Making Xen virtualization safer with XenAccess

XenAccess, a Georgia Tech-hatched project that aims to bring VMsafe-esque capabilities to the Xen project, may provide a way to give Xen great security at the hypervisor level.

I just came across this post by Rich Miller, pointing to the XenAccess, a potentially valuable open-source project that aims to bring VMsafe-esque capabilities to the Xen project.

Hatched at Georgia Tech in 2007, the project hasn't been moving very fast, but perhaps its time has come? That depends on the importance of VMsafe, to some extent. As for VMsafe:

VMware VMsafe is a new security technology for virtualized environments that can help to protect your virtual infrastructure in ways previously not possible with physical machines.

VMsafe provides a unique capability for virtualized environments through an application program interface (API)-sharing program that enables select partners to develop security products for VMware environments. The result is an open approach to security that provides customers with the most secure platform on which they can virtualize their business-critical applications.

Could Xen benefit from enhanced security? Of course, just as VMware does. VMsafe enables third-party security vendors to check security of virtual machines at the hypervisor level, scanning incoming and outgoing traffic to get excellent visibility into the virtual machine, and thereby to protect it. Adding this to Xen would be a big win.

It's just a question of whether the project can evolve from Georgia Tech into a broad, industrywide effort to improve Xen's security. Given that Xen started as a Cambridge University project and ultimately gained support from Intel, Red Hat, and others, perhaps the odds are in XenAccess' favor. We'll see.

Tags:
Tech Culture
About the author

    Matt Asay is chief operating officer at Canonical, the company behind the Ubuntu Linux operating system. Prior to Canonical, Matt was general manager of the Americas division and vice president of business development at Alfresco, an open-source applications company. Matt brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. He is a member of the CNET Blog Network and is not an employee of CNET. You can follow Matt on Twitter @mjasay.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Find Your Tech Type

    Take our tech personality quiz and enter for a chance to win* high-tech specs!