All posts by Edward Haletky

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.[All Papers/Publications...]

Offering Cloud Services: Why is it so Limited?

CloudComputingThere are many SaaS and Security SaaS cloud services out there, but they all lack one thing: full visibility. Why do these cloud services limit the ability to perform compliance auditing, forensics, and basic auditing against an organizations data retention, protection, and other necessary policies?  Why not just grant the “right to audit”, or better yet, build a way for each tenant to perform their own audit down to the hardware? Why limit this by leaving it out of contracts as well as the technology? It is all feasible. Continue reading Offering Cloud Services: Why is it so Limited?

Will access to VMware’s source code change the hypervisor threat landscape?

VMware100x30Many of the virtualization security people I have talked to are waiting patiently for the next drop of leaked VMware hypervisor code. But the real question in many a mind is whether or not this changes the the threat landscape and raises the risk unacceptably. So let’s look at the current hypervisor threat landscape within the virtual environment to determine if this is the case, and where such source code will impact. Are there any steps one can take now before the code drop is complete to better secure your environment? Continue reading Will access to VMware’s source code change the hypervisor threat landscape?

What is Considered Too Big for Virtualization?

CloudComputingA customer recently asked me, can we virtualize our Tier 1 App that receives 7Billion requests per day? My initial response was, on how many servers? Their answer was 15. This is quite a shocking set of numbers to consider. Add into this numbers such as 150K sessions per second, the need for a firewall, and sub-second response time and you end up with a few more shocking numbers. So could such workloads be virtualized? or is it too big for Virtualization? Continue reading What is Considered Too Big for Virtualization?

Migrating to the Cloud: OpenStack or vCloud?

CloudComputingWe, here at The Virtualization Practice, are getting ready to have a cloud presence. Since we ‘eat our own dogfood’ with a 100% Virtual Environment, we are gearing up to move some of those workloads into a hybrid cloud. We already use some cloud resources, but now is the time to look at other workloads. Why we are moving to the cloud is three fold: how can we write about various aspects of being a tenant in the cloud, if we are not one; a recent power outage at the grid level; and a upcoming data center move. Two of these reasons are all about business continuity with the first being what we do. While we already have a cloud running within our own environment, it is time to branch out. Continue reading Migrating to the Cloud: OpenStack or vCloud?

OpenStack: What it is not….

OpenStack LogoThe OpenStack conference 2012 is full of OpenStack fans, aficionados, developers, and companies making a business using the ecosystem. However, I kept hearing that OpenStack was a replacement for VMware. So why is this even a possibility, and why did Rackspace and now HP build public clouds using this technology? The easy answer is to save money. But is that the only answer? What is OpenStack and why is it becoming important? Continue reading OpenStack: What it is not….

Tenant and Multi-Tenant Security: It’s All About Scope

CloudComputingWhile at InfoSec World 2012’s summit on Cloud and Virtualization Security, the first talk was on Securing your data. The second was on penetration testing to ensure that data was secure.  In essence it has always been about the data but there is a huge difference between what a tenant can do  and what the cloud or virtual environment provider can do with respect to data protection and security. This gap is apparently becoming wider instead of smaller as we try to understand tenant vs cloud provider security scopes. There is a lack of transparency with respect to security, but at the same time there are movements to gain that transparency. But secret sauces, scopes, legislation, and lack of knowledge seem to be getting in the way. Continue reading Tenant and Multi-Tenant Security: It’s All About Scope

Google Circle
Join my Circle on Google+

Plugin by Social Author Bio