VMware, Citrix and Microsoft: Contrasts and Opportunities

I couldn’t help but notice Eric Lundquist’s recent interview with VMware (VMW) CEO Diane Green in eWeek:VMware Faces Virtual Reality. Besides the usual discussion about how VMware manages growth and increasing competition Diane interjects security into the interview:

Then there is a whole other area that starts getting into application infrastructure. One proof point of that would be in security. We recently launched VMsafe with the ISVs, and this is a proof point of how this is transforming the software industry. This is changing how you build apps. We now have about 30 software companies that have joined our VMsafe initiative, which is essentially creating APIs that let you secure what's in a virtual machine because you know everything that is going in and out of it. So you can catch a virus before it gets in, and maybe prevent having to patch; you can say what's allowed going in and out of a virtual machine. (Diane Green – eWeek June 2008)

Later in the interview Diane is asked about virtualization security as a challenge and she talks again about how VMware views virtsec as an opportunity:

eWeek: Are these the issues you hear about from customers—concerns in the areas of security and sprawl?

Green: We haven't heard that from our customers. It's more been from other vendors that have an interest in talking about it that way. But we have always seen it as a huge opportunity.

In fact, Mendel [Rosenblum, chief scientist at VMware,] does a lot of research into security and virtualization at Stanford, and we have always seen the opportunity that virtualization offers in a more secure, new and powerful way. We are now finally realizing that in ways that customers can take advantage of. (eWeek June 2008)

Compare this to Microsoft’s (MSFT) delays and the recent Citrix (CTXS) coverage and blog debate about who is responsible for virtsec. While VMware tightens its security message, Microsoft stumbles and Citrix washes its hands on the issue. These are three well-heeled competitors with admirable track records, established customer bases and excellent products; and yet three very different visions of the value of virtualization security to the proliferation of virtualization in the data center. Sometimes I get the impression that Microsoft is merely waiting for VMware to stumble on virtsec and then pounce. But will that happen?

In all fairness to Citrix they’re still absorbing Xen and may be focused on other issues. Their CTO is a brilliant guy who is one of the world’s leading experts on virtualization, but as Unisys Chief Security Architect and leading security blogger Chris Hoff points out, he may need a quick primer on data center security or at least the mindsets of those whom Citrix will ultimately be selling through as they make a case for production deployments.

Earlier this month I talked about 2008s virtsec highlights. I think this recent VMware CEO interview needs to be added to the mix. VMware continues to impress me with their grasp and execution when it comes to articulating the impact of security on the virtualization of the enormous production data center market. VMsafe was perhaps a defining moment in production virtualization.

At some point I expect Citrix and Microsoft and others to wake up and smell the opportunity. Their products may be behind or in the process of integration, but I think their visions and messages are even further behind. Thus far VMware’s lead in adoption is mirrored by their lead in message and vision. And both leads might be destined to increase if they continue their focus on the Keys to the Kingdom.

Disclosure: none

Comments

[User 209975]

Greg,
I do agree with u on this ,Now a days companies are beefing up and foccusing more on security as in today's internet world the security breaches are becoming a bigger issue for companies to tackle,I hope VMSafe brings in some relief and a sense of Joy to customers who have been using and who are willing to use VMWare.

[GNESS]

Thanks for your comment. I think VMware really understands the security implications and opportunities inherent with virtualization, while Microsoft and Citrix may not. This could become a factor in determining who succeeds in hte lucrative data center market.

Thx
G