Taking Virtualization Security Seriously: Page 2 of 2

While the idea of patching a running OS or application sounds interesting, it doesn't alleviate the need to test patches before they're applied. Usually, it's that testing that slows down the process - and not usually the need to bounce the server.

We've talked a lot about Blue Lane's patch emulation products (there's a physical appliance version as well as a virtual appliance for VMware). The idea is to catch incoming attacks and make the fix that an actual patch might do before the offending packet ever gets near the actual server. While the company has had its share of naysayers, the Blue Lane products performed as claimed when we tested them in our Florida Real World Lab. It got another seal of approval this week from none other than Microsoft itself, which tested the physical appliance and found it fully interoperable with Microsoft's protocols.

In the virtual world, the combination of the three products addresses many of the concerns currently expressed for security. The memory firewall will protect against overflow exploits, while Blue Lane's technology gives IT the time it needs to properly test patches and, once tested, LiveShield let's you apply them on the fly.

There's another interesting angle here: the brewing battle between Microsoft and VMware, and how companies like Blue Lane could get caught in the middle. More on that soon.