Security baselines and security health checks are an important part of any modern day infrastructure. These checks are done periodically throughout the year, usually ever quarter. In my opinion this is a good thing to check and make sure your security settings are following the guidelines that the company has set out to achieve. Here is where I do have a problem. When setting up the guidelines for the different technologies in your infrastructure it would make the most sense that the people establishing the guidelines need to fully understand the technology they are working with. After all, would you really want the midrange or mainframe group to write the policies and guidelines for the Microsoft Windows Servers in your environment?
• • 3 Comments
They say there’s no such thing as bad weather – just the wrong sort of clothes. Likewise, there shouldn’t be such a thing as a bad user profile experience – its more likely you’ve the wrong type of profile solution. VMWare View users can undoubtedly look forward to faster logon times, but is that the only thing they need?
In many ways, the IT world has gone certification happy. Nearly every job requirement lists certifications as well as length of service, however, in the realm of cloud computing and virtualization what do these certifications mean? Are they even valuable? Is there a general enough certification that covers all the hypervisors, is there a third party certification available?
Many of these books including the first two are on the Intel Recommended Reading List. [tab:VMware Titles] VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment by Edward Haletky [Prentice Hall] Price: $52.24 Networking for VMware Administrators (VMware Press Technology) by Christopher Wahl [VMware Press] Price: $37.13 VMware Network Virtualization: Connectivity for the Software-Designed…
The Virtualization Security Round Table Podcast provides an open forum to discuss all things related to Virtualization, Virtual Environment, and Cloud Computing Security. The podcast is hosted by Talkshoe, with the after podcast write-ups and notes are hosted here. The podcast can also be found on iTunes. For more on Virtualization and Cloud Security you…
We recently received a presentation on a combined solution from Eucalyptus and Terracotta. Initially we were suspicious because they clearly share an investor – Benchmark Capital. Was this a PowerPoint integration dreamt up by two Venture Capitalists over a power breakfast? However, the combined solution was presented by some very plausible techies with a real-live demo and does look as though it starts to provide a generally-useful abstraction over which to deploy scalable applications (specifically Java stacks), and it too works with commodity hardware. It’s not as slick as the 3Tera solution, more of a command-line approach, but it potentially has the edge in scalability.
I had the opportunity to present on Applications Performance Management for Cloud Hosted Applications at the Cloud Connect Conference in Santa Clara CA on March 15, 2010. It was an eventful presentation as I was part of panel assembled by Hon Won (former founder of NetIQ and now EVP of Business Development at Coradiant). The panels included users of business critical applications in the cloud, cloud vendors, and vendors of performance management applications for cloud hosted applications.
The most recent Virtualization Security Podcast was on the subject of virtualization security for the SMB. Specifically cover the case where the customer wanting virtualization security could afford to purchase a hypervisor and perhaps one other security product. In the end the panelists came up with a list of suggestions for virtualization security for the SMB that are applicable to all levels of Virtualization. The panel looked at SMB security with an eye towards Availability, Integrity, and Confidentiality.