Back a few months at EMC World 2010 in Boston, one of the more interesting proclamations about securing cloud computing came from Joe Tucci who said, and I’m paraphrasing “VMware is the tip of the security spear” for private cloud, and cloud computing in generation.  This make sense of course, given the important role of the hypervisor, in the this case vSphere, in providing secure multi-tenant operations for application workloads, virtual desktops, system administration, and ad hoc user computing.

Jumping forward to VMworld 2010 in San Francisco, enterprise users and IT providers and partners are learning more about where that security spear is pointing – reliable segregation of virtual computing resources, access management for services, governance and audit reporting – all important features needed to round out a comprehensive security model for cloud computing.

It’s clear that the strategy to imbed and instrument security within the virtualization layer is playing out, with announcements that add to and expand the use of VMsafe security APIs, the packaging of a family of security capabilities in vShield,  virtual cloud service director access management,  and the expansion of the Archer and enVision platforms to improve security reporting, control, and event management.  Here’s a quick summary of some of the announcements:

• vShield Edge, vShield Zones, and vShield Endpoint are packaged together as the vShield Family and operate at the virtual perimeter layer of the cloud security framework.  These products enable a) VPN and firewall for the virtual machine (as compared with similar capabilities at the hypervisor layer provided by Altor Networks), b) end-point malware and virus protection for VDI deployments, and c) allow for a policy-based virtual perimeter to moved in tact with a VM/Application/OS environment as it moves from host-to-host.

• a virtual cloud service director, or vCSD, allows users to secure vCenter environments as a logical pool of virtualized resources (compute, network, storage) under a shared role based access control system integrated with an enterprise active directory.

• And from EMC, an expansion of the RSA Archer eGRC platform to include a library 100+ VMware-specific controls that map to current audit and control frameworks such as FISMA, PCI-DSS and HIPAA, and enhancements to enVision security information and event management platform to provide a more comprehensive assessment of security events from across the enterprise.

With these announcements, the table for security continues to be set.  Later in the show, expect to hear more about the security bake-off between hypervisor vendors, updates on the Intel/VMWare/RSA project to build a hardware/firmware trust base  for hypevisor and VM operations, and maybe applications, and an approach to building a compliance aware virtual environment.