Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

YOU SHALL NOT PASS! Intel, HyTrust geo-fence wandering virty servers

You. Virtual workload. Go sit over there, and stay there

VMworld 2014 Intel and HyTrust have teamed up to build software that can control where in the world your virtual machines are allowed to run.

The core of the collaboration is Intel's Trusted Execution Technology (TXT) – special kit that attempts to validate a machine's BIOS, hypervisor and hardware state.

That's a handy trick because some strains of malware temper with the lowest levels of computers to avoid detection. TXT promises to sense such changes before a machine boots, to make sure unexpected alterations don't represent something nasty.

A few months ago Intel added location awareness to TXT, and it is this new feature that HyTrust has tapped into for the VMworld launch of “Boundary Controls” – a new product that lets you set policies for where workloads can run.

There are two motives for controlling the location in which virty servers can run.

The first is security. Virtual machines are portable, which is great for server utilization but a little worrying if a mission-critical app suddenly starts to run in a branch office where servers may meet a TXT profile but staff aren't likely to need the app or the data it relies upon. Indeed, such activity could be a sign of something going awry. Boundary Controls will stop such sensitive workloads from making it out of the building in which they are intended to run.

The second motive is data sovereignty, as various nations' laws frown on personal data leaving their shores. Geolocating workloads nips the risk of flouting such laws in the bud.

HyTrust doesn't provide all the pieces to make this happen. Intel provides a piece of software called Mount Wilson that drives the TXT services built into its kit. A new version 2.0 of Mount Wilson is imminent and will ship with HyTrust's code.

Intel and VMware are both HyTrust investors, so the location and timing of the launch – at VMworld 2014 in San Fransisco – itself represents a nice bit of location control. ®

 

Similar topics

TIP US OFF

Send us news


Other stories you might like