The Virtualization Practice

Tag Archive for catbird

Christofer Hoff (@Beaker) and I had a short discussion on twitter the other day about the VMware Cloud Director (vCD) security guidance. We both felt it was a bit lite and missed the point of Secure Multi Tenancy. However, I feel even more strongly that people will implement what is in the vCD Guidance, vBlock Security Guidance, and the vSphere Hardening Guidance, and in effect have a completely insecure cloud. These three guides look at the problem as if they were singular entities and not as a whole.

Virtualization Security was one of the BIG Deals at VMworld with several announcements:

* VMware vShield Edge, App, and End Point
* Trend Micro will have the first product making use of vShield End Point
* Cisco Virtual Security Gateway (VSG)
* HyTrust and their growing list of technology partners

But the biggest news is that Virtualization Security is finally on the radar of most if not all C-level as it is now seen as the gate to entering the cloud. But before we can solve the cloud security issue we have to solve the virtualization security issues. VMware’s announcement has the most impact on the virtualization security ecosystem. At once they are competing head-to-head with some vendors while providing a platform to use for other vendors.

Nearly everyone I talked to at VMworld was buzzing in some form about Virtualization Security. Everyone has picked up on the pre-show buzz from VMware, Trend Micro, HyTrust, and every other security vendor. This week will tell. There are announcements about security, keynote sessions that include security, and more than a few sessions about security.

This is also arguably the first VMworld where there are a large number of Virtualization Security sessions and panels at VMworld that are not entirely from VMware. I find involving the industry as they have at this specific conference moves forward the entire virtualization security ecosystem.

In the End-to-End Virtualization Security Whitepaper we review various aspects of server security with an eye to determining how the products would work together to create a secure virtual environment. While some of these tools are cross-platform, the vast majority of them are geared specifically to VMware vSphere.

In this post we will look at Server Security, and we will follow-up with another post about Desktop Security? Are these very different? I believe so, desktops have daily, second by second user interactions. For desktops, one of the most important aspects is look and feel such as response time for actions. So things need to be as fast as possible. With Servers however, user interactions are limited and therefore have slightly different performance and security requirements. What may be acceptable for a server may not be acceptable for a desktop. So what do the tools provide for servers?

The Virtualization Security Podcast on 7/22 was all about the news of the week with our panelists discussing how this news affects everyone and anyone with respect to Virtualization Security. The news discussed:

* NIST Released their Guide to Security for Full Virtualization Technologies (Draft)
* There is a Security issue with VMware vSphere 4.1
* VMware discussed the new vShield Zones Edge and vShield App products
* HyTrust and Catbird announced a cooperative effort

While at RSA Conference I visited the RSA Innovation Sandbox and noticed that three out of ten virtualization security vendors were finalists:

* Altor Networks
* Catbird Security
* HyTrust

Alto Networks won the Innovation Sandbox contest and all that goes with it. Congratulations to them, but Altor’s win is actually a win for all virtualization security players. It shows that virtualization security is extremely important to the data center as well as moving forward to the cloud.

Top