The 12/13 Virtualization Security Podcast featured George Reese CTO on enStratus as our guest panelist. We discussed Cloud API security or more to the point the lack of real cloud API security. To paraphrase George: Some got it, others do not. So what makes up a good cloud API? how can we fix broken cloud APIs?
It is time to expand the virtual playing field. Since the release of both Hyper-V 2012 and vSphere 5.1, there have been an abundant amount of posts comparing the two hypervisors in a head to head fashion. All the different charts, graphs, and tables point to the fact that when comparing maximum values head to head.
If Cisco were to acquire Citrix, it would immediately boost Cisco’s business via the integration of Netscaler into Cisco’s product line. It would further significantly strengthen Cisco’s hand in positioning vs VMware SDDC strategy. It would also pretty much cement the position of VMware and Cisco as two competing vendors of Software Defined Data Centers.
On the 11/29 Virtualization Security Podcast Omar Khawaja the global managing principle at Verizon Terremark Security Solutions joined us to discuss Verizon’s 12 step program for entering the cloud. This 12 step program concentrates on the IT and Security admins working together with the business to identify all types of data that could be placed into the cloud, and to classify that data. Once this is complete, the next steps are to understand the compliance and security required to protect the data and to access the data. It is a Data Centric approach to moving to the cloud.
The Pivotal Initiative is is a bold bet to reinvent how applications are built and upon what platforms they run. While VMware has revolutionized data center operations, and public cloud vendors like Amazon, Microsoft, Google and the OpenStack cabal have revolutionized Infrastructure as a Service upon demand, the future of how applications are built, deployed and managed in production remains unresolved. Maritz and Pivotal are putting a bold stake in the ground as to one way that this will turn out. The value that the IT industry brings to the business hangs in the outcome of this battle.
Windows Server 2012 Hyper-V in your private cloud, specifically in a Microsoft Windows VM environment, can be delivered for cost effectively. With 2012 Hyper-V, any Microsoft edition has the exact same virtualization and fail-over clustering features & scalability. The key market play here is in the increased functionality that Microsoft has introduced however, Microsoft not only have to convince embedded and seasonsed VMware houses to move to a new release, but to convince those who saw Hyper-V in 2008 and 2008R2 that the product has a viable business maturity.
I can remember back in the day when we connected to the Internet via a modem and were charged by the minute while accessing the “Information Superhighway”. Now, the Internet and really, the network it runs on, has pretty much become invisible to the naked eye. Just as we expect the lights to turn on when we flick a switch, we also pretty much expect the internet to always beon and always available without thinking twice about it. Internet service providers have gotten past the point of only wanting Wi-Fi in your house to now working on providing connectivity to the entire city, giving the metro user internet access from inside and outside of your home or office.
There are threats to the cloud and there are risks within the cloud. A recent article from Tech Target Search Security blog spurred several thoughts. The main claim here is that there are not enough people who can differentiate threats and risks enough to talk to business leaders who may know very little about security, but do know the business. I have been known to state that there are prominent threats to my data once stored in the cloud and that we should plan to alleviate those threats to reduce our overall risk. But what is the risk?