity and my personal identity. That improves security because none of my personal stuff hits my corporate desktop. Does it address all of the challenges? No. But it addresses some, and the ones that it does it addresses pretty well. The key point I'm trying to make is that virtualization technology in general through isolation provides you a different context in which to execute code of different trust levels. By way of example, the McAfee-Intel DeepSAFE technology provides McAfee a new privileged point of execution outside of Windows. They can do all sorts of cool stuff. So that becomes the most trusted code in the system. It's more trusted than anything on the desktop and so it can always have the privilege of inspection and introspection.

So does the McAfee effort fall within Bromium's model of what ought to be happening?

It's the first solely security use case of virtualization technology of which I am aware. I think there will be more.

Including yours?

Sure.

How big an investment in cost and commitment will Bromium's product be for corporate customers?

We haven't said a word about that, and I can't go there. I think it's fair to say that the adoption of virtualization technology -- let's take desktop virtualization and use that as an example. One of the barriers to its adoption is it requires substantial investment in new technology -- server-side stuff, storage, network, and a whole bunch of things. That has an impact on the practice of IT because now the guy who used to manage desktop devices is now managing server-side hypervisors and virtual desktops, and it's a fairly substantial challenge and I think that's a problem.

Do you see a way around it?

Yes.

Is that something Bromium addresses that you can't talk about?

Right. I can't talk about it.

Do you ultimately see these problems being overcome and clouds becoming the trustworthy place you think it ought to be?

A: Yes, I do. I absolutely do. Look, if we don't I think it's fair to say there is no enterprise that will not be compromised. Every single record that we own in the enterprise space [will be at risk of] being available to somebody else. It is extraordinarily scary and there are bad things going on out there so we have to solve these problems, and the way to solve them is through better system design. Every vendor has a stake in this. The security guys do a much better job of finding the bad guys. The desktop virtualization folks are going about delivering more trustworthy systems. Most of that comes about by centralization but by courtesy of virtualization that's a property you get of always being able to revert to a good golden image. All that is good, but if I click on a bad PDF an attacker could still get on my virtual desktop and steal all the data. The DLP guys are trying to get tighter and tighter controls in terms of policy they hook into about where you can and cannot go. The problem with DLP is it doesn't actually get the opportunity to get between executing code and what happens. So it's mostly logging what happened rather than preventing that.

Will Bromium's product eliminate the need for any traditional security products?

In security it turns out people want to know that they're secure. Just telling them they have a better system isn't good enough. They always want to know if there was a compromise or if somebody tried to attack them and how they tried to attack them and how they tried to attack them. So the business of finding the bad guys on the fly or post hoc is always going to be required. The ability to describe policies around how enterprise apps should be managed in practice on the fly is going to be required. I don't see that going away; I can see changing them.

Learn more about this topic

Startup Bromium takes aim at cloud security 

5 cloud security companies to watch 

Xen Developers Conference Showcases the Future of the Virtualization and the Cloud

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2011 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
IT Salary Survey: The results are in