The Virtualization Practice

Tag Archive for Virtualization Security Podcast

The Virtualization Security Podcast on 7/22 was all about the news of the week with our panelists discussing how this news affects everyone and anyone with respect to Virtualization Security. The news discussed:

* NIST Released their Guide to Security for Full Virtualization Technologies (Draft)
* There is a Security issue with VMware vSphere 4.1
* VMware discussed the new vShield Zones Edge and vShield App products
* HyTrust and Catbird announced a cooperative effort

During the Virtualization Security Podcast on 7/8, Vizioncore’s Thomas Bryant joined us to discuss the state of virtualization backup security and forensic use of such backups. In the world of virtualization, backups are performed mostly by 4 distinct vendors: VMware Data Recovery (VDR) and VMware Consolidated Backup (VCB), Vizioncore vRanger, Veeam, and PHD Virtual Backup for vSphere. Each of these provide the most basic of security capabilities:

* Encrypted tunnels for data movement (SSL)
* Encryption of the backup

But in the increasing global nature of businesses and the difference in privacy laws between townships, states, and the need for Secure Multi-Tenancy, backup companies fall short with their products while making it increasing harder to use backups as a source of forensically sound data.

During the Virtualization Security Podcast on 5/13, IBM’s David Abercrombie joined us to discuss IBM’s Virtualization Security Protection for VMware (VSP) which contains several exciting uses of the VMsafe API for VMware vSphere. These being:

* Network: Network Monitoring, Firewall, Access Control, and a Protocol Analysis Module
* Memory: Rootkit Detection

During the last Virtualization Security Podcast, our guest had to postpone so we discussed to several interesting topics all related to Digital Forensics and how encryption would best work within the virtual environment. Our very own Michael Berman, in a previous life was a forensic investigator and had some great insights into the problem of digital forensic within the virtual environment.

The most recent Virtualization Security Podcast was on the subject of virtualization security for the SMB. Specifically cover the case where the customer wanting virtualization security could afford to purchase a hypervisor and perhaps one other security product. In the end the panelists came up with a list of suggestions for virtualization security for the SMB that are applicable to all levels of Virtualization. The panel looked at SMB security with an eye towards Availability, Integrity, and Confidentiality.

The Cisco-VMware-NetApp (CVN) was discussed on the Virtualization Security Podcast as it pertains to Secure Multi-Tenancy (SMT). This is a major concern that was also discussed at RSA Conference 2010 within the Cloud Security Alliance Summit. The question still remains how to achieve this goal however. CVN is a very good start, but as we discussed on the podcast is missing some key elements.

Rethinking vNetwork Security

Brad Hedlund of Cisco asked the question, should the physical network security policy be different than the virtual network security policy? The answer is obviously no, but why are they treated separately? I and other have pushed the concept that to gain performance, redundancy, and security that you should use multiple network links to your virtualization host to separate traffic. However, does this really give you security?

I recently participated in the InformationWeek Dark Security Virtual Event as a panel member with Hoff, Craig Balding, Chris Wolf, Glenn Brunette, and Jon Oberheide. A very far ranging group of individuals from research, security organizations, analysts, and authors. What is interesting is that most of these same people have joined me on the Virtualization Security Podcast, and the others I hope to have as guests next year. There was one question that set me to thinking even more, do we need a new way of thinking about virtualization security?