Bromium started shipping today its highly touted micro-hypervisor called vSentry that is promised to solve Windows desktop security problems once and for all.
It's a big promise. The client-side micro-hypervisor, which harnesses virtualization technology and exploits Intel’s VT technology, runs on Windows 7 64-bit desktops today. Versions for Macintosh, Windows 8 and other desktops will be available later, the recently launched company announced.
While most security solutions today focus on detecting and remediation of viruses and malware, Bromium’s solution harnesses the power of virtualization to prevent any attack by design, said key executives of the company, who actually designed the open source Xen hypervisor, launched and sold XenSource to Citrix and left to form Bromium about a year ago.
It’s a pretty promising technology for a seemingly age old and endless desktop headache for IT directors and end users. Simon Crosby, CTO and co-founder of Bromium, said vSentry is designed as a rock solid security solution for the enterprise and assured that the use of the micro-visor will not impair desktop performance, which is, of course, a huge consideration.
He also said it is one of the few technologies that truly harnesses Intel's VT chip technology and would have prevented the RSA attack if it had been available at the time. "It makes the PC more fundamentally secure," said Crosby, noting that any malicious code executes within the micro-hypervisor and is completely isolated from files and operating system services.
Bromium's official press release elaborates on the how:
“vSentry transforms information and infrastructure protection with a powerful new architecture built on the Bromium Microvisor; a security-focused hypervisor that automatically, instantly and invisibly hardware-isolates each vulnerable Windows task in a micro-VM that cannot modify Windows or gain access to enterprise data or network infrastructure,” said the press release issued today. “ vSentry protects desktops that have not been patched, defeats and automatically discards malware, and eliminates costly remediation - keeping users productive at all times. “
This quote comes directly from the press release issued today, but the security expert is former CIA security dude. It’s compelling, since Bromium claims its micro-visor is effective not just for preventing routine security problems but for preventing cyber-terrorism and cyber-theft.
“Bromium micro-virtualization is the most significant advance in information and infrastructure security in decades,” said Bob Bigman, president at 2BSecure and former CISO of the Central Intelligence Agency. “Sophisticated attackers can evade traditional protection tools, compromise the endpoint and penetrate deeper into the infrastructure. vSentry protects by design, allowing undetectable attacks to be automatically defeated.”
vSentry, which protects against malicious websites, documents, and attachments, is deployed as a standard MSI package and configured via simple policies using Microsoft Active Directory, Bromium announced. Pricing is based on volume and licensed on a per-user enterprise-wide basis.