Virtualization introduces new potentials for flexibility and change over and beyond anything the world of network security has ever seen. Unfortunately for a host of large security vendors, most of the typical devices being used to protect physical data centers require a certain level of stability (or inflexibility) in order to promise proper protection.
In the physical data center (the old world) installing a new server or moving it around is a physical exercise often involving permissions, communication and/or cooperation between teams so that the network and security practices can be properly adjusted. From a security standpoint, many types of network security appliances and monitoring tools need to know what they're protecting and where it is to be effective. Some systems even require ongoing manual tuning to adjust for change for proper functionality.
While these processes are critical, they do restrict an organization's responsiveness when it comes to information technology. The ability to adapt to change, therefore, is often impeded by policies and procedures meant to ensure order and security. Inflexibility makes enterprises less nimble, more wasteful and most importantly, slower to react to changing markets, operating environments or seizing strategic opportunities.
Virtualization, however, enables a powerful and unprecedented level of flexibility. Servers can be created and moved at the click of a mouse from one host to another. Versions of applications and operating systems can be saved for later use, taken off line or even be re-created, with little relative effort. Yet that potential for change further erodes the value proposition of a perimeter already crumbling under the stress of hard to identify, mutating attacks.
That is why VMware's recent and highly successful IPO despite a weak overall stock market is a high profile sign that the investment community has already moved on from buying into the dying status quo of static data centers and the requisite ASIC-driven appliance ecosystem of obsolete security devices. The day after VMW trades more than 30 million shares on its first day out, tech-savvy Citrix acquires XenSource (a competitive virtualization platform) for US$500 million. These two events are a one-two punch in the midsection of an assortment of fixed infrastructure that has been caught flat-footed by innovation on the outside and inside of the data center.
VMware has been called the hottest IPO since Google, and for good reason. Like Google, VMware is a game changer for a sizable industry surviving more on laurels than true innovation. Without VMware, data center security was destined to become a war between outdated, well manicured bureaucracies of experts fighting trench warfare with custom chip sets and complexity against ever-growing populations of entrepreneurial hacktivists using sophisticated software and tools for attack. With VMware, the virtualization of the data center moves from theoretical to pragmatic.
Virtualization ushers in dramatic new potential for security enforcement around the hypervisor, and new players capable of handling the level of change are already emerging in the VMware partner community. That is good news for data center pros and bad news for incumbent security vendors stuck with putting their customers on steeper tuning and event monitoring treadmills.