All posts by Edward Haletky

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.[All Papers/Publications...]

Enter the FrankenCloud: Or Do we really care about the Hypervisor?

CloudComputingThere has been quite a lot of twitter traffic about the FrankenCloud recently: A cloud with more than one type of hypervisor underneath it. One example, is to build a cloud using Hyper-V three and vSphere, both managed through Microsoft System Center. Another example, is to build a cloud using Hyper-V, KVM, and vSphere all managed through HotLink. But is this a desired cloud topology? Continue reading Enter the FrankenCloud: Or Do we really care about the Hypervisor?

Defense in Depth: Firewalls within the Virtual Environment

VirtualizationSecurityThe 6/14 Virtualization Security Podcast we spoke about firewall placement within the virtual environment as well as storage based defense in depth. While we covered Encryption on the 5/31 podcast, in the 6/14 podcast we  covered other measures when dealing with storage (which will be part of a followup post). This conversation was slightly different than all other firewall discussions, as it was about migrating from a physical environment to a virtual environment, and keeping the same firewall placements. Spurred by a customer, we sought to come to a set of guidelines to follow for defense in depth within the virtual as well as physical and hybrid cloud environments. Continue reading Defense in Depth: Firewalls within the Virtual Environment

Defense in Depth: Encryption within the Virtual Environment

VirtualizationSecurityThe 5/31 Virtualization Security Podcast we spoke to High Cloud Security about encryption as a defense in depth, and where to place encryption within the virtual environment. This lead to an intriguing discussion about what is actually missing from current virtual environments when it comes to encryption. We can encrypt within each VM and we can encrypt within the networking fabric, as well as within the drives themselves, but currently that leaves several vulnerabilities and unencrypted locations that can be used as attack points. While we concentrated on vSphere, what we are discussing applies equally to all hypervisors. Continue reading Defense in Depth: Encryption within the Virtual Environment

Dell Storage Forum 2012: Converged Infrastructure Future

Dell_Circle_100x30At Dell Storage Forum 2012, Dell introduced a new converged infrastructure that features an Equallogic Array that takes up 2 slots of a new blade enclosure. Moving storage closer to the workloads running within the blades. This is a very interesting and powerful play by Dell, but I kept asking myself is this really a converged infrastructure? Or it is just an integrated blade enclosure that others have at this time? Continue reading Dell Storage Forum 2012: Converged Infrastructure Future

Moving to the Cloud as a Service or as a Machine

CloudComputingOne of the decisions faced by anyone that wishes to have a cloud presence is what will be moved to the cloud, why, and whether or not there is a service that can be used instead of using virtual machines.  Give The Virtualization Practice’s case, we plan on moving our customer facing VMs to the cloud, but what are those machines? The most important are a Web Server with a split LAMP stack, a Mail Server, and DNS. Continue reading Moving to the Cloud as a Service or as a Machine

Cloud Security Alliance: STAR and other Initiatives

csa_logo_190_60The 5/17 Virtualization Security Podcast was an open forum on the Cloud Security Alliance initiatives, specifically the Security, Trust, & Assurance Registry (STAR). Which is “a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.” The CSA has grown from a grass roots organization to a major player and producer or guidance for security and compliance for clouds. Continue reading Cloud Security Alliance: STAR and other Initiatives

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio