Joint Development between VMware and RSA Leverages Virtual Technologies to Help Reduce Risk and Increase Overall Security Posture

San Francisco - In a joint effort to help customers gain the efficiency and flexibility benefits of virtualization across even their most sensitive information and applications, VMware, Inc., and EMC Corporation, announced an expansion of their strategic alliance, capitalizing on the work being done between VMware and EMC’s RSA security division to enable advanced information-centric security functions within VMware vSphere™ 4, the industry’s first operating system for building the internal cloud.

“RSA and VMware are in a unique position to capitalize on the intersection of virtualization and security,” said Art Coviello, President, RSA, The Security Division of EMC. “The very dynamics of a virtual environment - where classic perimeters and boundaries no longer exist - strengthens the case for our information-centric, contextual, risk-based approach to security. We believe this combined approach will empower organizations to accelerate their journey towards a 100% virtual infrastructure with confidence in the security of their environment.”

Both VMware and RSA are engaged in a multi-pronged effort to help customers understand the security opportunities in virtual environments and to validate the interoperability of RSA’s industry-leading security products with VMware vSphere 4, helping lead to the delivery of virtual infrastructure solutions designed to increase an organization’s security posture beyond what’s possible in today’s physical IT infrastructure. This includes collaboration that extends and enhances the VMware VMsafe™ technology along with further development of solutions that enable features such as data loss prevention, authentication and security information and event management within virtual IT infrastructure environments.

“Nearly every organization has concerns about ensuring security, compliance and trust in physical and virtual environments. Addressing these issues will speed up the pace of virtualization and accelerate the associated cost savings and operational efficiencies,” said Charles King, Principal Analyst, Pund-IT, Inc. “With the right approach organizations can extend virtualization into environments containing sensitive data, and also leverage virtual technologies to increase security beyond what is common in purely physical IT environments.”

RSA is committed to helping customers and partners understand how to sustain and accelerate their data governance, risk management and compliance initiatives while leveraging virtual technology. As part of that effort, RSA now offers a Virtual Security Assessment Service specifically designed to provide consultative guidance and best practices related to policy management, infrastructure hardening, operational processes, and lifecycle management in a virtual environment.

VMware is working closely with EMC’s RSA security division to extend their alliance in order to build in security capabilities for the virtual enterprise through the integration of products from both companies’ portfolios. These joint development efforts are designed to support future advanced security functions for VMware vSphere 4 environments such as data loss prevention, security information and event management and strong authentication via RSA solutions. The companies are also qualifying the successful interoperability of multiple RSA products to be delivered as virtual machines.

Both VMware vSphere 4 and VMware VMsafe technology offer the ideal insertion point for information-centric security solutions to leverage unprecedented visibility and control provided by VMware vSphere 4. As organizations migrate to 100 percent virtualized environments, traditional perimeter-centric security solutions are rendered insufficient. The integration of RSA’s information-centric security solutions with VMware vSphere 4 will enable persistent, pervasive and scalable deployment of security solutions across the virtual infrastructure.

“Security concerns often require organizations to make difficult choices between the flexible, agile use of information, the need to ensure its security, and the cost of trying to do both,” said Dr. Stephen Herrod, Chief Technology Officer, VMware. “To provide the best of both worlds, and make choice, efficiency and control hallmarks of virtual infrastructure, VMware is committed to working with EMC’s RSA security division to accelerate our customers’ journey to becoming 100% virtual. Together, RSA and VMware are working on solutions designed to leverage the unique characteristics of virtualization to create new security paradigms and capabilities that can make virtual IT environments more secure than physical ones.”

At RSA® Conference 2009, the companies will demonstrate practical examples of this joint development inside the RSA booth, showing a proof of concept of the RSA® Data Loss Prevention Suite leveraging the capabilities of VMware vShield Zones TM to deliver data loss prevention (DLP) via virtual networks.

The collaborative effort between RSA and VMware demonstrates a key point of control that would enable customers to deploy DLP in the form of applications that inspect data traversing virtual networks. This would help protect sensitive data close to the source using a centrally managed set of policies and enforcement controls to prevent data loss in the virtual data centre. A combined VMware vShield Zones and RSA DLP solution is an innovative example that achieves a single point of security control without introducing a single point of failure.

“As organizations work to expand virtual infrastructure deployments with business-critical operations containing sensitive and regulated data, organizations need to rethink and adjust how they keep information secure in a virtual world,” Art Coviello continued. “Our combined approach addresses customer concerns about risk and leverages the unprecedented visibility within VMware vSphere 4 to increase overall security. At the highest levels, we are dedicated to accelerating virtualization deployments and committed to investing in solutions, and working with VMware to help customers realize a flexible, efficient and secure IT infrastructure.”