Skip to content
December 11, 2016 / Dan Allen

Virtualization Based Security is Here – Prepare for Liftoff!


  • Bromium is well known for its revolutionary approach of using micro-virtualization to solve the endpoint security challenge.
  • Virtualization is the most secure method for isolating untrusted content and protecting users from the internet, email, USB, and other external sources.
  • Even Microsoft has now embraced the concept by adding some basic micro-virtualization capabilities natively into Windows 10.

liftoffNo one argues the fact that virtualization is the most secure approach to solving the cyber security dilemma. However, the biggest challenge and question that must be answered is whether virtualization can be run on an end user’s device without sucking up all the system resources and causing a poor user experience. The only thing anyone questions about the Bromium approach to security is whether it can meet the performance demands of today’s users.

If you remember, about 10 years ago we had this same conversation about virtualization in the data center. Back in 2005, I remember helping customers implement VMware ESX Server 2.5 and the great skepticism there was as to whether enterprise SQL servers, Exchange Servers or Citrix Terminal Servers would ever be able to be hosted as a virtual machine. Sure, VMware ESX was cool and had some niche use cases, but would it ever fully replace physical servers for most enterprise workloads? How did that turn out? In 2006 Intel and AMD introduced the first virtualization features on their CPUs and VMware released ESX 3.0 The enterprise data center was forever changed and cloud computing was born.

Client-side virtualization goes mainstream.

We stand poised on the same precipice today ready to leap into the world of client-side virtualization. Client-side virtualization is about to go mainstream. The journey has not been easy. Seamlessly integrating virtualization into the end user desktop has actually been more challenging than virtualizing server workloads.

The following items have proved difficult…

  • Achieving VM density with acceptable performance on desktop hardware
  • Seamlessly integrating virtual applications as if they were native

I’m happy to say that Bromium has finally cracked the code on all of the key challenges that have held back client side virtualization.

The breakthroughs that the Bromium engineers have made are nothing short of miraculous. If you were to tell me that I could run 10, 20, 30 or more VMs concurrently on a 5 year old laptop with an i5 Sandy Bridge processor and 4 GB RAM back in 2011 when it was released, I would have told you that you were insane! Yet, that is what you can now do with Bromium technology. For more than 6 years now, most desktop CPUs from both Intel and AMD have been shipping with virtualization extensions for memory management (Intel EPT and AMD RVI) that provide the underlying foundation to drive VM performance and density.

The hypervisor engineers at Bromium are second to none.

After all, these are the same folks that created the Xen hypervisor which powers that world’s largest cloud. Additionally, our browser and application engineers know Windows inside and out, and are experts in seamlessly integrating virtual applications into a user’s desktop. What we have been able to achieve with our latest release, 3.2 Update 5, is the full integration of a virtualization engine into Windows that is both seamless and adds little to negligible overhead! However, our innovation is far from complete. With our upcoming 3.3 release in January next year, we will improve the user experience even more and simplify the deployment process while adding additional capabilities. 2016 marks the year when Bromium technology passed the bar from a performance and scalability perspective and 2017 will be year we simplify the deployment process.

First and foremost, I’d like to thank our many customers that have shared in this journey with us. We have loyal customers with tremendous vision. Our visionary customers have understood that virtualization-based security is the only way to truly secure their enterprise endpoints and many of them have been with us since the beginning when Bromium was little more than an idea. It gives us great pleasure to now provide our customers with an unbreakable virtualization platform that not only protects them, but is also a pleasure to use and provides a fantastic user experience!

Talk is cheap, so now it’s time for us to prove to everyone the amazing power of the Bromium platform. In the next series of articles and videos, we will show you the incredible power and virtualization performance of the latest release of Bromium!

For some real data and numbers check out the next article

%d bloggers like this: