VMware's acquisition of Determina, a
supplier of vulnerability protection software, could
improvevirtualisation security, analyst firm
Gartner has predicted.
Gartner identified two technologies from Determina that could
boost VMware's built-in security.
The first, the Determina Memory Firewall, is designed to protect
an operating system and applications against unauthorised memory
and program control-flow manipulation. It will protect against
attacks such as heap and stack overflows, buffer overflows, and
similar techniques used by hackers.
The second feature is on-the-fly patching, which is the
foundation of the Determina Liveshield product.
"We believe VMware will use both capabilities of Determina,"
said Gartner vice-president Neil Macdonald.
"By potentially integrating Memory Firewall into VMware ESX
hypervisor, the hypervisor itself can provide an additional level
of protection against intrusions."
Macdonald expected VMware to use Liveshield capabilities so that
its ESX hypervisor could be used "introspectively" to shield the
hypervisor and guest operating systems from attacks on known
vulnerabilities in situations where these have not yet been
patched.
Gartner predicted that these capabilities would be included at
no cost in one or more future versions of VMware products,
including the ESX hypervisor.
A potential downside of the deal, according to Gartner, was the
possibility that VMware could drop support for Determina's
standalone products.