All posts by Edward Haletky

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

Cyber Defense: Using Virtual Desktops?

DesktopVirtualizationThere was recently a rather heated twitter discussion between @Guisebule, @VirtualTal, and @Texiwill (myself) about using virtual desktops as a part of cyber defense. While this could be true, there is a need to ensure you know where your virtual desktop(s) start and end, not only within the network, but your applications in use. In addition, it is very important to fully understand the scope of a virtual desktop architecture as well as use. There are some use cases that work very well for use of virtual desktops as a part of cyber defense or for that matter just make sense for virtual desktops. There two ways to make virtual desktops part of your cyber defense but they both require more than network security.

Continue reading Cyber Defense: Using Virtual Desktops?

Virtual Desktop Patching and Data Protection

DesktopVirtualizationData Protection and patch management of virtual desktops, while not a sexy topic, is one that should happen on a regular basis within any organization  implementing or working to implement virtual desktops.  Recently, we have been testing virtual desktop software and there is a huge difference between patching and protecting data in a small number of instances and 1000s of instances. There are scale considerations as well as ease of use for file level and system recovery as well as issues with patching virtual desktops (not to mention other security issues). Continue reading Virtual Desktop Patching and Data Protection

Cloud Tenant PCI-DSS Dilemma

VirtualizationSecurityThere is a dilemma for all tenants of a public or private cloud: Scope. Tenants want everything to be in scope. Cloud Service Providers (CSP) want to limit scope to the bare minimum. What does it mean for a Cloud to be ‘PCI Compliant’, and why is this a requirement for some tenants? The real issue is, what is in scope for PCI-DSS while your data is in the cloud, and how can you as the tenant meet those requirements? Remember, in the cloud, scope becomes a huge issue and a dilemma for the tenant, mainly because they may not know the scope of the cloud provider’s audit and may never find it out. So what is this scope issue and can it be fixed?
Continue reading Cloud Tenant PCI-DSS Dilemma

How VirtuStream does Cloud Security

Virtustream100x30On the 4/4 Virtualization Security Podcast, Pete Nicoletti, the chief information security officer for Virtustream, joined us to discuss how VirtuStream does cloud security. VirtuStream runs some of, if not the largest SAP installations in the cloud for very large enterprises around the world. The key to VirtuStream is that they are an Enterprise Cloud that looks at everything from the Enterprise perspective, whether that is billing or security. For security, they have implemented many changes required by their customers and allowed the end-enterprise to dial that security to 11 if necessary. But what does VirtuStream do that is different from all others?

Continue reading How VirtuStream does Cloud Security

Technology Update from the Field

CloudComputingThere has been a spate of press releases and news in and around the industry over the last few weeks that bear further consideration. They could actually solve some of your current cloud and virtual environment issues while opening new doors for future expansion. As an architect and analyst, I find these technologies very interesting for their possible impact on the future of virtual and cloud environment not to mention data center designs. Continue reading Technology Update from the Field

Caching throughout the Stack

DataCenterVirtualizationOne sure way to improve performance is to cache the non-dynamic data of any application. We did this to improve the overall performance of The Virtualization Practice website. However, there are many places within the stack to improve overall performance by caching, and this got me to thinking of all the different types. At the last Austin VMUG, there were at least three vendors selling caching solutions that were designed to improve overall performance by as little as 2x to upwards of 50x improvements. That is quite a lot of improvement in application performance. Where do all these caching products fit into the stack? Continue reading Caching throughout the Stack

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio