Earlier this year I wrote about the impact of virtualisation on static security solutions. I observed that virtualisation introduces new potentials for flexibility and change over and beyond anything the world of network security has ever seen. Unfortunately for a host of large security vendors, most of the typical devices being used to protect physical data centers require a certain level of stability (or inflexibility) in order to promise proper protection.
In the physical data center (the old world) installing a new server or moving it around is a physical exercise often involving permissions, communication and/or cooperation between teams so that the network and security practices can be properly adjusted. From a security standpoint, many types of network security appliances and monitoring tools need to know what they're protecting and where it is to be effective. Some systems even require ongoing manual tuning to adjust for change for proper functionality.
While these processes are critical, they do restrict an organization's responsiveness when it comes to information technology. The ability to adapt to change, therefore, is often impeded by policies and procedures meant to ensure order and security. Inflexibility makes enterprises less nimble, more wasteful and most importantly, slower to react to changing markets, operating environments or seizing strategic opportunities.
Virtualisation, however, enables a powerful and unprecedented level of flexibility. Servers can be created and moved at the click of a mouse from one host to another. Versions of applications and operating systems can be saved for later use, taken off line or even be re-created, with little relative effort. Yet that potential for change further erodes the value proposition of a perimeter already crumbling under the stress of hard to identify, mutating attacks.
That is why VMware's recent and highly successful IPO despite a weak overall stock market is a high profile sign that the investment community has already moved on from buying into the dying status quo of static data centers and the requisite ASIC-driven appliance ecosystem of obsolete security devices. The day after VMW trades more than 30 million shares on its first day out, tech-savvy Citrix acquires XenSource (a competitive virtualisation platform) for $500 million. These two events are a one-two punch in the midsection of an assortment of fixed infrastructure that has been caught flat-footed by innovation on the outside and inside of the data center.
VMware has been called the hottest IPO since Google, and for good reason. Like Google, VMware is a game changer for a sizable industry surviving more on laurels than true innovation. Without VMware, data center security was destined to become a war between outdated, well manicured bureaucracies of experts fighting trench warfare with custom chip sets and complexity against ever-growing populations of entrepreneurial hacktivists using sophisticated software and tools for attack. With VMware, the virtualisation of the data center moves from theoretical to pragmatic.
Virtualisation ushers in dramatic new potential for security enforcement around the hypervisor, and new players capable of handling the level of change are already emerging in the VMware partner community. That is good news for data center pros and bad news for incumbent security vendors stuck with putting their customers on steeper tuning and event monitoring treadmills.
VMware's IPO symbolizes for the data center what Microsoft's IPO symbolized for the PC: an entirely new and more efficient way to manipulate electrons for maximum user impact. As virtualisation becomes strategic to the data center, security becomes strategic to virtualisation; unprecedented flexibility in the data center will require new approaches to security which will ride the wave and reinforce virtualisation. This kind of Yin/Yang tension between change and security promises to establish a new order of software appliances that run on standard hardware and are more accurate and easier to manage than their predecessors.
Simply imagine a dashboard of virtual machines that can be created, moved, saved (and even re-created) on demand... not unlike the first PC programs that replaced typewriters, financial ledgers and even fax machines.
The success of the VMware IPO and the subsequent XenSource acquisition is a harbinger of big changes which lay ahead. An old guard entrenched in dogma by billions in success is about to get replaced yet again by faster, nimble and more visionary players; and data center pros will be more productive as a result, data centers more secure. It appears that Wall Street agrees and has just voted for the promise of change. The question is: which vendors truly get the impact of what we are witnessing? Time will tell.
Ness is vice president of marketing for Blue Lane Technologies. He's been a marketing executive at Juniper Networks, Redline Networks, IntruVert Networks and ShoreTel.