There are threats to the cloud and there are risks within the cloud. A recent article from Tech Target Search Security blog spurred several thoughts. The main claim here is that there are not enough people who can differentiate threats and risks enough to talk to business leaders who may know very little about security, but do know the business. I have been known to state that there are prominent threats to my data once stored in the cloud and that we should plan to alleviate those threats to reduce our overall risk. But what is the risk?
An analogy comes to mind. Many years ago I ripped my Achilles tendon, and while talking with the doctors they all said that without surgery there was a 50% more likely chance that the Achilles tendon would rip again. So this got me thinking about what they really meant, 50% of what? My next question to the doctors was “how likely is it to fail if I do not have surgery?” Their response was enlightening, there is a 2% failure rate for naturally healed Achilles tendons. Because of that number, I realized that the failure rate for those tendons that undergo surgery is really only 1% vs 2% without. Well that put a different picture on everything. I went without surgery as that particular area of the body has very thin skin, not as much blood flow, and would take a long time to heal from surgery and there was always the risk of picking up something in the hospital, however remote at the time.
So the real question is what is the true risk to an environment if the threat becomes a reality? Continue reading Threats and Risks in the Cloud
VMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well-known and prevalent attack within the virtualization management trust zones: SSL Man-in-the-Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well to maintain backwards compatibility and to allow management when SSO is not in use. Does this new feature change how we look at virtualization and cloud management security best practices? Is it a launch point for implementing other authentication techniques? Continue reading SAML to the Rescue: vCenter Single Sign On
Legacy management software vendors like IBM, HP, BMC and CA are in deep trouble. They are in trouble across their entire portfolio of management solutions due to two simple facts. Their products are not suited for the new dynamic and distributed IT environment, and the way in which they sell and market those products is inconsistent with how the new buyers of management software want to buy those products. A great example of the trouble that legacy vendors are in is how CA and its APM solutions (Introscope) stack up against modern solutions like those from New Relic, AppDynamics, and Compuware/dynatrace. Continue reading APM as a Service and CA’s Reaction
Windows 2012 Hyper-V is the hypervisor for the cloud, VMware’s vSphere is a dead man walking?
In Part I I shared a chunk of what I learned from Aidan Finn‘s enlightening and entertaining session delivered at the E2E Virtulisation Conference in Hamburg tastefully titled, “Windows Server 2012 Hyper-V & VSphere 5.1 – Death Match”. In Part I we looked at pricing, scalability and performance, as well as storage in questioning how bold this statement was.
Pure license-cost wise, it more straightforward to run Microsoft Hyper-V than add another licensed hypervisor: note that Hyper-V does have a free offering (although this version doesn’t cover the virtual Windows Server instance licenses). We showed that scalability wise, Hyper-V can better common competition. Storage-wise Hyper-V, as should be expected from the newest offering, supports the newest technology: 4k sector sizes, and had the largest virtual disk support. Still, if you needed greater than 2TB of storage, you could always join multiple 2TB instances together, or bypass limits by mapping a LUN direct to the VM.
Still, besides pricing simplicity, performance improvements, and updated storage what has Microsoft done for the latest version of Hyper-V? In Part II, lets question further Aidan’s premise that Hyper-V kills vSphere.
Continue reading Windows 2012 Hyper-V – the hypervisor for your Cloud? Part II
On November 15th, Cisco announced that it was acquiring Cloupia a cloud management startup that had built a unique combination of physical provisioning for converged infrastructures like the Cisco UCS and its downstream partner bundles like vBlocks and NetApp Flexpods with the ability to automate the provisioning of IaaS clouds on these converged infrastructures. Cisco had previously acquired Tidal Software, a vendor specializing in monitoring SAP in production, and newScale, a vendor who arguably lead the market for enterprise grade service catalogs. Continue reading Cisco Acquires Cloupia – Becoming a Management Software Vendor?
Is it possible to use a cloud framework to better secure your datacenter? Do cloud technologies provide a secure framework for building more than just clouds? We all know that virtualization is a building block to the cloud, but there may be a way to use cloud frameworks to first secure your datacenter before you launch a private, public, or hybrid cloud. In essence, we can use tools like vCloud Director to provide a more secure environment that properly segregates trust zones from one another while allowing specific accesses.
Continue reading A Secure Cloud Framework for Non-Clouds