tag:blogger.com,1999:blog-4088979.post1283477963795520499..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Recycling Security TechnologyRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-4088979.post-33631633727675797352008-06-08T11:08:00.000-04:002008-06-08T11:08:00.000-04:00Rich, just a couple of points:1) Most of the start...Rich, just a couple of points:<BR/><BR/>1) Most of the start-up's you're seeing entering this space in the form of virtual appliances are gap fillers because VMsafe was not available (and isn't yet released in production form via a VMware release)<BR/><BR/>It's somewhat of a level playing field now (only to be leveled again) as everyone is constrained by the limits of the virtual networking configuration.<BR/><BR/>2) If you look at the players who have signed up to develop against the API, a majority of them *are* the big players, so you're right about the "traditional" players flexing their muscles...soon.<BR/><BR/>3) VMsafe does a little more than simply add "packet inspection" to the platform. Although the hooks are a little coarse on the first release, VMsafe provides some very interesting capabilities that trigger on memory, disk, I/O and network...<BR/><BR/>Unfortunately, VMsafe also only allows redirection of traffic for inspection/disposition to a VA/VM within the ESX server, so you can't send traffic out externally to a dedicated appliance which leads to:<BR/><BR/>4) The traditional and startups in this space are going to run into some nasty scaling and resiliency issues as they try to scale their products as a virtual appliance within the same host competing to service resource requests for production VM's...we have a hard-enough time getting good scaling and performance from dedicated appliances.<BR/><BR/>This is actually one of the topics of my Blackhat preso. this year. You can get a taste for what I mean here:<BR/><BR/>http://rationalsecurity.typepad.com/blog/2008/04/the-four-horsem.html<BR/><BR/>Great post.<BR/><BR/>/HoffChristofer Hoffhttps://www.blogger.com/profile/06755101021610973483noreply@blogger.com