Blog Archives

Edward Haletky
Edward HaletkyEdward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

Recovery Lessons Learned from Storage Failure

June 3, 2014
By
VirtualizationBackup

Recently, we experienced a fairly catastrophic SAN failure: we lost two drives of a RAID-5 array. Needless to say, recovery was time-consuming, but it also pointed out some general issues with many disaster recovery, business continuity, and general architectures involved with virtual environments. Luckily, we were able to start one of the drives, let the…

Read more »

Securing Clouds from Service Providers

May 22, 2014
By
SecuringCloudsTheFuture-thumb

Secure multi-tenancy is not just about ensuring security and segregation between tenants. It is also about limiting, auditing, and tracking the activities of a cloud service provider within a tenancy or that touches upon more than one tenant, which of course includes any activity that occurs within the hypervisor, storage, or other layers of the…

Read more »

Is SDDC a Product or a Mindset?

April 30, 2014
By
Secure Hybrid Cloud

My response to Stephen Foskett’s tweet of a post about the Software-Defined Data Center (SDDC) Symposium led to an interesting conversation about the nature of the SDDC—what it is, what it is not, and why we should care. The software-defined data center is considered by some to be an instrument of vendor lock-in, vaporware, or…

Read more »

Security DevOps (SecDevOps)

April 22, 2014
By
Security DevOps (SecDevOps)

At InfoSec World a few weeks ago, I was in a talk with Rich Mogull (@rmogull) of Securosis. Rich spoke on the concept of SecDevOps while demonstrating how he applies this concept to workloads running within Amazon. Now, some would argue that DevOps already contains security practices within the workflows. The unfortunate reality is that,…

Read more »

Are There Greenfield Deployments of Virtual and Cloud Environments?

April 16, 2014
By
DataCenterVirtualization

Let me start out by saying that I see more discussions about greenfield deployments of products than I do of migration/integration by vendors. Personally, I think there is no such thing as a greenfield deployment unless the organization is just starting out, creating a brand new data center, or perhaps has money to waste. In…

Read more »

State of the Art: Virtual Desktop Security

April 11, 2014
By
VirtualizationSecurity

User experience drives virtual desktop deployments and can either make or break them. If the user experience is awful, users will find other, often less secure methods for doing their jobs. VDI sits at an interesting crossroads where storage, memory, networking, CPUs, and GPUs must be properly tuned. Any adverse impact from any one of…

Read more »

Cloud Security Monitoring

March 25, 2014
By
Secure Hybrid Cloud

Have you ever wondered what was going on within a cloud regardless of type? SaaS? PaaS? IaaS? Do you need to audit these environments to ensure compliance with your security policy (not to mention the subset of your security policy that contains regulatory compliance)? To provide solutions for these issues, a number companies both new…

Read more »

RSA Conference Roundup

March 13, 2014
By
VirtualizationSecurity

It has now been a few weeks since RSA Conference 2014. A number of very disparate items to consider were announced at the conference. We covered some of them on the Virtualization Security Podcast held at the NSS Labs hospitality suite at the conference. Yet there is still more to consider. The impact of the…

Read more »

News: AFORE Adds SecureVM and SecureFile to Cloudlink

February 24, 2014
By
AFORE logo 120_36_

AFORE Solutions’ goal has been to provide not only data at rest encryption but also data in motion encryption at all levels of the cloud stack, such that not even the cloud providers can see or change your data. This level of confidentiality does not exist within existing public or private clouds without a little…

Read more »

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio

Featured Solutions