Feeds

Bromium launches security-through-virtualisation tech in the UK

Xen dads' spookware uses VM swarms to isolate foulness

High performance access to file storage

Bromium has arrived as a sales force in the UK market with its strategy for making desktop computers secure using virtualisation technology.

The firm, which already employs a R&D/engineering team in Cambridge, has now added sales and support operations for the UK and wider European market. It's also looking to recruit channel partners in a bid to ramp up sales.

Rather than attempting to detect malware or hacker attacks, Bromium is focusing on providing strong isolation on virtual machines, based on its vSentry software. vSentry is built on the Bromium Microvisor, a security-focused hypervisor designed to automatically isolate each vulnerable Microsoft Windows task in a micro-VM that is prevented from modifying Windows. The same technology restricts a micro-VM instance from accessing intranet resources or databases.

Whenever a task isolated within vSentry attempts to access files or interact with the user, the hardware interrupts execution and passes control to the Microvisor, which enforces task-specific policies. The same bouncer-style approach is applied when attempts are made to access networks, devices or the clipboard on a user's PC.

The whole approach is designed to tackle the problem of end-point security, according to Ian Pratt, co-founder and SVP of products at Bromium. Pratt contends that the "protection through isolation" approach allows scores of micro-VM instances to be run on a PC without causing a performance hit. A user's experience is the same even though every time a user opens a file or clicks on an email they start a new virtual machine. This virtual machine is thrown away as soon as an task is finished, so if a user opens a booby-trapped email or visits a dodgy website it doesn't matter.

"There's no persistent effect," Pratt told the Reg during a run-through of the technology.

This type of software seemingly defies comparison with anti-virus products, firewalls, intrusion detection and all the more common techniques of thwarting hacking and malware attacks. It's loosely comparable to thin-client computing, married to the greater flexibility of a fat client experience, tied together with management and some forensic capabilities.

All this is far more secure than ‘sandboxing’, according to Bromium.

vSentry from Bromium is currently available for Windows 7, Explorer and MS Office environments with other platforms in development. In addition, vSentry incorporates Live Attack Visualization and Analysis (LAVA), an analytics engine that allows Bromium to monitor and record attempted attacks within the quarantine offered by an isolated Micro-VM. Both vSentry and LAVA can be configured and managed through the Bromium Management Server.

A more detailed run-down of the virtualisation technology pulling the strings behind Bromium's technology can be found in an earlier report by Reg enterprise systems editor Timothy Prickett Morgan.

In independent tests ran by NSS Labs, Bromium vSentry isolated all attacks against desktop applications thrown against it, preventing them from compromising or altering the system, while incurring a total performance overhead of 9 per cent. The test includes drive-by exploits and embedded exploits in a PDF and custom malware.

This is impressive but it'd be both complacent and dangerous for Bromium developers to kick back and spark up a large cigar just yet. Any security depends on a machine being clean of rookits or other deep lying malware in the first place.

The technology, initially targeted at security-conscious enterprises, was originally developed for the intelligence community before the founders of Bromium decided to develop the technology commercially.

"We see this as a broad market," Pratt said, adding that the technology can run on any modern PC.

Bromium launched the products in North America last October. This week's launch in the UK will allow it to address the local market as well as branching out into continental Europe. The firm was founded by the techies who brought us the Xen open-source hypervisor at Cambridge University. They commercialized it as XenSource, and sold it for $500m to Citrix Systems in September 2007. ®

High performance access to file storage

More from The Register

next story
Seagate brings out 6TB HDD, did not need NO STEENKIN' SHINGLES
Or helium filling either, according to reports
European Court of Justice rips up Data Retention Directive
Rules 'interfering' measure to be 'invalid'
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
USA opposes 'Schengen cloud' Eurocentric routing plan
All routes should transit America, apparently
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.