Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

VMware Fleshes Out SDN Strategy with NSX

VMware100x30VMware has added some significant meat to the bones of its Software Defined Data Center Strategy with the announcement of the VMware NSX Network Virtualization Platform. NSX represents the combination of the previous VMware network virtualization technology (VXLAN) with the technology that came from the acquisition of Nicira. Continue reading VMware Fleshes Out SDN Strategy with NSX

Cloud Conversations: Tweetchat and Serendipity

VirtualizationSecurityThe 3/7 Virtualization Security Podcast featured Andi Mann, VP of Strategic Solutions at CA Technologies, and RSA Conference.  The conversation was lively and I invited Andi Mann due to a previous day tweet chat about cloud security. Lately, I have had several serendipitous conversations on cloud security from TweetChat, to in face discussions with @Qthrul, and meeting @MrsYisWhy in person. Each conversation has been about Cloud or Virtualization security in some form. Let me delve into them a bit more. Continue reading Cloud Conversations: Tweetchat and Serendipity

Public Cloud Reality: Reinforced at CSA Summit

CloudComputingI have written about the Public Cloud Reality and the need to bring your own security, monitoring, support. This was reinforced by Dave Asprey of Trend Micro at the last Cloud Security Alliance Summit held at this years RSA Conference. The gist of Dave Asprey’s talk was that YOU are responsible for the security of your data, not the cloud service provider. Unfortunately, this sort of discussion often devolves into one of shared vs tenant responsibility, the type of data, etc. It will also devolve into a legal discussion just as quickly. Unfortunately, all this does is point fingers. The long and the short of this discussion is about two items often mixed as one. Continue reading Public Cloud Reality: Reinforced at CSA Summit

RSA Conference: What was Interesting

RSA Conference: What was InterestingRSA Conference: What was InterestingAs I met with people at RSA Conference last week, the common question was: What was interesting and new? My view was from the world of virtualization and cloud security, which often differs from general or mobile security. This show was more about general and mobile security than it was about virtualization and cloud security due to the confluence of VMware Partner Exchange (PEX) and RSA Conference. There were quite a few things that were new from the show floor, RSA Innovation Sandbox, and other conversations. Continue reading RSA Conference: What was Interesting

News: Sky High Networks provides Cloud Service Security Ratings

CloudComputingThere has been a dearth of intelligence reporting on cloud services and up until now we had to rely upon the Verizon Breach Report, Alert Logic’s State of the Cloud report, the Enisa and other reports, but even so there was nothing specifically about a given cloud service outside the lightly used Cloud Security Alliances STAR self-certification. Instead you must imply something about a given service. This has changed. Meeting this need is Sky High Networks. Continue reading News: Sky High Networks provides Cloud Service Security Ratings

IT Automation: Where Is the Center?

ITasaServiceWhere is the center of IT Automation today? The network is the nerve center, the workloads are the brains, and the normal storage, compute, and memory are the other internal organs. The heart of our IT machine is often a management tool such as VMware vCenter, System Center, or something else entirely, but should our IT automation live within the heart when the heart only controls virtual and some physical components, or should IT automation be tied to the nervous system that crosses boundaries?
Continue reading IT Automation: Where Is the Center?