During the last Virtualization Security Podcast, our guest had to postpone so we discussed to several interesting topics all related to Digital Forensics and how encryption would best work within the virtual environment. Our very own Michael Berman, in a previous life was a forensic investigator and had some great insights into the problem of digital forensic within the virtual environment.
I participated in GestaltIT’s TechFieldDay which is a sort of inverse conference, where the bloggers and independent analysts go to the vendors and then discuss the information they have received. We visited the following virtualization vendors:
* vKernel where we were introduced to their Predictive Capacity Planning tools
* EMC where we discussed integration of storage into the virtualization management tools as well as other hypervisor integrations
* Cisco where CVN and CVE were discussed in detail.
I participated in GestaltIT’s TechFieldDay which is a sort of inverse conference, where the bloggers and independent analysts go to the vendors and then discuss the information they have received. We visited the following storage vendors:
* Data Robotics where we were introduced to the new Drobo FS
* EMC where we discussed stretched storage and other interesting futures
* HP where we were introduced to the IBRIX products
Since coming out with VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment, I have continued to consider aspects of Digital Forensics and how current methodologies would be impacted by the cloud. My use case for this is 40,000 VMs with 512 Servers and roughly 1000 tenants. What I would consider a medium size fully functioning cloud built upon virtualization technology where the environment is agile. The cloud would furthermore contain roughly 64TBs of disk across multiple storage technologies and 48TBs of memory. Now if you do not think this exists today, you were not at VMworld 2009, where such a monster was the datacenter for the entire show and existed just as you came down the escalators to the keynote session.
Data Robotics just announced the Drobo FS. Drobo FS via Drobo Apps (which are free) will have a link to the Oxygen Cloud. This could lead to several interesting options for the small business to large enterprise with respect to data storage and accessibility. Not to mention protection.
• • 3 Comments
Virtualization Security vendors are starting to seriously investigate the possibilities of the various introspection APIs available to the hypervisors. Introspection APIs allow security groups to now investigate the security of a virtual network, virtual machine, and other components from without. In other words, why rely on an agent within the VM to protect your network, virtual machine, or components. Instead, we can use these APIs to peer into these components from without the system to be tested.
On the most recent Virtualization Security Podcast, the panel was joined by VMware’s Charu Chaubal to discuss the latest draft of the VMware vSphere hardening guide.
Veeam has introduced a new product named SureBackup. SureBackup is designed to not only use Veeam’s Backup technology to backup your virtual machines (VMs) but will also test the restoration of each of these VMs to ensure that they at least boot and at most the applications involved are actually running within the VM.
In many ways, the IT world has gone certification happy. Nearly every job requirement lists certifications as well as length of service, however, in the realm of cloud computing and virtualization what do these certifications mean? Are they even valuable? Is there a general enough certification that covers all the hypervisors, is there a third party certification available?
Join my Circle on Google+
Plugin by Social Author Bio