Aug2012

VMworld 2012: VMware joins OpenStack

Some interesting news about VMWare was made public on Sunday 26th August – the day before VMWorld – that VMware joins OpenStack. This appears to be driven largely by the acquisition of Nicira – and the role that Nicira currently plays in the implementation of virtual networking in OpenStack.

Aug2012

VMworld 2012: Important New Features in vSphere 5.1

The vSphere 5.1 enhancements are more designed to better fit vSphere into the vCloud Suite as well as move the bar further on virtualizable workloads. vSphere 5.1 allows the virtualization of high performance graphics, real-time, HPC, and big data workloads.

Jun2012

Rethinking Your Already Virtualized Low Hanging Fruit

The drive to virtualize business critical workloads is going to require more vSphere licenses. Shifting low hanging fruit workloads to Hyper-V may free up licenses. But it creates a cross-hypervisor management problem that could erode all of the savings from Hyper-V licensing. This puts a premium on cross-hypervisor management solutions.

Jun2012

Defense in Depth: Encryption within the Virtual Environment

The 5/31 Virtualization Security Podcast we spoke to High Cloud Security about encryption as a defense in depth, and where to place encryption within the virtual environment. This lead to an intriguing discussion about what is actually missing from current virtual environments when it comes to encryption. We can encrypt within each VM and we can encrypt within the networking fabric, as well as within the drives themselves, but currently that leaves several vulnerabilities and unencrypted locations that can be used as attack points. While we concentrated on vSphere, what we are discussing applies equally to all hypervisors.

May2012

Will access to VMware’s source code change the hypervisor threat landscape?

Many of the virtualization security people I have talked to are waiting patiently for the next drop of leaked VMware hypervisor code. But the real question in many a mind is whether or not this changes the the threat landscape and raises the risk unacceptably. So let’s look at the current hypervisor threat landscape within the virtual environment to determine if this is the case, and where such source code will impact. Are there any steps one can take now before the code drop is complete to better secure your environment?