Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

SAML to the Rescue: vCenter Single Sign On

VirtualizationSecurityVMware vCenter 5.1 implemented a new security feature, Single Sign-On (SSO), that uses the Security Assertion Markup Language (SAML) to exchange security tokens. This combats an extremely well-known and prevalent attack within the virtualization management trust zones: SSL Man-in-the-Middle (MiTM) attacks. However, vCenter still supports the old SSL methods as well to maintain backwards compatibility and to allow management when SSO is not in use. Does this new feature change how we look at virtualization and cloud management security best practices? Is it a launch point for implementing other authentication techniques? Continue reading SAML to the Rescue: vCenter Single Sign On

A Secure Cloud Framework for Non-Clouds

DataCenterVirtualizationIs it possible to use a cloud framework to better secure your datacenter? Do cloud technologies provide a secure framework for building more than just clouds? We all know that virtualization is a building block to the cloud, but there may be a way to use cloud frameworks to first secure your datacenter before you launch a private, public, or hybrid cloud. In essence, we can use tools like vCloud Director to provide a more secure environment that properly segregates trust zones from one another while allowing specific accesses.

Continue reading A Secure Cloud Framework for Non-Clouds

Data in the Cloud: Does Information want to be Free?

CloudComputingAt a dinner party recently, I was asked “does information want to be free?” This question is based on information that exists within the cloud today or tomorrow: Data in the Cloud. It is an interesting question with a fairly ready answer. Information is Power, it is people not information that controls information. Granted we have a massive abundance of information within the cloud today, is it trying to be free, or are people trying to make it free to everyone? In addition, is all this information even true or accurate? Continue reading Data in the Cloud: Does Information want to be Free?

Windows 2012 Hyper-V – The Hypervisor for your Cloud? Part I

Windows 2012 Hyper-V is the hypervisor for the cloud, and VMware’s vSphere is a dead man walking. So declared Aidan Finn at a recent virtualization conference in Hamburg during an enlightening entertaining session which he tastefully entitled, “Windows Server 2012 Hyper-V & VSphere 5.1 – Death Match”.

A bold statement? Hyper-V has often been cited as a “nearly ran”; good enough for the SMB space and smaller Private Clouds, but lacking the muscle for a cloud-focused enterprise. Nice for a visit, wouldn’t want to live there.

A biased statement? Aidan Finn is highly regarded Hyper-v Microsoft Most Valuable Professional and regularly writes on his website about changes and features of the product. In Predicatably Irrational, Dan Ariely dedicates a chapter to the possibility of a fan’s judgement being clouded. And yet, the list of features now available in Windows Hyper-V is compelling. Indeed, back in March we discussed if Microsoft would drive a wedge between VMware and EMC with Windows Server 2012 and Hyper-V.

In terms of embedded services and experience, VMware’s vSphere has a significant place in many organisations’ data centres. Licensing alone is unlikely to change hearts and minds to convert, but what about features?

Can Microsoft claim that Hyper-V is the hypervisor for the cloud? What new features are available in the 2012 release, and how does it now compare to vSphere 5.1. More importantly, will  these changes drive wider adoption?

In this first installment, we take a look at pricing, scalability, and performance, as well as storage.

Continue reading Windows 2012 Hyper-V – The Hypervisor for your Cloud? Part I

Going to the Cloud: CAPEX, OPEX, Facilities, or People

CloudComputingOn the 11/1  Virtualization Security podcast we had no special guest but continued a conversation started at Hacker Halted this year. It is the ongoing question of whether or not Going to the cloud will cause jobs to be lost. The typical answer was stated at Hacker Halted, that people will need to cross-train with new products, etc. and then they would keep their jobs, but someone stood up and shouted out that this was hogwash. It made a lively discussion from there. So we tackled it on the podcast as well. Will people loose jobs Going to the Cloud? If so how can this be prevented? What do you as IT professionals need to do, to plan your careers while going to the cloud? Continue reading Going to the Cloud: CAPEX, OPEX, Facilities, or People

Defense in Depth: Hardware Security

VirtualizationSecurityOn the last Virtualization Security podcast, our guest was Robert Rounsavall, CEO of Trapezoid. Trapezoid is looking into how to alleviate supply chain security issues; in essence, the security of the hardware. At many a presentation, I have asked attendees, “Do you trust the hardware?” Many times the answer is that they do; at other times, it is that they do not. Whether you trust the hardware depends entirely on your thoughts with respect to hardware security. But what can you do about hardware security? What is the worst that can happen if the hardware is infiltrated? Continue reading Defense in Depth: Hardware Security