For the most part, you can treat a VM like a physical machine WRT security. There do need to be concerns (proper planning) as far as who has access to the VMs, and that multiple VMs may be sharing the same NIC, and storage. Each VM is an isolated entity, and a user on one VM cannot get into another VM except how a user on one physical machine could get into another physical machine. As for the “free” question, we believe that Virtualization should be a part of the Operating System (like TCPIP stacks are today). This is important to us.