The Virtualization Practice

Tag Archive for Symantec

VirtualizationSecurity

VMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well known and prevalent attack within the virtualization management trust zones: SSL Man in the Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well for backwards compatibility and to allow management when SSO is not in use. However does this change how we look at virtualization and cloud management security best practices? Is this a launch point for implementing other authentication techniques?

DataCenterVirtualization

Is it possible to use a Cloud Framework to better secure your datacenter? Does cloud technologies provide a secure framework for building more than just clouds? We all know that virtualization is a building block to the cloud, but there may be a way to use cloud frameworks to first secure your datacenter before you launch a private, public, or hybrid cloud. In essence, we can use tools like vCloud Director to provide a more secure environment that properly segregates trustzones from one another while allowing specific accesses.

VirtualizationSecurity

Symantec and others are providing more products that fill the gaps in current End-to-End Hybrid Cloud Security. These solutions range to improved log analysis through multi-layer security for critical systems. If these solutions are rolled out would we finally have secure environments? Would we be approaching the dream of secure multi-tenancy? But first what are the products that have come to light?

VirtualizationSecurity

The 3/22 Virtualization Security Podcast brought to light the capabilities of Symantec Critical System Protection (CSP) software. This software successfully implements a manageable version of mandatory access control policies based on role-based and multi-level security functionality within the virtual environment. More specifically on those systems that are critical to the well being and health of your virtual and cloud environments such as all your management and control-plane tools (VMware vCenter, Microsoft SCVVM, XenConsole, etc.). In addition, Symantec CSP will monitor your virtualization hosts for common security issues. This in itself is great news but why are we just hearing about this now? Is this a replacement for other security tools?

VirtualizationBackup

While participating in the GestaltIT Virtualization Field Day #2, I was asking Symantec about Application Aware Backups. In other words, could one backup an entire application, regardless of how the application was defined. This concept goes hand in hand with Application Aware Security measures. We can always backup VMs and their data to remote locations, but can we backup or maintain the application interactions within a multi-VM Application regardless of how it is defined.

2011 saw an increase in virtualized and cloud data protection solution partnerships and advancements. One of the biggest advancements is the growing support for Microsoft Hyper-V from long-time VMware specific backup solutions. Included in the new partnerships are team ups between performance management and data protection solutions, as well as an increase in the methods for replication and other forms of data protection. 2011 was a very big year in the Data Protection arena of cloud and virtualization. This is the 2011 Year in Review for data protection.

Agent and Agent-less Backup in the Virtual Environment

There is some debate amongst backup vendors on what defines an agent, some consider any amount of scripting to be an agent, while others imply it is what does the data transfer plus any amount of scripting necessary. Is there a need for both Agent and Agent-less within a virtual environment? This also begs the question, who is responsible for properly handling the application whose data you are backing up?