My response to Stephen Foskett’s tweet of a post about the Software-Defined Data Center (SDDC) Symposium led to an interesting conversation about the nature of the SDDC—what it is, what it is not, and why we should care. The software-defined data center is considered by some to be an instrument of vendor lock-in, vaporware, or in many ways just marketing hype. “SDDC” has many different definitions, but I do not believe it reflects any of those commonly used. Instead, I hold that it is a way of thinking, a way of looking at the new world of IT in which we live. This has sparked a quite an interesting Twitter conversation between many interested parties.
Articles Tagged with Secure Hybrid Cloud
User experience drives virtual desktop deployments and can either make or break them. If the user experience is awful, users will find other, often less secure methods for doing their jobs. VDI sits at an interesting crossroads where storage, memory, networking, CPUs, and GPUs must be properly tuned. Any adverse impact from any one of these resources could spell the doom of a virtual desktop user experience. The ProjectVRC team and others have taken a comprehensive look at potential adverse impacts, but they have only examined security from the viewpoint of those who implement antivirus and anti-malware solutions. While this is valuable, they do not cover the grander picture of security around virtual desktops. Even today, many years and versions after virtual desktops were first implemented, there are still fundamental functions missing in the realm of security.
Have you ever wondered what was going on within a cloud regardless of type? SaaS? PaaS? IaaS? Do you need to audit these environments to ensure compliance with your security policy (not to mention the subset of your security policy that contains regulatory compliance)? To provide solutions for these issues, a number companies both new and old have put forward various tools that utilize proxies, reverse proxies, and transparent gateways to uncover what is happening within a SaaS application. The goal is to know who did what, when, where, how, and hopefully why.
As your software-defined data center (SDDC) grows, so does the quantity of privileged accounts. This was the discussion on the Virtualization Security Podcast of February 13, 2014, where we were joined by Thycotic Software. Privileged accounts are used by administrators and others to fix issues, set up new users, add new workloads, move workloads around your SDDC, harden those workloads, and perhaps even log in to just pull down logs for further use. The list of reasons to use privileged accounts is as endless as your system administrator’s stack of work. Yet today, almost always, access to these accounts is made by those who know the password.
When to implement security and data protection practices, or even change existing ones, is all about timing, knowledge, and scope. Deciding what to implement at any particular time requires knowledge of what needs to be fixed, and also of what the future could hold. To do this properly, you need to pay close attention to the threats within your industry, understand their impact, and evaluate them based on risk. Where to obtain such knowledge is always changing, but the scope we apply the knowledge to seems to be static and not changing with the times.
The software-defined data center (SDDC) requires a new breed of security tools that not only handle the velocity of data being generated within a secure hybrid cloud but also handle the volume and variety of data. In fact, this new breed of security tools uses big data backends to manage the data being received, though it asks different questions of the data than normal for the products: security questions. The new breed of security tools either started as some form of performance management tool or employs performance management techniques to provide the data to to be queried.