VMware acquires Blue Lane: "virtualization.info has just leaned that VMware acquired the security vendor Blue Lane Technologies.
The company, popular for its inline patching technology, entered the virtualization market at the beginning of 2007 and completely refocused its effort around the VMware Infrastructure over the last two years."
(Via virtualization.info.)
Wow. This is a really big deal with the upcoming VMSafe APIs from VMware. This should get rid of the current issues around this kind of appliance that requires that the box be inline on your network. I haven't used it directly myself, but I have a few customers that swear by it.
Since the virtual switches and virtual networking components are nothing but memory constructs inside your ESX server, you could patch your entire environment by deploying a single signature update to your Blue Lane instance inside the ESX Servers - and equally important, pull it out if it causes problems without touching any of your virtual machines.
This is extremely important since much of the critical patching on Windows servers are security patches. If I can externalize that, and stop patching my servers directly this eases a major pain point for Windows administration.
This spills over into other stuff like Template management that you can stop patching manually or keeping multiple generations of templates based on application compatibility issues. This obviously ties in nicely with the cluster-wide vSwitch management so that the same rules are applied globally across a cluster.
Now the big question is going to be about the granularity of control - will you/can you specify patches by individual VMs, by port groups or vSwitches? Oh - and pricing.