This week for the BYOD Smackdown 2012 we have Cellrox, an Israel-based company that was created in 2011 to bring lightweight virtualization for Android devices to market.
The VMs that Cellrox uses aren’t full OS instances, and in fact Cellrox refers to each profile/VM/environment/whatever you want to call it as a persona. The hypervisor (or ThinVisor, in Cellrox terms) rides above the Linux kernel. The Cellrox website has a whitepaper with a full description of the architecture, but what’s important to know is that it provides isolated Android instances. The kernel and hypervisor replace the existing device operating system, but the VMs can be any version of Android. The Cellrox hypervisor works across a wide range of hardware specifications.
Each VM is presented to the user as a full Android experience, completely transparent to apps. The hypervisor can also handle more than two personas, so in addition to work and personal; VMs can be set aside for guests, banking, or children. VMs can have be completely unsecured, or traditional MDM can be applied, but it’s all on a per-VM basis.
Interaction between the VMs can be controlled from the hypervisor. While data and apps from one are not accessible by another, it is access to hardware by VMs running in the background that’s the concern. For example, a personal unsecured VM might allow be allowed to use the camera, but if a work VM with camera restrictions is active in the foreground, then it will not allow the personal VM to have access either. There are also different ways to set up phone numbers, either with one for the devices or numbers dedicated to profile. You can imagine that administering the overall device would involve creating some sort of matrix of permissions form profile to profile.
Is mobile virtualization a BYOD panacea?
You’re probably wondering how much this differs from VMware Horizon Mobile. While Cellrox uses a type-1ish hypervisor and Horizon Mobile uses a type-2ish hypervisor, the architectural difference between Cellrox and Horizon Mobile is not actually very relevant to either product’s viability as a BYOD mobile solution. Regardless of how “light” a mobile virtualization solution is, we’re still talking about something that at the end of the day requires an operating system to be replaced and that only works with Android. Even VMware’s type-2 solution requires modification at lower levels, (hence referring to it as “type-2ish”) in addition to only working on certain hardware.
The need to replace a user’s OS and that it only works on Android means that Cellrox (and mobile virtualization in general) isn’t suitable for completely freewheeling BYOD scenarios. Just imagine a user: “I want to bring my phone in today... Let’s see, back everything up, replace my OS with the corporate one that includes the hypervisor, provision myself a person profile, reinstall my personal apps...” That’s an extreme example, though, and to be fair there are many other scenarios where a product like Cellrox would make sense. A corporate liable phone that has an entire VM/profile/whatever you want to call it where employees can be free to install whatever apps they want and not have a password would is welcome, it’s just not really BYOD. Cellrox does claim to support a wide variety of devices, so users could at least have freedom with that variable.
Another issue to be considered is whether or not it’s necessary to virtualize mobile devices when applications already run in their own sandbox containers. Overall, though, an insulated personal container on a corporate device, no matter the means used to create it, is a welcome method of ensuring that users’ personal apps and activities do not affect corporate resources.
UPDATE: Monday, March 26, 2012: Cellrox CEO Omer Eiferman had a few clarifications to share:
- We are not type I hypervisor but a flavor of OS virtualization. Unlike type I we are not coupled with the HW.
- Direct access for HW devices is used for providing native performance but doesn’t create a security breach since we control the access via ThinVisor.
- We do modify the ROM but are not planning to replace it. You will be able to find Cellrox solution pre-installed on OEM devices and activated by Cellrox.
- Interaction between the VMs can be controlled from the hypervisor and has a unique patented UX in form of a status-bar.
- Configuration matrix – the ‘modus operandi’ we target is to control only the managed persona thus similar to any MDM configurations spec. No restrictions are planned for the private persona.
- The installation of Thinvisor would automatically create a work (a.k.a managed persona) alongside with the current user’s configured environment which will become private. No user interaction is needed.
- Unlike containers that may be compromised if the host OS is compromised, when using ThinVisor the managed persona is totally decoupled and separated from the private persona that may be compromised thus providing high level of security.
This feature overview will be updated from time to time. If you notice any inaccuracies, please comment or email me at email@example.com. There are a lot of vendors and features to keep track of, and I want to be sure and keep everything straight.
- Platform Android only
- Architecture OS/profile virtualization
- App sources any apps, VMs act as normal Android instances
- Security VMs can be managed with MDM software, corporate VM manages hypervisor
- Split plans/phone numbers yes