On 10/6 was held the Virtualization Security Podcast featuring Davi Ottenheimer in his role as a QSA. Davi holds down many roles working with companies such as VMware, yet he maintains his QSA credentials and applies his knowledge of PCI Compliance. In this podcast we ask the question, is a virtual environment always mixed-mode and what to do if your QSA does not have the knowledge required to do the job?
The Virtualization Security Podcast on 9/16 was the first in a series of Virtual Desktop Security discussions we will be having. The special guest panelist was Bill McGee from Trend Micro who helped us to understand their implementation of Deep Security 7.5’s Anti-Virus and Anti-Malware (AV collectively) within the virtual desktop.
Trend Micro’s product makes use of enabling technology within vShield Endpoint to provide offloaded AV and Anti-Malware scanning of virtual machines using only one set of rules and one VM to do the actual scanning. Removing the per VM rule set and processing that currently takes place within the VM.
I wonder how many of us remember when VMware bought BlueLane and their technology, good things were promised, we saw the first part with the release of vSphere when they introduced vShield Zones. This was a “Free” product for those of you that had any version above Advanced vSphere and to be fair for a 1.0 release was a nice weapon to have in your armoury when dealing with the Security during a design and implementation phase.
At VMworld 2010 San Francisco VMware announced and released the expanded and improved vShield family of products. it however now a costed product, now the good news is that vShield Zones been not been removed from the vSphere suite, and are still “Free” the the correctly licensed level of vSphere.