Simon Crosby, the Godfather of Xen, on Virtualization, Security and Wimpy Private Clouds
Bromium is a well funded startup that promises to tap some little-used inherent strengths of Xen virtualization to secure public clouds, opening up the possibility of greater cost savings for businesses that will be able to trust more data to these services.
Thu, November 03, 2011
Network World — Bromium is a well funded startup that promises to tap some little-used inherent strengths of Xen virtualization to secure public clouds, opening up the possibility of greater cost savings for businesses that will be able to trust more data to these services.
According to one of its founders, Simon Crosby, isolating functions and establishing a trusted core to hardware systems can create public cloud environments able to meet the scrutiny of regulators concerned about the safety of data.
MORE ON CROSBY: Godfather of Xen: Virtualization holds a key to public-cloud security
Because Bromium is still in stealth mode, Crosby is purposely vague about some of this, but he does indicate that the technology exists to package secure systems that can be deployed within public networks and that can assure customers that privacy of data will be maintained.
Network World Senior Editor Tim Greene recently talked to Crosby about this. Here is an edited transcript of that conversation.
How do you feel about leaving behind dealing with Xen day-to-day?
Well I didn't say I'd left it. It's an open-source code base, and everything we do at Bromium is based on everything we've ever learned how to do well, which is develop software and deliver better systems relative to open source. So open source is at the heart of everything we do at Bromium without exception. Ian [Pratt, the father of Xen and co-founder of Bromium] still remains chairman of Xen.org, and we are very active still in the Xen world. It was hard leaving behind the products we had built, specifically in that category XenServer and XenClient, but Xen remains extremely productive as a technology, and it's going into incredible places. It's very interesting.
What do you mean by incredible places?
Every time I peel the cover off some new widget that's being delivered -- so it's gone deeply into the science world -- lots of appliances being built with Xen-based virtualization. It's everywhere in the cloud in places I never would have imagined, some of which I'm not even allowed to tell you about. Xen has really dramatically transformed the whole cloud business and I think continues to do so.
Why can't you talk about some of the places Xen has been deployed?
Bromium does a lot of interesting things in a world that you might think of as security related that I think are actually more related to trust or being trustworthy. Many of the people we have dealt with, certainly the people when we were dealing with in the federal government when we built XenClient. These folks run deeply secure systems that they won't even tell me about because I have no security clearances. So often the conversations are quite one-way, and they're always with somebody named Bob even though they all look different. It's remarkable that open source has provided a fantastic vehicle for delivering technologies into communities where trust is absolutely fundamental, and there they seem to prefer the open-source methodology because everything is in the open. Then they can get their own hands on it, and they don't have to believe anybody. They don't have to believe me or anybody else. They can put their own eyes on the code and particularly in the case of XenClient the core security modules were written by contributors from federal security agencies, people you would never normally expect to do this work.
