Kazeon has announced the ability for their Information Server 3.1 Information Access and Management platform to perform identification, preservation, collection of data stored on VMware virtual machine instances and images. This is a very interesting feature as more people are starting to store data on VMs. General Counsels should take note when Sudhakar Muddu, Kazeon CEO, says “We saw end users actually hiding information from their corporations by using virtual images.”

From reading the press release and some articles, the capabilities appear to be:

  1. VMware support
    • Support is mentioned for ESX and ACE (on XP and Vista). Support for ESXi, Server, Workstation, and Fusion are not mentioned. VMware management products are not supported.
    • It is not mentioned if Kazeon can handle VMware images that are on, paused, and/or off. One may assume all are supported, but it would be nice if this was made explicit. Additional information on whether Kazeon needs to turn on or off images would also be useful information.
    • Additionally, although the software can find VMs on servers, laptops and desktops are mentioned as the primary targets. It would be interesting to know if using this software is sub-optimal for file servers, e.g. if it causes a high amount of server load which could slow performance.
    • VMware forensics would be an interesting feature for locating locating deleted files on VMware images. This is not mentioned and likely not included.
  2. Preservation / Legal hold
    • The software claims the ability to enforce legal holds on data in a VM. Andrew Conry-Murray reports “The software can enforce legal holds on information stored in a virtual machine, including making it read-only for the local user, or denying end user access to that information entirely.” A requirement for this to work may be the presence of administrator privileges on the OS, granting of such privileges to Kazeon, and the lack of such privileges assigned to the custodians.
  3. Collection
    • Kazeon claims the ability to collect data and files from the VMs to a central repository without changing meta data, including access and modify times.
  4. “Unknown or hidden virtual instances”
    • The press release makes a lot of mention of this; however, there is no mention of what they mean by this. This appears to be marketing hype for VMs that the organization isn’t aware that their employees have installed. However, people don’t usually say Microsoft Office documents are “unknown or hidden” simply because they are saved on a local hard disk without updating a central repository. Until there’s some clarification, it seems safe to assume this is marketing hype and the VM instances and images are not actually hidden, say using root kit type technologies to hide it from the file system and process monitoring system.

Overall this sounds like a very interesting feature and there is definitely a need to identify, preserve, and collect data on VMs. I look forward to learning more about it.

Website: kazeon.com

Pricing: Kazeon Information server starting from $4.30/GB (Source)

Management: Muddu Sudhakar, CEO

Funding: $44M (Latest: $21M, August 2006)

Investors: Redpoint Ventures, Clearstone Venture Partners, Goldman Sachs, Focus Ventures