Welcome to The Virtualization Practice’s week-long coverage of VMworld US 2015. Tune in all week for our daily recap of the major announcements and highlights from the world’s premier virtualization and cloud conference.
VMworld US 2015 continued yesterday, kicked off by the general session. End-User Computing’s Sanjay Poonen led the keynote, in which VMware fleshed out what it means by “any application and any device” within the “Ready for Any” theme of the conference. Beginning with the VMware Workspace Suite, VMware talked at length about the growth of mobile computing and how AirWatch, together with VMware App Volumes, enables IT to manage all Windows 10 devices (physical and virtual, mobile or not), as well as iOS and Android devices, from a single pane of glass. Foreshadowing the next speaker, Poonen wrapped up his portion by talking about the synergies between AirWatch, Horizon, and NSX, with policy settings in NSX affecting and being affected by AirWatch connectivity and data access.
Continue reading VMworld US 2015: Day 3 Recap
Android devices recently suffered a spate of attacks. Similar attacks have been made against Apple devices and nearly every other brand of smart device. Does this mean that this is the end of Android or of mobile devices? Or does this mark the rise of mobile device management (MDM) and other software specifically designed to secure end user computing (EUC) devices? EUC security has two failure points: the handheld device and further in the network. But does an insecure device imply loss of data? Perhaps. Loss of credentials? Once more, perhaps. But do we really care? That is not known. So, let us look at a typical use case. Continue reading Should We Care If the Handheld Is Secure?
As companies embrace the DevOps movement, they rely heavily on automation to improve the time to market for new features and services. DevOps is a long, never-ending journey with a goal of continuously improving the software delivery process, resulting in better products and services and, ultimately, happier customers. At the beginning of their DevOps journies, many companies focus on continuous integration (CI), in which they automate the build process. Automated testing is implemented so that builds will fail if any changes fail the baseline tests. The idea here is to never move bugs forward, catching them early in the process.
Continue reading Security: Continuous Delivery Requires New Approaches
I have spoken and written quite a bit on the delegate user problem facing cloud and virtual environments. It is a growing problem, as we delegate actions from logged-in users to service accounts to implement changes on our systems. Any system, for example, that proxies administrative requests suffers from the delegate user problem. In essence, when we go to determine who did what, when, where, and how, forensics leads us to a delegate user or service account. We do not know beyond a shadow of a doubt who the user really was. We can correlate multiple log files, and based on time we may be able to come up with a set of users who could have done the deed. However, unless only one user was involved, we just end up with a set of users. Those sets of users, themselves, can be other service accounts—other delegate users, abstracting the real user. Continue reading VMware Solves Delegate User Problem
I recently had a number of consulting conversations about IT transformation and adding new Security as a Service products to companies’ existing clouds and tenancies. This is the beginning of IT transformation in many cases. A company has realized it needs to provide security to its tenants while using clouds more securely at the same time. This is a hybrid cloud. The company provides a cloud, yet uses tools from Box, Salesforce, Google, Microsoft, and the like. So, where do we start with IT transformation? With architecture that includes security. Continue reading IT Transformation: Architecture Includes Security
Three years ago, Bromium vSentry introduced the world to a new way of tackling the continual battle with malware. Don’t bother trying to detect it; don’t bother trying to patch against it. Instead, let it run, learn from it, and don’t let it do anything harmful.
Continue reading Bromium Enterprise Controller Adds Management Services to vSentry Security Microvisor