A start-up, Montego Networks, is tackling the growing virtualisation security market with technology that regulates traffic flowing to and from virtual machines created using VMware's server virtualisation products.
Montego provides "firewall-like capability that has a filtering effect from virtual machine to virtual machine," says Burton Group analyst Pete Lindstrom.
"Lots of folks are starting to talk about inter-VM traffic," Lindstrom says. "There's definitely room for thinking about security in this area."
Montego was founded by Bob Darabant and John Peterson, who previously held positions with Reflex Security, which also sells technology aimed at securing virtual machines.
Darabant, Reflex's head of sales and marketing, and Peterson, Reflex's chief product officer, say they left Reflex because they felt it didn't have enough working capital, and founded Montego last August.
Montego's HyperSwitch product will be released April 15. It will be distributed mostly through reseller and OEM agreements.
HyperSwitch lets customers enforce policies for data transmission within the virtual network, so they can defend against viruses or control what types of content can be passed among users and virtual machines. For example, customers can prevent individual virtual machines from communicating with other specific virtual machines, or block a virtual machine from sending specific types of traffic. Identity-based controls can allow or deny a user access to a specific virtual server, or allow access to a virtual machine but not to certain content contained within.
"We can restrict users based on where they're coming from in the network, and also based on their identity, from accessing certain types of content on the servers," Peterson says.
In addition to regulating data traffic, Montego's technology offers load balancing to ensure high availability for virtual servers, as well as controls that determine which applications are serviced first when there are multiple requests. For customers who use additional security products, such as those from Blue Lane, Catbird and StillSecure, Montego enables switching of traffic so that customers can have certain types of traffic inspected by another product.
Montego's technology supports servers using VMware today, but company officials say by the third quarter of this year it will also work with server virtualisation products from Citrix, Virtual Iron and Microsoft.
Besides Montego, companies making similar products include the start-up Altor Networks, which this month announced a product allowing visibility into the data traffic between virtual machines.