I often get asked about market trends and why VMware would buy Mozy and Sliderocket. I don’t usually like to indulge the speculation. However, take a look at today’s announcement on the vCenter Orchestrator Plug-in for Microsoft Active Directory and you have to see how security tools help build the foundation of a new user platform.

The VMware vCenter Orchestrator plug-in for Microsoft Active Directory allows organizations to automate the management of directory services tasks, particularly as they pertain to cloud provisioning use cases. For instance, the plug-in enables the automatic provisioning of vCloud Director organizations based on data retrieved from Active Directory.

It just became a little easier to run your office in a provider environment. You can stand up some of your own apps or use provider managed productivity apps like SlideRocket and Zimbra in a handy vCloud environment with credentials already under your control.

The new capabilities also bring to mind new risks, which I am happy to speculate about and will discuss next week in my presentation at Interop.

If we accept the premise that the perimeter model of security is eroding and systems are becoming a loosely federated collection of compute power and storage…then will firewalls even exist? Yes, and I don’t see the perimeter going away.

Case in point, Whisper Systems’ new product for Andoid:

Dynamic egress filtering.

When enabled, WhisperMonitor will monitor all outbound network traffic and issue dynamic prompts in order to determine egress filter rules.

Excellent feature. ZoneAlarm was famous for this. Knowing who your device is communicating with seems like an obvious requirement for security controls. However, far too many spend all their time focused on blocking inbound traffic only. Filtering outbound traffic is just as important.

Of course that begs the question of monitoring:

Connection history.

WhisperMonitor optionally records the connection history of the software installed on your device, giving you insight into where it is connecting and how often.

What I can’t find in the WhisperMonitor is the ability to setup zones or profiles, a usual feature of firewalls. It would be excellent to be able to switch between a work mode with egress to a certain set of systems, and a personal or home mode with different egress rules.

That might be something more likely to be found in Juniper Pulse, which allows egress filtering for Symbian S60 devices based on configuration policies (not yet for Android).

Speaking of Pulse, imagine if you could tunnel all traffic from the mobile device back to your home router and then filter it there. That could be handy for those who want to manage and monitor a policy for all their phones — a single shared egress point with a perimeter for all mobile users in a family or group.