In a similar fashion to its quiet acquisition of the VDI desktop broker Propero, VMware has quietly acquired a company called Determina and its host intrusion prevention software - although terms of the acquisition have not yet been disclosed. On August 13th, VMware informed analyst firm Gartner that it had acquired Determina, a vendor supplying host-based intrusion prevention system (HIPS) technology. Security In a similar fashion to its quiet acquisition of the VDI desktop broker Propero, VMware has quietly acquired a company called Determina and its host intrusion prevention software – although terms of the acquisition have not yet been disclosed.On August 13th, VMware informed analyst firm Gartner that it had acquired Determina, a vendor supplying host-based intrusion prevention system (HIPS) technology.Security has always been a major concern within the virtualization community. Consumers of virtualization technology have raised the question many times and have attempted to lock down their virtual environments as best they could. Likewise, security concerns have been trumpeted by many who aren’t exactly on the virtualization bandwagon. The acquisition of Determina will definitely give VMware a solid answer to address many of these concerns. In a research note discussing the acquisition, Gartner analyst Neil MacDonald said that Determina brings two HIPS capabilities to VMware:First, the Determina Memory Firewall HIPS solution protects an operating system (OS) and applications against unauthorized memory and program control-flow manipulation – for example, heap and stack overflows, buffer overflows, and similar techniques used by hackers to inject malicious code into running processes. Second, as a byproduct of its memory protection approach, the Determina technology can also be used to inject new (or modified) code on the fly. This ability to perform “hot patching” is the foundation of the Determina LiveShield solution – a shielding alternative built by reverse-engineering patches used to protect vulnerable systems without a reboot until a permanent patch can be applied.He went on to say that they believe VMware will use both capabilities of Determina and that by potentially integrating Memory Firewall into the ESX hypervisor, the hypervisor itself will provide an additional level of protection against intrusions. MacDonald also said in his analysis that the memory protection would be extended to guest operating systems as well, saying “VMware’s extensive use of binary emulation for virtualization puts the ESX hypervisor in an advantageous position to exploit this style of protection. Further, by using the LiveShield capabilities, the ESX hypervisor could be used “introspectively” to shield the hypervisor and guest OSs from attacks on known vulnerabilities in situations where these have not yet been patched. Both Determina technologies are fairly OS- and application-neutral, providing VMware with an easy way to protect ESX as well as Linux- and Windows-based guest OSs.” MacDonald also predicted that these capabilities will be freely included in one or more future versions of VMware products and that the Determina technologies will be discontinued for stand-alone purchase. Software Development