ie8 fix

Virtually Speaking

Dan Kusnetzky, Paula Rooney and Ken Hess
Home / News & Blogs / Virtually Speaking

Bromium planning to change desktop security through virtualization

By | June 28, 2011, 3:30am PDT

Summary: Conversation with Simon Crosby, CTO and founder of Bromium

I recently had the opportunity to speak with Simon Crosby, co-founder and CTO of Bromium, to better understand why he left Citrix and what Bromium is setting out to accomplish.  Simon and I have spoken many times. Each time, I come away looking at things from a fresh perspective. We haven’t alway agreed, but he clearly knows a great deal about what he’s talking about. We first spoke while he was with XenSource. We’ve spoken many times since XenSource was acquired by Citrix.

My first questions were about the need for Bromium at all.  Why, I wondered, was it necessary to create a new company. Wouldn’t it have been possible to accomplish the same things as part of Citrix? Simon helped me understand that he parted company with Citrix on friendly terms. Citrix, he pointed out, was focused on its core mission and the vision for Bromium, while important for Citrix customers, would not be a mainline project. So, the team would always be competing with other projects for funding, resources and attention of the company. The founders of Bromium though it would be best to create a company tightly focused on its mission.

Then I inquired about what was the set of goals Bromium was setting out to accomplish. This started a long, animated and very interesting discussion of the security problems facing users of PCs, laptops and other devices were facing. Here are some of the high points of the discussion:

  • Operating systems depend upon a number of factors to assure that only approved workloads are allowed to execute. Some factors are outside of the control of operating systems and, thus, have to be managed at a another level. It appears that nearly every commercial operating system has suffered security breaches even though many very smart people are trying to prevent it.
  • Applications and application frameworks can and have been developed with the goal of creating a secure execution environment. Even the best of those have been breached at one time or another.
  • People using systems expect systems to be easy-to-use, friendly and make getting the work done easily. Today’s security systems often act to make systems less friendly, harder to use and, upon occasion, get in the way of the work people are trying to accomplish

Bromium’s founders have imagined a number of tools, tools that combine virtualization and security technology, that can be created to create and maintain a highly secure environment. Although Simon didn’t get away any of the “secret sauce” that Bromium is developing, he did point out that many of today’s high volume microprocessors, such as those containing Intel’s vPro technology, have the capability of locking down execution very tightly. The problem is that most commercial operating systems were not developed to make full use of that or similar technology.

I his view, special purpose hypervisors need to be built that take full advantage of that microprocessor technology and enfold all workloads in a tightly controlled environment. This layer of technology could prevent unauthorized execution of code regardless of how it was introduced into the environment.

I look forward to learning more about what Bromum is developing. I guess that unless  I sign on as an employee or become a trusted consultant, I’ll have to wait to learn more just like everyone else.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Virtually Speaking”

Topics

Opportunity, Conversation, Dan Kusnetzky

Daniel Kusnetzky is a distinguished analyst and the founder of the Kusnetzky Group LLC.

Disclosure

Dan Kusnetzky

The Kusnetzky Group LLC is an independent technology industry research firm that focuses on system software, virtualization and cloud computing technology.

Dan's opinions are based upon research, personal experiences and actual use of technology. They are not based upon the relationships the company may or may not have with suppliers, end user organizations, the media, consultants or other analysts.

Dan's research is available on a subscription basis through the Kusnetzky Group LLC. Dan's attendance at industry events or at client meetings may be sponsored by the client. Clients may provide hardware or software for testing prior to the publication of analysis that includes that product. Clients may also provide shirts, jackets, coffee cups, folders, backpacks, pens and other event chotchkies. While nice, these don't effect Dan's opinions or insight about those clients or their products.

Biography

Dan Kusnetzky

Daniel Kusnetzky, Analyst and Founder of Kusnetzky Group LLC, is responsible for research, publications, and operations. Mr. Kusnetzky has been involved with information technology since the late 1970s. Mr. Kusnetzky has been responsible for research operations at the 451 Group; corporate and marketing strategy for Open-Xchange; system software and virtualization research at IDC; and program and product management at Digital Equipment Corporation.; Today, Mr. Kusnetzky focuses on system software, virtualization technology and cloud computing.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion

The discussion hasn’t started yet. Why don’t you begin it?

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix