The Virtualization Practice

Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. ...
We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

StorageNetworking

Storage Security is not only about Encryption, which is just one aspect of Storage Security requirements for the virtual and cloud environments. It is also about increasing defense in depth and knowledge of what is touching your storage environment. As well as providing security around those touch points and to a great extent auditing and protecting the data residing within the storage devices regardless of where the devices live: within the virtual environment or within a cloud.

Virtualization.Management.Ecosystem2-150x62

Dell buying Quest transforms the Virtualization Management market. Dell’s presence in the market, customer base, and market reach combined with its product set will put Dell in a strong position to compete not only with VMware, but also to create serious pain for IBM, HP, CA, and BMC. Furthermore, the opportunities to integrate the various Dell solutions look to be able accelerate private and public cloud adoption which will in turn benefit Dell’s core server and storage businesses.

VirtualizationSecurity

One year after announcing that he and XenSource co-founder Ian Pratt were leaving Citrix to launch Bromium with former Pheonix Technologies CTO Gaurav Banga; Simon Crosby was back at the GigaOM Structure conference in San Francisco today to unveil Bromium’s micro-virtualization technology together with its plans to transform enterprise endpoint security.

VirtualizationSecurity

The 6/14 Virtualization Security Podcast we spoke about firewall placement within the virtual environment as well as storage based defense in depth. While we covered Encryption on the 5/31 podcast, in the 6/14 podcast we covered other measures when dealing with storage (which will be part of a followup post). This conversation was slightly different than all other firewall discussions, as it was about migrating from a physical environment to a virtual environment, and keeping the same firewall placements. Spurred by a customer, we sought to come to a set of guidelines to follow for defense in depth within the virtual as well as physical and hybrid cloud environments.

VirtualizationSecurity

The 5/31 Virtualization Security Podcast we spoke to High Cloud Security about encryption as a defense in depth, and where to place encryption within the virtual environment. This lead to an intriguing discussion about what is actually missing from current virtual environments when it comes to encryption. We can encrypt within each VM and we can encrypt within the networking fabric, as well as within the drives themselves, but currently that leaves several vulnerabilities and unencrypted locations that can be used as attack points. While we concentrated on vSphere, what we are discussing applies equally to all hypervisors.

CloudComputing

One of the decisions faced by anyone that wishes to have a cloud presence is what will be moved to the cloud, why, and whether or not there is a service that can be used instead of using virtual machines. Give The Virtualization Practice’s case, we plan on moving our customer facing VMs to the cloud, but what are those machines? The most important are a Web Server with a split LAMP stack, a Mail Server, and DNS.

csa_logo_190_60

The 5/17 Virtualization Security Podcast was an open forum on the Cloud Security Alliance initiatives, specifically the Security, Trust, & Assurance Registry (STAR). Which is “a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.” The CSA has grown from a grass roots organization to a major player and producer or guidance for security and compliance for clouds.

VirtualizationSecurity

The 5/3 Virtualization Security Podcast had a very special guest, a teenager. This surprise guest told us about how she and her friends use their smartphones and cloud services such as FaceBook, Twitter, SMS, etc. For the panelist, it gave us a new look at our existing problems; expanding our viewpoint for end-user computing security, cloud security, and expectations of privacy.

siri

Some of us have multiple cloud endpoints in the form of mobile devices all trying to access our personal and corporate data to do our daily jobs. These incredibly useful devices (smartphones, tablets, etc.) are now a part of our organizations life. So how do we protect our data from them. IBM recently took a draconian measure of banning Siri from their employees iPhones. Yet, how can they enforce such a measure?