Posts Tagged ‘ HyTrust ’

Privileged Accounts within SDDC

February 14, 2014
By
Privileged Accounts within SDDC

As your software-defined data center (SDDC) grows, so does the quantity of privileged accounts. This was the discussion on the Virtualization Security Podcast of February 13, 2014, where we were joined by Thycotic Software. Privileged accounts are used by administrators and others to fix issues, set up new users, add new workloads, move workloads around…

Read more »

A Tale of Two Clouds

December 5, 2013
By
CloudComputing

Recently I have had the pleasure of discussing security with a number of cloud providers. Specifically, we talked about what security they implement and how they inform their tenants of security-related issues. In other words, do they provide transparency? I have come to an early conclusion that there are two types of clouds out there:…

Read more »

API Security within the Hybrid Cloud

August 5, 2013
By
API Security within the Hybrid Cloud

The Hybrid Cloud has 100s if not 1000s of APIs in use at any time. API security therefore becomes a crucial part of any hybrid cloud environment. There are only so many ways to secure an API, we can limit its access, check the commands, encrypt the data transfer, employ API level role based access…

Read more »

Delegate User Problem and Proxies

May 30, 2013
By
VirtualizationSecurity

By far, the lowest hanging fruit of virtualization and cloud environment security is the segregation of your management control from your workloads. Separation of data and control planes have been recommended for everything from storage (EMC ViPR) up to the workloads running within virtual machines. The same holds true for cloud and virtual environment management…

Read more »

RSA Conference: What was Interesting

March 4, 2013
By
RSA Conference: What was Interesting

As I met with people at RSA Conference last week, the common question was: What was interesting and new? My view was from the world of virtualization and cloud security, which often differs from general or mobile security. This show was more about general and mobile security than it was about virtualization and cloud security…

Read more »

Defense in Depth: Authentication and Authorization

September 13, 2012
By
VirtualizationSecurity

On the 7/29 Virtualization Security podcast we continued our discussions on defense in depth. We discussed authentication and authorization with IdentityLogix. IdentityLogix provides a unique solution that correlates users and groups against VMware vSphere's own role based access control stores. In other words, IdentityLogix can identify if a user or group within active directory has…

Read more »

VMworld 2012: First Thoughts and Observations

August 29, 2012
By
VMworld2012150x27

Now that VMworld 2012 is well underway I wanted to share some of my first thoughts and observations about the conference. At the start of the conference, during the first General Session, the virtual passing of the torch from the outgoing CEO, Paul Maritz to the new incoming CEO, Pat Gelsinger took place with Mr.…

Read more »

Defense in Depth: Firewalls within the Virtual Environment

June 18, 2012
By
VirtualizationSecurity

The 6/14 Virtualization Security Podcast we spoke about firewall placement within the virtual environment as well as storage based defense in depth. While we covered Encryption on the 5/31 podcast, in the 6/14 podcast we covered other measures when dealing with storage (which will be part of a followup post). This conversation was slightly different…

Read more »

Filling the Gaps: Focus on Application Security

May 24, 2012
By
VirtualizationSecurity

Symantec and others are providing more products that fill the gaps in current End-to-End Hybrid Cloud Security. These solutions range to improved log analysis through multi-layer security for critical systems. If these solutions are rolled out would we finally have secure environments? Would we be approaching the dream of secure multi-tenancy? But first what are…

Read more »

Featured Solutions