Low Hanging Fruit of Virtualization Security

I was invited to CSI 2010 this year to speak on the Low Hanging Fruit of Virtualizaiton Security. This presentation brought to light some simple to implement features that would give you the most security for what I consider very little cost or effort. These 7 items if implemented will improve the overall security of  your virtual environment.

7. Do not use Paravirtualized drivers within DMZ based VMs, or any that hold sensitive data unless there is an absolute performance requirement to do so, and then only use the specific driver instead of installing them all. Continue reading Low Hanging Fruit of Virtualization Security

Anybody Seen My Memory Stick?

I got a call from a client today that is running a VMware ESXi server as a proof of concept in their SMB environment. The admin that setup the VMware ESXi Server configured the ESXi server to boot and run ESXi from a USB memory stick.  Things have been running fine but the company and the administrator that setup the server had a falling out, so to speak, and the administrator left the company and took the USB memory stick with him.  The server continues to run fine as ESXi basically runs from memory but, rebooting this host is now not an option since there are no files available for the host to boot from.  So what is the best way to recover and get things back to normal?  I did a little research and the information that I have found will work will both ESXi 3.x as well as vSphere ESXi. Continue reading Anybody Seen My Memory Stick?

Rationalizing the NRE Cloud Alliance – newScale, rPath and Eucalyptus

We’ve been following Eucalyptus for some time, and they recently invited us to a briefing about a new alliance called NRE, which is a credible group of independent vendors, newScale, rPath and Eucalyptus.

This wasn’t spun  from an Open Source prespective and it was interesting to see the Eucalyptus positioning to the general marketplace.  Eucalyptus is positioned as the “leading” Open Source cloud, the benefit of Open Source being it is “on your own terms”.  It offers IAAS in the data center, just like Amazon Web Services.  It is Elastic, based on industry standard APIs, hypervisor agnostic, supports both Windows & Linux guests, and has a huge ecosystem.  It’s the elasticity and the scalability that are driving the adoption. Pricing is secondary, and you also get the feeling that it’s not traditional enterprises which are picking it up. Continue reading Rationalizing the NRE Cloud Alliance – newScale, rPath and Eucalyptus

Why Your Vendors’ Sales Model Matters to You

If you are our typical reader, you are involved with virtualization technology and products in a meaningful way. This most often means that you either work with the technology hands on, or manage a team of people that do – either at an enterprise that is a user of virtualization technology, or at a VAR or systems integrator that implements the technology for customers. If this is your profile, you may be asking – why should I care about how vendors sell products – after all salespeople are some of my least favorite people? Continue reading Why Your Vendors’ Sales Model Matters to You

Major Virtualization Security Annoucements

Last week, there were several major virtualization security announcements, that taken singularly may only apply to the specific products, but taken together show the growth of the virtualization security ecosystem.

  • VMware vSphere has attained CC EAL 4+ certification. To view the certificate and completion letter, visit http://www.vmware.com/security/certifications/
  • Trend Micro has shipped Deep Security 7.5 with vShield Endpoint support for Anti-Virus. To download visit http://downloadcenter.trendmicro.com/
  • HyTrust releases HyTrust Appliance 2.1. For the Press Release visit http://www.hytrust.com/news/press-releases/hytrust-releases-hytrust-appliance-update/

Continue reading Major Virtualization Security Annoucements

New Relic Rocks the APM as a Service World

For as long as there have been important applications, there have been Application Performance Management tools for monitoring these applications. APM tools have gone through two very distinct paths of evolution. The first path involved tools that really monitored the operating system that the applications ran on, and looked at interactions between the application and the OS in the form of abnormal resource utilization platters to find problems with the operation of the application. These tools were typically application agnostic, and supported every application that ran on the operating system that the tool supported. They therefore offered a great deal of breadth, but were not able to look deeply into applications to find problems within the applications themselves. Continue reading New Relic Rocks the APM as a Service World