Feeds

Bromium launches security-through-virtualisation tech in the UK

Xen dads' spookware uses VM swarms to isolate foulness

Boost IT visibility and business value

Bromium has arrived as a sales force in the UK market with its strategy for making desktop computers secure using virtualisation technology.

The firm, which already employs a R&D/engineering team in Cambridge, has now added sales and support operations for the UK and wider European market. It's also looking to recruit channel partners in a bid to ramp up sales.

Rather than attempting to detect malware or hacker attacks, Bromium is focusing on providing strong isolation on virtual machines, based on its vSentry software. vSentry is built on the Bromium Microvisor, a security-focused hypervisor designed to automatically isolate each vulnerable Microsoft Windows task in a micro-VM that is prevented from modifying Windows. The same technology restricts a micro-VM instance from accessing intranet resources or databases.

Whenever a task isolated within vSentry attempts to access files or interact with the user, the hardware interrupts execution and passes control to the Microvisor, which enforces task-specific policies. The same bouncer-style approach is applied when attempts are made to access networks, devices or the clipboard on a user's PC.

The whole approach is designed to tackle the problem of end-point security, according to Ian Pratt, co-founder and SVP of products at Bromium. Pratt contends that the "protection through isolation" approach allows scores of micro-VM instances to be run on a PC without causing a performance hit. A user's experience is the same even though every time a user opens a file or clicks on an email they start a new virtual machine. This virtual machine is thrown away as soon as an task is finished, so if a user opens a booby-trapped email or visits a dodgy website it doesn't matter.

"There's no persistent effect," Pratt told the Reg during a run-through of the technology.

This type of software seemingly defies comparison with anti-virus products, firewalls, intrusion detection and all the more common techniques of thwarting hacking and malware attacks. It's loosely comparable to thin-client computing, married to the greater flexibility of a fat client experience, tied together with management and some forensic capabilities.

All this is far more secure than ‘sandboxing’, according to Bromium.

vSentry from Bromium is currently available for Windows 7, Explorer and MS Office environments with other platforms in development. In addition, vSentry incorporates Live Attack Visualization and Analysis (LAVA), an analytics engine that allows Bromium to monitor and record attempted attacks within the quarantine offered by an isolated Micro-VM. Both vSentry and LAVA can be configured and managed through the Bromium Management Server.

A more detailed run-down of the virtualisation technology pulling the strings behind Bromium's technology can be found in an earlier report by Reg enterprise systems editor Timothy Prickett Morgan.

In independent tests ran by NSS Labs, Bromium vSentry isolated all attacks against desktop applications thrown against it, preventing them from compromising or altering the system, while incurring a total performance overhead of 9 per cent. The test includes drive-by exploits and embedded exploits in a PDF and custom malware.

This is impressive but it'd be both complacent and dangerous for Bromium developers to kick back and spark up a large cigar just yet. Any security depends on a machine being clean of rookits or other deep lying malware in the first place.

The technology, initially targeted at security-conscious enterprises, was originally developed for the intelligence community before the founders of Bromium decided to develop the technology commercially.

"We see this as a broad market," Pratt said, adding that the technology can run on any modern PC.

Bromium launched the products in North America last October. This week's launch in the UK will allow it to address the local market as well as branching out into continental Europe. The firm was founded by the techies who brought us the Xen open-source hypervisor at Cambridge University. They commercialized it as XenSource, and sold it for $500m to Citrix Systems in September 2007. ®

The essential guide to IT transformation

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Docker kicks KVM's butt in IBM tests
Big Blue finds containers are speedy, but may not have much room to improve
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Gartner's Special Report: Should you believe the hype?
Enough hot air to carry a balloon to the Moon
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Dell The Man shrieks: 'We've got a Bitcoin order, we've got a Bitcoin order'
$50k of PowerEdge servers? That'll be 85 coins in digi-dosh
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.