VMware’s Project Octopus and others like ownCloud and Oxygen Cloud have stirred some interesting ideas about Application Security. Those applications that make use of SSL, nearly every web application, can make use of secure cloud storage for certificate verification means. What makes SSL MiTM attacks possible, is mostly related to poor certificate management. If there was a way to alleviate the need for the user to be involved in this security decision, then SSL MiTM attacks would be significantly reduced. Continue reading Application Security using Secure Cloud Storage
The 3/22 Virtualization Security Podcast brought to light the capabilities of Symantec Critical System Protection (CSP) software. This software successfully implements a manageable version of mandatory access control policies based on role-based and multi-level security functionality within the virtual environment, more specifically on those systems that are critical to the well being and health of your virtual and cloud environments such as all your management and control-plane tools (VMware vCenter, Microsoft SCVVM, XenConsole, etc.). In addition, Symantec CSP will monitor your virtualization hosts for common security issues. This in itself is great news but why are we just hearing about this now? Is this a replacement for other security tools? Continue reading Improving Virtualization and Cloud Management Security with Symantec CSP
Quantum recently announced a ‘Flexible path to Next Generation Backup and Disaster Recovery’, which dovetails nicely with my thoughts on future proofing data protection. Quantum has created, with the help of Xerox, a way to have multi-tenant data protection at the level of the tenant and not just the cloud provider. How does Quantum and Xerox achieve multi-tenant data protection? Is the future described here? Are there any other technologies that push this envelope as well? Continue reading Future Proofing Data Protection: Approaching Fast!
The 3/8 Virtualization Security Podcast held a discussion on the happenings as the 2012 RSA Conference in San Francisco as well as a discussion of the features of Bitdefender’s entry into the virtualization and cloud space with their SVE product. RSA Conference high lights not just those security tools for the virtualization and cloud spaces but the entire industry and each year there is always a common theme. Was there one this year? Was there any surprises at the conference? Continue reading RSA Conference Recap and Bitdefender SVE
The Virtualization Field Day delegates joined the Virtualization Security Podcast as guest panelists on 2/23 and the topic of the day was cloud security. There were questions about compliance, security of the tenant, and security of the administrators, and legal issues. There were answers from Rodney Haywood (Rodos), another Virtualization Field Day Delegate and cloud architect as well as the podcast standard panelists. So what did the questions boil down to? Continue reading Virtualization Field Day Delegates Discuss Cloud Security and Compliance
OnLive is on the verge of making a game-changing move in the VDI space. The game focused application delivery company announced their OnLive Desktop service at CES this year. OnLive Desktop claims to deliver a seamless Microsoft Windows desktop experience with cloud-accelerated web browsing and full Adobe Flash. The marketing talks of “instant-response multi-touch gestures“, “complete and convenient viewing and editing of even the most complex documents” and “high-speed transfer from cloud storage or Web mail attachments“. Sounds like something a CFO would bite your hand off for.
Still, delivering a ubiquitous desktop environment is a complex undertaking. Desktone tried punting to end users and then thought better of it. The default position when delivering desktops is to deliver a Microsoft Windows workspace: that’s what most users need and want to run their applications. However, a “use any device” model gets hampered by Microsoft’s VDA yearly license cost, and further constrained by the lack of a viable way of policing/validating VDA assignment. VDI can leave an enterprise open to Microsoft beating them with a stick for a host of additional end device licenses.
Have OnLive taken an impressive application delivery model and tried to apply it to windows desktops without necessarily thinking licensing through? Will the scalability and experience that Onlive have mean that VDI vendors should re-think their technology? Will the buzz that OnLive has created mean an new level of engagement with Microsoft, perhaps even a shotgun wedding? Will Onlive Desktop be the technology that prompts Microsoft to get its licensing-of-vdi house in order, properly enabling a Desktop-as-a-Service market: what better way to laugh in the face of Apple than to have most iPads running Windows 8?
Join my Circle on Google+
Plugin by Social Author Bio