Virtual Security served with virtual lunch

Somehow I missed the free lunch, but I still got my fill at the Virtual Security Roundtable hosted by Intel and Symantec yesterday at Intel Developer Forum. The free sandwich was designed to lure journalists into learning about the dire threat of “safeguard disabling,” whereby a hacker or a Trojan horse attack, or even an employee or software patch, turns off personal firewalls or anti-virus protections.

Intel and Symantec shared data from a recent survey of IT security managers at large companies. The data showed that, sure enough, nearly all of these folks registered some level of “concern” about safeguard disabling. You have to wonder about those who didn’t.

More interesting is the way that Symantec, with a big boost from the virtualization capabilities in Intel’s Core 2 Duo processor, plans to address this and other threats to the business desktop. In a nutshell, Symantec will make use of a “trusted hypervisor” to insert its intrusion prevention technology into a slim, protected partition that boots ahead of the user’s operating system. Symantec says the embedded IPS “appliance” will scan and filter network traffic before it reaches the host, and will even isolate an infected host from the network to quarantine threats.

Symantec Virtual Security Solution was announced in April alongside the Intel vPro technology, but like yesterday’s sandwich, it slipped right past me. Company reps said Virtual Security would be available first half of 2007 and would support Windows CE and a variety of other embedded operating systems. Symantec didn’t reveal whether it would also be available for systems based on AMD processors, but of course this was Intel’s show.

Finally, Symantec said Virtual Security was designed to protect a single user OS on a desktop system. But you have to wonder how soon we’ll hear about a similar solution to protecting multiple virtual machines on a server.