This years Innovation Sandbox at RSA Conference was won by a little known company to virtualization and cloud security vendors, its name is Invincea. However, it makes use of virtualization to aid in security. This years finalists once more included HyTrust for the inclusion of what appears to be complete UCS support within the HyTrust Appliance, Symplified which provides a unified identity within a cloud, CipherCloud which encrypts bits of your data before uploading, but not enough encryption to mess with sort and other algorithms. Plus other non-cloud like products: Entersect (non-repudiation in the form of PKI), Gazzang (MySQL Encryption), Incapsula (collaborative security to browsers), Pawaa (embed security metadata with files), Quaresso (secure browsing without browser/OS mods), and Silver Tail (mitigation).
Last year’s finalists also had the same reach of products but many more pure virtualization security vendors with Altor picking up the win. What is interesting about the field and indeed all of RSA Conference 2011, is that 2010 looked like a blip on the radar more than anything else. Why? Because nothing on the show floor was really about the Cloud or virtualization but it was always a ready conversation. Last year, everything was about Cloud and Virtualization but no one could define anything or tell me how their products fit except for the virtualization security vendors. The Innovation Sandbox provides a very good feel for the RSA Conference show floor. Continue reading Invincea wins Innovation Sandbox at RSA Conference 2011
I am nearing completion of my ‘dig-out’ from the recent Nor’easter that blew through New England, dumping quite a bit of snow. When you dig out of a snow storm, you start with paths to the garage or car, paths to the utilities, and in some cases paths to the wood pile and other out buildings. Sooner or later that perfect landscape of white is marred by new mounds of snow and clear-cut paths through it to the various locations on the property. When you look at these paths and the snow is high enough, they look like tunnels. The large tunnels (driveway) meet smaller and smaller ones. The perfect landscape of snow is now marred. This is just how a firewall looks when you put holes in it to let through various services. The more services, the more tunnels and paths will be cut. When speaking about the cloud or virtual environments, the increase in paths and entry points becomes a serious issue. Continue reading Digging out after a Snowstorm: Similar to our virtual environments?
It is the last few days of the year and time for a review of virtualization 2010. Although VMware was founded in 1998 it was not until 2001 that I first heard of VMware and played with the Workstation product to be able to run different flavors of Linux. So for me, 2010 closes out a great year in virtualization as a whole as well as a decade of virtualization… and what a ride it has been!
Staying focused on 2010 we have had a few things that have been worthy to note. This year we have moved past defining what a “cloud” is and really starting to discuss how we are going to “secure the cloud.” The term “cloud computing” still leads the way as one of the biggest buzz word with most all people and companies now having heard of it are planning one way or another on deployment options into their own environments. One thing for sure is the need for fully qualified individuals to maintain and designs the clouds moving forward. Continue reading Virtualization Review 2010
My conference schedule kept pace with the changes in the virtualization security ecosystem throughout the year. What are those changes?
In the last Virtualization Security podcast on 12/2 we had with us members of the PCI DSS Virtualization Special Interest Group (SIG). Kurt Roemer of Citrix and Hemma Prafullchandra of HyTrust joined us to discuss the differences to the PCI DSS 2.0 with respect to virtualization. In essence, PCI DSS explicitly calls out the need to bring virtualization, people, and processes into scope.
As we discussed in a previous article, the PCI DSS 2.0 does not state exactly what needs to be assessed within the virtual environment, or even what part of the virtual environment is a concern of each aspect of the PCI DSS. What the PCI DSS 2.0 does do is change the language, however subtle, that technologies employing shared resources are now acceptable. Continue reading PCI DSS 2.0 discussed on The Virtualization Security Podcast
The Virtualization Security Podcast on 11/2 was quite a change from our normal podcast. Instead of featuring a vendor as a guest panelist, Gurusimran S Khalsa (known as GS) joined us. Our topic was getting started with virtualization security with a real world twist. Continue reading Getting Starting with Virtualization Security