All posts by Edward Haletky

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization. [All Papers/Publications...]

Training and More Training for EUC Security

VirtualizationSecurityEnd User Computing security seems to be in the hands of the users not actually the IT Security department. At least not yet. So what can we do about this? IT security can be draconian and not allow EUC devices into the office, but the users will be up in arms. They use their smart phones, tablets, laptops, and services on their desktops to get their job done. Draconian IT security measures will hamper timely completion of critical projects, deals, and workplace moral, thereby impacting the bottom line. However, the bottom line will be impacted just as heavily by the lack of security by the end user devices. So how can we alleviate this problem? Continue reading Training and More Training for EUC Security

The Growing Divide between Security and Virtualization (Cloud)

VirtualizationSecurityThe 3/21 Virtualization Security podcast featured @MrsYisWhy who is a recovering Unix engineer most recently assigned to the network security team of financial services provider. She also hosts a podcast called Healthy Paranoia, a security feed of Packet Pushers. I asked @MrsYisWhy to join the podcast as she is from the other side of the world from virtualization and cloud security folks and has quite a different view. The rent we saw being sewn up is now a vast divide as we jump feet first into Cloud deployments, virtualization business critical workloads, and generally using more and more virtualization and cloud in our daily lives. Continue reading The Growing Divide between Security and Virtualization (Cloud)

Public Cloud Reality: Support Responsibility

CloudComputingThe Public Cloud Reality around support responsibility is not something often considered, instead we are looking at SLAs, legal documents, compliance documents, and many other items. Do we consider who is ultimately responsible when something goes wrong within the cloud? Is your Cloud provider a full partner or do they limit themselves to a small subset of the implementation? Do they have 24/7 support will be covered by the SLA, but what type of support? How qualified are the clouds support teams to help you with your application’s problems? Who is responsible? Continue reading Public Cloud Reality: Support Responsibility

News: Public Comment for VMware Hardening Guide

VirtualizationSecurityJust entered my mailbox, there is a new rev of the vSphere 5.1 hardening guide which was spoken about on the last Virtualization Security Podcast. This version of the hardening guide adds a much needed new feature: Profiles. Profiles define the level of security requirements based on small and medium business, enterprises, and government agencies. There is a public review for the guide over the next two weeks, so if you want to comment or read the latest draft of the vSphere hardening guide please visit Continue reading News: Public Comment for VMware Hardening Guide

SDDC Data Protection

VirtualizationBackupOne aspect of SDDC that does not get a lot of attention is Data Protection, instead we are concentrating on SDN and automation. Yet, this leads me to Data Protection. There is a clear marriage between Data Protection and SDDC that needs to be added to any architecture. As with all things, we start with the architecture. Our SDDC architecture should also include data protection, but what data are we really protecting? Within SDDC there are three forms of data: tenant, configuration, and automation. Without one or the other, we may not be able to reload our SDDC during a disaster. What is required to get these three types of data, what really are these types of data? and how can we add data protection into SDDC cleanly? Continue reading SDDC Data Protection

Public Cloud Reality: Do we Stay or Do We Go?

CloudComputingSoon the backup power will be available for our new datacenter and the redesign to make use of VMware vCloud Suite is nearing completion. Soon, our full private cloud will be ready for our existing workloads. These workloads however now run within a XenServer based public cloud.  So the question is, do we stay in a poorly performing public cloud (mentioned in our Public Cloud Reality series) or move back to our own private cloud? As the Clash put it “Should I Stay or Should I Go Now.” Continue reading Public Cloud Reality: Do we Stay or Do We Go?

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio