Earlier this year, some Tripwire marketing people and I were discussing how we could build more awareness for both our existing and upcoming virtualization security products.  Virtualization, being relatively new, wasn’t yet on the radar screen of our traditional IT security and compliance audience.  We recognized the need to get the attention of a new audience, the engineers who directly manage the VMware infrastructure because they have the responsibility to configure the virtual infrastructure securely.  During our brainstorming about how to get their attention we came up with the idea to offer them a free utility to assess the security posture of their VMware ESX hosts.

I have to say that I did some serious soul searching about diverting scarce R&D resources to develop a free product because R&D never has enough resources to develop all of the things I would like to have in our commercial products.  Like most independent software vendors Tripwire approves development of new products/features based on the revenue they are expected to generate.  Free utilities didn’t fit into our “develop for dollars” model, plus I was concerned that a free utility might cannibalize revenue from our commercial products.  About this time, VMware asked us to develop a free utility to assess the security configuration of their virtual infrastructure.  This gave us the impetus we needed to develop the free utility, ConfigCheck.  We bit the bullet, developed ConfigCheck very quickly and launched it on July 5th.

ConfigCheck, virtualization, virtualization security

This entry was posted on Monday, November 24th, 2008 at 9:21 am and is filed under Virtual Product Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.