VMsafe FAQs

VMware

VMware VMsafe™ is a new security technology for virtualized environments that can help to protect your virtual infrastructure in ways previously not possible with physical machines. VMsafe provides a unique capability for virtualized environments through an application program interface (API)-sharing program that enables select partners to develop security products for VMware environments. The result is an open approach to security that provides customers with the most secure platform on which they can virtualize their business-critical applications.

What is VMsafe?

VMsafe is a new program that leverages the properties of VMware vSphere to protect machines in ways previously not possible with physical machines. VMsafe provides a new security architecture for virtualized environments and an application program interface (API)-sharing program to enable partners to develop security products for virtualized environments.

The VMsafe Security Architecture provides an open approach that gives security vendors the ability to leverage the inherent properties of virtualization in their security offerings. Customers running their businesses on VMware vSphere will be assured that they are getting the best protection available – even better than what they have on physical infrastructure.

VMsafe adds a new layer of defense that complements existing physical security solutions such as network and host protection, shielding virtual machines from a variety of network, host and applications threats. This additional layer of protection can help enterprise organizations to dramatically increase the security posture of their IT environments.

How does VMsafe work?

VMsafe utilizes the unique properties of VMware vSphere, the rich platform that has enabled ground-breaking functionality such as VMware VMotion™ and VMware Distributed Resource Scheduler (DRS), to provide a clearer view of data center security than is possible with physical systems.

VMware vSphere inserts a thin layer of software directly on server hardware to create virtual machines. It contains a virtual machine monitor or “hypervisor” that allocates hardware resources dynamically and transparently to run multiple systems concurrently. VMsafe enables third-party security products to gain the same visibility as the hypervisor into the operation of a virtual machine to identify and eliminate malware, such as viruses, trojans and key-loggers. For instance, security vendors can leverage VMsafe to detect and eliminate malware that is undetectable on physical machines. This advanced protection is achieved through fine-grained visibility into the virtual hardware resources of memory, CPU, disk and I/O systems of the virtual machine that can be used to monitor every aspect of the execution of the system and stop malware before it can execute on a machine to steal data.

How do I install/activate VMsafe protection?

VMsafe is a capability inherent within VMware vSphere and specifically within VMware ESX. Once utilized and integrated with security partner solutions, customers need only purchase integrated solutions that will be available from partners. Solutions that integrate with VMsafe will be installed as virtual machines.

When Will VMsafe be available?

VMsafe technology will be delivered in future versions of VMware vSphere products, as well as in products by security vendors that are built, using APIs, specifically for the VMware environment.

What does VMsafe protect?

VMsafe enables partners to build a virtualization-aware security solution in the form of a security virtual machine that can access, correlate and modify information based on the following virtual hardware:

Memory and CPU: VMsafe provides introspection of guest VM memory pages and cpu states.
Networking: Network packet-filtering for both in-hypervisor and within a Security VM.
Process execution (guest handling): in-guest, in-process APIs that enable complete monitoring and control of process execution.
Storage: Virtual machine disk files (VMDK) can be mounted, manipulated and modified as they persist on storage devices.

What are the benefits of solutions that integrate with VMsafe?

Better Security—Memory, CPU, and guest-handling provide new monitoring capabilities and have no equivalent in physical infrastructure. VMsafe solutions using these capabilities will protect organizations from new security threats more easily, preventing malware from ever infecting a virtual machine.
Better enforcement across the infrastructure—security solutions that integrate with VMsafe can be deployed easily and consistently across the infrastructure to achieve greater visibility, manageability, and enforcement of standard security policies.
Better isolation—one of the major issues with in-guest security solutions today is that these solutions run at the same privilege level as the malware they are protecting against. The VMsafe approach isolates the security engines so they are not accessible to the malware, guaranteeing that the security solution as a whole is protected and isolated.
Better correlation—security solutions today have very limited correlation between various approaches, such as network behavior analysis and host intrusion protection. Network security appliances today lack in-guest information, such as operating system utilization and application version, patch or current activity. Using VMsafe, security solutions can obtain deeper visibility into the virtual machines and correlate this information for greater accuracy and performance of network scanners. VMsafe provides the capability to understand in-guest context much like a Host Intrusion Prevention System (HIPS). In addition, virtualization-aware security solutions will be able to protect virtual machines even when they are in motion, suspended or offline.
Better scalability—With integrated security solutions for VMsafe, customers can provision security virtual appliances as they grow their infrastructure. This also means that during peak times or attacks, SLAs can be enforced simply by enabling hardware resource scheduling to ensure critical workloads continue running.

What is the VMsafe Partner Program?

The VMsafe technology program for partners includes sharing an open, interoperable and cross-platform set of technologies with partners so they can provide innovative security solutions for VMware vSphere customers. Security solutions built for VMsafe will provide customers better security, granularity, visibility, correlation and scalability in virtual machine deployments.

Technical Resource Center > Topics > Security > VMsafe Technology

VMware

Virtualize
Understanding Virtualization

Virtualization Basics

Why Virtualize?

The Virtual Infrastructure

Virtual Machines

History of Virtualization

Why Choose VMware

Greater Efficiency, Control and Flexibility
Cost Savings

Overview

Capex & Opex Savings

Reduce Server Costs

Energy Efficiency

Increase Energy Efficiency

Lower Desktop Energy Consumption

Green Grid
Customer Case Studies

See how companies worldwide benefit from VMware virtualization.

View All Case Studies
Solutions
Datacenter

Datacenter Virtualization Solutions

Server Consolidation

Virtualization Management

Business Continuity

Remote and Branch Office

Desktop

Desktop Virtualization Solutions

Desktops as a Managed Service

Windows 7 Migration

Remote & Branch Offices

Cloud

Cloud Services Overview

Cloud Computing

Dev/Test

Dev / Test Virtualization Solutions
Enterprise Applications

Virtualizing Enterprise Applications

Exchange

Oracle

SAP

By Company Size

Individual

Small and Medium Business

Enterprise

By Industry

Education

Government

Healthcare

Hosting Providers

Partner

Partner Solutions & Virtualization

Global Alliances
Customer Case Studies

See how companies worldwide are benefiting from VMware virtualization solutions.

View All Case Studies
Products
Datacenter Platform

VMware vSphere 4

VMware Server

VMware ESXi

Desktop Products

VMware View 4

VMware ThinApp

VMware ACE

VMware Workstation

VMware Player

Mac Products

VMware Fusion

Cloud Services

VMware vCloud

VMware vCloud Express
Management Products

VMware vCenter Product Family

VMware vCenter Server

VMware vCenter Server Heartbeat

VMware vCenter Orchestrator

VMware vCenter Site Recovery Manager

VMware vCenter Lab Manager

VMware vCenter Lifecycle Manager

VMware vCenter Converter

VMware vCenter Chargeback

VMware vCenter ConfigControl

VMware vCenter CapacityIQ

VMware vCenter AppSpeed
Product Categories

VMware offers a range of products for a range of different audiences.

Datacenter & Server Products
Desktop Products
SMB Products
Dev / Test Products
Services
Consulting Service Catalogue

By Product

By Solution

Full Service Offerings

Certification

Get Certified

Certification FAQs
Education Services

Find a Class

Delivery Options

Education FAQs

TAM Program

Technical Account Managers
Support & Downloads
Product Support Centers

All Support Centers

VMware vSphere 4

VMware Infrastructure 3 (VI3)

VMware ESXi

VMware Fusion

VMware Workstation

VMware View

VMware Server

Product Downloads

All Downloads

VMware vSphere 4

VMware Fusion

VMware Workstation

VMware Player

VMware Server

VMware View

VMware Infrastructure 3 (VI3)
Top Support Resources

Documentation

Knowledge Base

Communities

Compatibility Guides

Technical Papers

Licensing Help

Security Center

Support Policies

Support Help Guides

Account Resources

Account Login

File a Service Request

View Filed Service Requests

Manage Product Licenses

Manage Support Contracts

View Orders

Register Products
Free Product Evaluations

Evaluate fully-functional VMware products to see how you can optimize and manage your IT infrastructure.

Start your free evaluation now
Partners
Become a Partner

Partner Programs Overview

Ten Reasons to Partner with VMware

Channel Programs

Service Provider

Solution Provider

System Builder

Technology Provider

System Integrator & Outsourcer

Corporate Reseller

Authorized Training Centers

Alliance Programs

Technology Alliance Partner

VMware Ready

Hardware Certification

Community Source

ISV Center
Already a Partner?

Solution Competencies

Get VMware Ready

Partner Central

For Customers

Find a Partner

Browse Partner Products

ISV Support Request

Partner Solutions

Education Programs

VMware IT Academy

VMware Academic Program
Partner News

Stay current on the Global Channel News: Solutions, Events, and more.

View Blog
Subscribe via RSS
Company
News

News Releases

Articles in the News

Awards

Events

Industry Events

Local Seminars

Webcasts

Podcasts
About VMware

Leadership

Jobs@ VMware

Contact Us

Office Locations

Our Customers

Company Merchandise

Investors and Media

Investor Relations

Media Resource Center

VMware Briefing Center
Customer Case Studies

See how companies worldwide benefit from VMware Virtualization

View all Case Studies

VMware VMsafe Security Technology

Enable Strong Security for Virtualized Environments

What is VMsafe?

How does VMsafe work?

How do I install/activate VMsafe protection?

When Will VMsafe be available?

What does VMsafe protect?

What are the benefits of solutions that integrate with VMsafe?

What is the VMsafe Partner Program?

Security Center

Security Blog

Understanding Virtualization

Why Choose VMware

Cost Savings

Energy Efficiency

Customer Case Studies

Datacenter

Desktop

Cloud

Dev/Test

Enterprise Applications

By Company Size

By Industry

Partner

Customer Case Studies

Datacenter Platform

Desktop Products

Mac Products

Cloud Services

Management Products

Product Categories

Consulting Service Catalogue

Certification

Education Services

TAM Program

Product Support Centers

Product Downloads

Top Support Resources

Account Resources

Free Product Evaluations

Become a Partner

Channel Programs

Alliance Programs

Already a Partner?

For Customers

Education Programs

Partner News

News

Events

About VMware

Investors and Media

Customer Case Studies

Technical Resource Center

Technical Resources

How To Get It

Get Support

Other Links