Citrix eliminates security holes in hypervisor

Citrix's hypervisor has caught up to VMware in providing enterprise-class security features, and is now the second virtualization platform to be certified as "production-ready," according to the Burton Group analyst firm.

Two months ago, the Burton Group said VMware's hypervisor was the only one on the market to meet all 27 features the analyst firm believes are required to run production-class workloads in the enterprise.

13 desktop-virtualization tools

Best desktop virtualization software

Citrix met 85% of the requirements but fell short in features such as security logging and auditing of administrative actions; directory services integration; and role-based access controls.

But with the vendor's latest software released on June 16, Citrix XenServer 5.5, Citrix has eliminated those shortcomings, Burton Group analyst Chris Wolf writes in a blog post.

"Citrix added several key features for the 5.5 release, including directory service integration, security logging and auditing of administrative actions, and role based access controls (via the Lab Manager interface included in Essentials 5.5 Platinum Edition)," Wolf writes. "Also, Citrix reworked its XenServer support policy to meet our minimum 3 year market support requirement."

The Burton Group's virtualization criteria were drawn up to ensure that hypervisors provide adequate security, management, availability, storage, network, compute, scalability, and performance to enterprise IT shops.

"Having multiple production-ready hypervisors on the market means more choice for the customer, and a greater push for vendors to continue furthering innovation and competitive differentiation," Wolf writes. "Regardless of where your hypervisor loyalties stand, we'll all benefit from the progress of the XenServer platform."

In addition to required production features, Burton Group has two other categories: preferred features that are important but not required, and features that are just optional. VMware is still ahead of its rivals in preferred and optional features, Wolf writes.

In the analyst firm's last report, Microsoft Hyper-V lagged behind its rivals, meeting 78% of enterprise virtualization requirements. The Burton Group is analyzing Microsoft's new Hyper-V Server 2008: R2, and will post an update once the evaluation is complete, Wolf says.

This new version of Hyper-V is still missing some enterprise features but includes live migration and other important tools that bring it closer to production-ready status, Wolf writes in an e-mail.

Instant-on Linux vendors put on a brave face against Chrome

Google Inc. says its coming Linux-based Chrome operating system will "start up and get you onto the web in a few seconds."

If Chrome can fulfill that promise, that could render the cut-down, instant-on Linux platforms offered by a cadre of smaller vendors less compelling, if not obsolete.

Those vendors include DeviceVM Inc. with its Splashtop mini-Linux, BIOS maker Phoenix Technologies Ltd., with its Linux-lite HyperSpace platform, Xandros Inc.'s Presto, and Good OS LLC's Cloud offering.

Makers of instant-on environments claim their offerings can boot in a matter of seconds, compared with the several minutes usually taken by Windows. They also say their platforms start up more reliably than Windows when woken from sleep or hibernate modes.

But early versions let users do little apart from surf the Web. That has changed in recent months. Phoenix added the Office-compatible ThinkFree suite this spring, while DeviceVM says it is close to adding support for streamed enterprise apps.

That has allowed some of these vendors to gain traction. DeviceVM, for instance, says eight out of the 10 largest PC makers are installing Splashtop as a second "pre-boot" environment as an adjunct to the main Windows operating system.

But Chrome's entry "is going to make it a lot harder for them to make a go of it," said independent analyst Jack Gold.

Not so, say these vendors. Mark Lee, CEO of DeviceVM, insists that Chrome OS "validates Splashtop's value proposition" and won't interfere with its growth.

"By the end of 2010, Splashtop will be in the hands of more than 150 million desktop, net-top, notebook, and netbook users," Lee said in an e-mailed statement. "Google's entry into the market should accelerate this trend, and help to make instant-on the de facto computing standard."

Woody Hobbs, CEO of Phoenix, said HyperSpace can run on both ARM and Intel CPUs, which Chrome aims to do. Moreover, HyperSpace can run as a "dual resume" environment side-by-side with Windows or a Linux environment such as Chrome, Hobbs said in a statement, allowing users to quickly switch back and forth between environments. That feature is unique to Phoenix, he said.

With Google unlikely to target Chrome as a secondary quick-boot environment for netbooks primarily running Windows, that leaves a niche for instant-on vendors, said Jeffrey Orr, an analyst with ABI Research.

Gold, meanwhile, said instant-on vendors might be able to compete if they can show much lower battery consumption than Chrome either when on or in sleep mode.