Martin Veitch (Global) - Bromium Interview: A Security Bromide from the People Who Brought You Xen?

When a group of Cambridge University academics and developers created XenSource and the Xen hypervisor 10 years ago it was as close to serious virtualisation competition as VMware ever got; even before XenSource had garnered more than loose change in revenues Citrix Systems stepped in to buy it for about $500m. In 2011, two of the best-known faces of the Xen project, Ian Pratt and Simon Crosby, announced they were setting out to take virtualisation technology into the security domain via a new company, Bromium. With Bromium finally out of stealth mode, I met Ian, co-founder of the company, last week to see a demonstration and to talk about what he sees as “game-changing” technology.

To say Pratt and marketing VP Franklyn Jones are bullish would be to understate matters. Jones sets out the raison d’etre for Bromium thus:

“Enterprise security is broken. Antivirus signatures, whitelisting, software sandboxes, forensics… none of these are good enough in the days of zero-day attacks. So we looked at this in terms of airport security: if it’s impossible to stop all the bad guys coming in, how about if you gave them a free pass but only to a secure virtual world?”

Bromium’s vSentry program is a novel form of security by isolation, containing all user activities in a micro virtual machine so that none of the usual sources to computer integrity, from Microsoft Office to PDF, browsers, Java and memory sticks, can get past a secure bubble captured in (and here the Xen heritage becomes clear) a ‘micro-visor’ software task container.  

Does it work in practice? Well, Bromium is touting NSS Labs research that gave vSentry a perfect score in defeating all threats thrown at it. vSentry will even capture details of malicious code behaviour and note it “like a black-box flight recorder”, Pratt says.

You might think there would be a performance penalty but the demonstration suggests not, with no perceptible lag despite several isolated tasks being open at the same time.

Catches? One or two.

First, for now vSentry needs the VT hardware virtualisation assistance developed for Intel processors and today only works on Intel i3-series and later processors running Windows 7. However, Windows 8 and Mac OS X are scheduled to follow this summer and the company says it is working on Android and Citrix XenApp versions.

Second, vSentry isn’t cheap. At about £150 per client this is a premium-priced products for a premium market – large companies that will have their own security teams. But then, as Pratt suggests, it offers the prospect of much reduced admin and remediation.

As is often the case with security, case studies are thin on the ground, although the New York Stock Exchange is a named customer. But Bromium, backed by big-name investors, promises much and it will be interesting to see the response from the threatened giants of the immensely profitable IT security sector, most notably the 800-pound gorilla, Symantec. Intriguingly, one of Bromium’s investors is Intel, which acquired another security big name, McAfee, a few years ago.


Martin Veitch is Editorial Director of IDG Connect


« Martin Veitch (Global) - Interview: Siemens' Chris Hummel on Yahoo's Homeworking U-turn and UC's Slow Progress


Martin Veitch (Global) - Box CEO Aaron Levie Is Building an Enterprise B2B Powerhouse out of Cash and Chutzpah »
Martin Veitch

Martin Veitch is Contributing Editor for IDG Connect

  • twt
  • twt
  • Mail


Do you think your smartphone is making you a workaholic?