SANS ISC: New VMware Desktop Products Released (Workstation, Fusion, ACE) - SANS Internet Storm Center

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

VMware Fusion 3.0 went from Release Candidate to General Availability last night, as did  VMware Workstation 7.0 and VMware ACE 2.6

Lots of new stuff - the feature I welcome the most is nested VMs.  This allows you to run ESX with guests inside of workstation (if you have enough memory that is).  This is a great feature if you are doing ESX work on your laptop.  This is common in both lab and testing, but we also use this a lot in training.    This feature has been in the workstation and fusion products (unsupported) for quite some time, but VMware is finally rolling it into the fold of supported features.

AES encryption of disk images is a feature that's been on ACE, but is now available on the other desktop products.  This is a great help to anyone doing PCI or HIPAA work in a VM.  You can now for instance transport a VM and use encryption native to the product, as opposed to adding a step and another product to get the encryption job done.  The encryption on disk also (maybe) fills the "data encryption at rest" requirement in many compliance frameworks.   Keep in mind though that achieving actual compliance with any compliance framework depends on a lot more than just encryption - it's best to involve your auditor before running sensitive VM's on a laptop.  This one new feature is very welcome and is certainly required in many compliance situations, but might not get you all the way to compliant just on it's own.

Other new features:
- support for Windows7 (and it's associated new graphics APIs) and Windows Server 2008.
- support for VMs with up to 4 processors and 32GB of memory (with a new 16GB laptop coming, I'm looking forward to this !)
- ALSA sound support for Linux ( this has been a long time coming ! )
- a nifty new "pause" feature, allowing you to pause a VM if you need some temporary processor power for your host or another VM
- a new Virtual Network Editor, which is long overdue (especially on Fusion !)

Interestingly, ACE now has the capability to create VMs, and Workstation now has P2V features.  It's really seeming like VMware is pushing all the products up one notch in the totem pole with this release - ACE seems to be turning into workstation, and workstation seems to be morphing into the old server product

Lots of posts on the release candidate features, it looks like the GA code has the same feature list (as you'd expect):

http://www.vmware.com/company/news/releases/fusion3-preorder.html
http://blogs.vmware.com/workstation/2009/10/workstation-7-release-candidate-available.html

/rob

Rob VandenBrink is a Security and Network Consultant at Metafore (www.metafore.ca)