Why aren't VMware and RSA working together to create the ultimate secure VDI environment?

RSA and VMware both have legions of crazed fanatical customers, and as it happens both companies are owned by EMC. This was the topic of one of the side conversations I had at BriForum last month.

RSA and VMware both have legions of crazed fanatical customers, and as it happens both companies are owned by EMC. This was the topic of one of the side conversations I had at BriForum last month. We talked about how it's weird that the two companies haven't done more together in the desktop space. (Unfortunately I forget who I had this conversation with, but I'm sure that this was an idea that someone else put in my head. Feel free to email me to claim it!)

One of the main reasons people use VDI today is to increase security, and when it comes to security, the people who love RSA are almost as fanatical about loving RSA as the people who love VMware are about loving VMware. So it seems like it would make perfect sense for the two companies to co-brand and market an "RSA Secure Virtual Desktop" or something like that.

There are a few ways this could work.

First, what a great way to create the killer use case for client-based VMs (or even the perfect use case for a client-based hypervisor). Imagine if users could use their existing soft tokens to unlock and decrypt their laptop-based VM disk images. VMware could sell it as the "security of VDI, outside the firewall." Sure, we don't need VMware for this—Citrix XenDesktop and Virtual Computer NxTop could support client VM encryption too—but a joint VMware/RSA solution could be sold to the security people love this stuff already.

And it wouldn't have to stop there. RSA has a whole suite of data loss prevention (DLP) products. These are the perfect products to help deal with the increasingly independent users and BYOPCs and all the other stuff the various forms of desktop virtualization introduce. It seems that a joint product with a single SKU marketed to the right (security) people would sell like crazy.

Of course this flies in the face of a lot of the conversations we've had on the site over the past month or so about VMware's desire to push the cloud and that if they made client VMs cool then they'd be undermining their cloud datacenter desktop story, so it's not like they should throw everything away just for this one idea. But heck, people are spending a lot of money on RSA these days, so why not go for it? And hey, RSA's new tagline is "securing virtualization and the cloud" (seriously!), so why not jump on board?

Besides, VMware and RSA (and EMC for that matter) are not exactly known for having the cheapest solutions out there, so their customers are already accustomed to paying a lot for what I'm sure they perceive to be the best, so why not? Does RSA+VMware Desktop Virtualization = Killer App?

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

"Why aren't VMware and RSA working together to create the ultimate secure virtual desktop environment?"

Simple... VMware need to make a decent virtual desktop environment first :) !


There are already good solutions - SMS PASSCODE has just released a version 4 that provides cross VDI platform protection with two-factor authentication via SMS. Check out how it works at www.smspasscode.com/.../howitworks where video's show the different VDI's including VMware View Portal and Client protection.  


Thanks for creating an account just so you could post that commercial larsting. I know there are plenty of security solutions out there.. my whole point is that the VMware+RSA brand could be huge--bigger than anything else out there today.


While that may seem like a logical idea, unless EMC sells RSA directly to VMWare you probably won't see this take place.  It would be similar to asking why VMWare doesn't create custom/proprietary/killer integrations with EMC arrays that you couldn't get with other storage platforms.  You're seeing VMWare develop APIs for just about everything so that just about anyone can plug into the infrastructure.  The simple fact is VMWare as an organization needs to remain as agnostic as possible to not alienate anyone within the ecosystem.



Interestingly enough RSA just published a doc called "A Guide for Deploying and Administering the RSA Solution for VMware View", which you can download here-


It describes how to manage visibility and Control of View environments and data via policies. I agree that they could market this solution better via a VMware/ RSA brand! Interested in hearing your thoughts on this!


I recently saw an EMC presentation for "Virtual Desktop Monitoring and Availability" that showed a "next generation" level of integration of stack components.

 They showed how the health of Virtual Desktops could be monitored from the user session all the way down through the hypervisor to the storage subsystem.  The catch was -- you had to be running EMC storage and a VMWare hypervisor + virtual desktop.

 There was also an overview of their new active/active solution that allows HA across datacenters using synchronous transactions.  The catch way (you guessed it) that you need EMC storage and a VMWare hypervisor.

 Based on their presentation, I think it is pretty clear that EMC/VMware is already well on their way towards providing a vendor lock-in value proposition.  It wouldn't be surprising to see RSA components become the next brick in their wall.  On one hand, they will be able to provide a unique set of features and deep integration.  On the other, it will be difficult to sell to companies that want to use existing infrastructure.

 In a way, this reminds me of the way Oracle/Sun/Solaris/JBoss/Java/etc/etc can provide a complete stack.  If you're willing to pay the money you can have just one throat to choke.  However, this type of lock-in stifles creativity and competition.  It makes me wonder: Are we headed towards a world where there are only a couple of Software Juggernauts offering a wall-to-wall astroturf solution with a swarm of tiny niche companies fighting over the crumbs?


Apparenlty the left hand is not talking to the right. hand. The RSA secure console is not fully supported on a VM. One reason is that is using an Oracle database which gets cranky if you try to VMotion without shutting down first.