On the January 2, 2014, the Virtualization Security Podcast was joined on the spur of the moment by @Josh_Atwell, who works for VCE, to discuss the security of converged infrastructures. This was of particular interest to me due to my current research on the security of a VCE Vblock. The research got me thinking about…
• • 1 Comment
Security is not compliance and compliance will not get you security. At least that is what I hear from security teams. Conversations with security focal team members from non-security focal people can be quite interesting and has its unique challenges and hurtles to overcome. You can find yourself speaking the same language but not fully understanding each other very well at all. One topic point of discussion is that “security is not compliance and compliance will not get you security.” Or does it?
Brad Hedlund of Cisco asked the question, should the physical network security policy be different than the virtual network security policy? The answer is obviously no, but why are they treated separately? I and other have pushed the concept that to gain performance, redundancy, and security that you should use multiple network links to your virtualization host to separate traffic. However, does this really give you security?