Deep Security was among the first products to leverage VMware's vSafe API, which allows security vendors to make their products virtualization aware. The core Deep Security product is a "deep inspection" module that includes host-based IDS/IPS, Web application protection and application control. The other optional modules are firewall, log inspection and integrity monitoring.
The advantage to enterprises is the ability to manage security at the host device level, rather than on each VM. VSafe also enables enterprises to apply security policies to individual VMs and to traffic between VMs. It also provides visibility into the virtualized environment. This kind of visibility and control has been largely limited to virtualization-specific security vendors such as HyTrust and Altor Networks, but traditional security vendors such as Trend are beginning to take advantage of VMSafe as well as the vShield API, which allows security to be applied across logical zones.
Enterprises are asking about virtualization-specific security, said Forrester Research analyst Chenxi Wang, but she isn't sure they're spending a lot of money on it, at least not yet. The market for virtualization isn't large at this point, and there aren't that many organizations that have a highly virtualized environment that would benefit from the level of control and visibility these security products offer. That's bound to change.
"Trend Micro is looking to the direction in which the market is going," said Wang. "The population of organizations actually running virtual infrastructure isn't that big, but the trend of the future is people who will run their own virtualized infrastructure or outsource to either a hosted private cloud or a public cloud. That's why security companies are beginning to offer mechanisms for virtualized infrastructure in the data center."