Why I joined Hysolate

Every once in a great while (if you’re really lucky), you face a major life decision that you believe is a no-brainer. From the moment I discovered Hysolate and the organization that Tal Zamir and Dan Dinnar forged within Team8 over past few years, I knew this was the opportunity I had been waiting for. So when we met and the guys offered me the chance to join, I jumped without hesitation.

Why?

I’ve been involved with endpoint virtualization my entire career. First with Citrix, then Softricity, then Microsoft, Desktone and RES. Since the early days, I always knew there had to be a better way to secure and manage desktops and laptops. In the 90s, I drank the Citrix Kool-Aid and believed that Server-Based Computing (SBC aka Terminal Services aka Remote Desktop Services) would be the way to alleviate the pain of endpoint security/management. In the mid-2000s, VDI was born and brought with it even greater promise for desktop admins everywhere (remember “20XX is the Year of VDI”? ;^>). But, of course, now it’s 2018 and we’re still struggling with endpoint complexity and the age-old conflict between end-user productivity and IT security/manageability. Personally, I had given up all hope and even changed my professional focus to data center solutions.

Then, like an oasis in an arid desert, I stumbled across Hysolate. Our CEO Tal had been living a parallel life in Israel and driven important innovation in the desktop virtualization space through his product leadership at Wanova (acquired by VMware). After a few years in VMware CTO’s office, he decided to start from scratch once again and collaborated with the brain trust at Team8, the world’s first and leading cybersecurity “foundry” (a hybrid VC/incubator) to rethink endpoint security. And guess what they concluded? That endpoint virtualization (which we at Hysolate call “Software-Defined Endpoints”) was the way to change the game. Oh, the irony!

But what kind of endpoint virtualization specifically? It’s a model of desktop virtualization us vets affectionately call “Client Hypervisor” (more specifically, a type-1 or bare metal client hypervisor). If you’ve ever used VMware Fusion, Parallels Desktop or Oracle VM Virtual Box, then you have some idea what I’m talking about. However, those solutions are type-2 or hosted hypervisors, which means they first require a host OS like Windows, MacOS or Linux to be traditionally installed. And that means if someone hacks your host OS, he or she can compromise the security of your entire endpoint and in the worst case (which these days is becoming all too common), the rest of your network.

At Hysolate, we’re revolutionizing the endpoint by putting a hypervisor below (as opposed to within) the OS, just like Microsoft, VMware and Xen have been doing with servers for almost two decades. This important difference is the key. By abstracting the primary client OS environment that end-users access, we’re able to provide an unprecedented level of endpoint security and manageability.

However, that’s not all. There are two other key innovations that make Hysolate’s approach both unique and viable:

1. Seamless User Experience — all of this endpoint hypervisor stuff sounds great, but is useless unless it’s completely transparent to end-users. If we’ve learned one thing from 20 years of RDS and VDI, it’s that the average knowledge worker simply has no patience to work in a way they perceive as different from their traditional endpoint experience. Specifically, that means forcing end-users to learn new ways to switch or cut-and-paste between desktop environments, figure out how/where to save files, print, etc. is an absolute no-no. Through our innovative implementation of seamless windows and related capabilities, Hysolate provides a “native” and intuitive experience for your non-technical users and overcomes this critical barrier to endpoint virtualization adoption. It also gives IT powerful control over what can be cut-and-pasted (or not) between user VMs, what file types can be copied (or blocked), what content can be screen-scraped (or not), what URLs can be accessed/blocked or redirected to another user VM and what peripherals can be connected (or blocked ) — and much, much more.
2. Network VM — isolating different end-user environments at the OS level is the best way to ensure security on your endpoints. However, we live in a highly-connected world (one in which malware thrives) and these different environments must talk to the rest of the corporate network and, of course, the Internet. That’s why Hysolate includes a software-defined networking (SDN) subsystem which is implemented as a hidden VM within the platform. All traffic between the user VMs and any network (corporate, home, public, Internet) is routed through this Network VM. This allows IT complete control over which of a user’s VMs can access which networks and is another unique innovation that’s part of Hysolate’s secret sauce.

There’s so much more to discuss but I’ll restrain myself for now (certainly not easy ;^>). Suffice it to say, I believe that Hysolate is the most disruptive solution in endpoint virtualization since the introduction of Citrix WinFrame more than 20 years ago. At the same time, it’s also redefining how enterprises manage endpoint security. Of course, only time will tell but I’m super-excited to be part of the team and looking forward to an amazing journey!