On many a Virtualization Security Podcast I tend to mention that we need greater visibility into the cloud to judge whether Cloud Service Provider security measures are good enough. But why should we bother? I am not saying we should not be concerned about a cloud’s security but that we should as tenants be concerned with clouds meeting our security, compliance, and data protection policies and requirements. Will a cloud service provider ever be able to meet a specific organizations requirements as well as the cloud service providers policies and compliance? Continue reading Gaining Visibility into The Cloud: Migration and Security
While not particularly new news, the next version of the Cisco Nexus 1000v will be free, unless you want the security features. This is an interesting shift from Cisco with respect to VMware vCloud Director, the Nicira purchase, furthering UCS, and Cisco within non-UCS data centers. However, given other announcements, with respect to OpenStack, perhaps this is more a play to level the playing field between cloud architectures? But what I find most interesting, is that the changes to the Nexus 1000v also align with the changes we see in the vCloud Suites from VMware. Continue reading Cisco Nexus 1000v: Free unless you want Security
Both Microsoft and VMware have revamped their product suites, and therefore their licensing, once more. As always, how you buy will dictate how you license. It has taken a bit of time for all the revamped information to percolate through to each corporate site and for all the issues to be addressed. As we did before, let us look at licensing. We will look first at the old model of Hyper-V vs VMware vSphere vs Citrix Xen vs RedHat KVM. Then, in a follow-on article, we will look at the new cloud suite models.
There is an ever-increasing number of data protection providers creating replication receiver clouds as they team up with cloud service providers. This could herald the end of on-premise tape use for some enterprises, leaving tape to be used primarily by cloud providers. There are major benefits for Quantum, Zerto, Veeam, and others to form replication receiver clouds, but these clouds are not just for storage anymore. They could be purely for storage, but this is not a big win for the cloud service providers. So why would cloud service providers be interested in being a storage endpoint for data protection? Why are they concerned with backup and offering it as a service? Continue reading New Breed of Replication Receiver Clouds
On the 8/9 Virtualization Security podcast, we continued our discussions on defense in depth with a look at end-user computing devices, specifically laptops and endpoint desktops, with Simon Crosby, CTO of Bromium. While we also discussed phones and tablets, we were focused more on the technology preview that now is Bromium vSentry. Bromium vSentry looks to protect laptops (and other machines) from unknown and zero-day attacks in a unique hardware-assisted way. There is now a new tool in our defense in depth toolbox that meets an ever-growing need. But what is the need, and what is the tool? Continue reading Defense in Depth: Bromium vSentry for End User Computing
On the 7/29 Virtualization Security podcast we continued our discussions on defense in depth. We discussed authentication and authorization with IdentityLogix. IdentityLogix provides a unique solution that correlates users and groups against VMware vSphere’s own role based access control stores. In other words, IdentityLogix can identify if a user or group within active directory has more access to VMware vSphere’s management tools than they were intended to be allowed based not only on the user’s username but on the groups in which the user belongs. Why is this important to know? Continue reading Defense in Depth: Authentication and Authorization
Join my Circle on Google+
Plugin by Social Author Bio