This week, Amazon Web Services (AWS) held its second annual re:Invent conference. For the past two days, Amazon has been announcing a wide variety of feature enhancements to existing services as well as publicizing new services. Even before these announcements, AWS was so far ahead of their competition in features, customers, and rate of innovation that comparing competitors’ offerings to AWS was almost comical.
VMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well known and prevalent attack within the virtualization management trust zones: SSL Man in the Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well for backwards compatibility and to allow management when SSO is not in use. However does this change how we look at virtualization and cloud management security best practices? Is this a launch point for implementing other authentication techniques?