Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

RSA Conference Recap and Bitdefender SVE

Speaking-at-RSAC-2012-smallThe 3/8 Virtualization Security Podcast held a discussion on the happenings as the 2012 RSA Conference in San Francisco as well as a discussion of the features of Bitdefender’s entry into the virtualization and cloud space with their SVE product. RSA Conference high lights not just those security tools for the virtualization and cloud spaces but the entire industry and each year there is always a common theme. Was there one this year? Was there any surprises at the conference? Continue reading RSA Conference Recap and Bitdefender SVE

Virtualization Field Day Delegates Discuss Cloud Security and Compliance

VirtualizationSecurityThe Virtualization Field Day delegates joined the Virtualization Security Podcast as guest panelists on 2/23 and the topic of the day was cloud security.  There were questions about compliance, security of the tenant, and security of the administrators, and legal issues. There were answers from Rodney Haywood (Rodos), another Virtualization Field Day Delegate and cloud architect as well as the podcast standard panelists.  So what did the questions boil down to? Continue reading Virtualization Field Day Delegates Discuss Cloud Security and Compliance

Onlive Desktop: VDI cannot be DaaS until Microsoft say so.

DesktopVirtualizationOnLive is on the verge of making a game-changing move in the VDI space. The game focused application delivery company announced their OnLive Desktop service at CES this year. OnLive Desktop claims to deliver a seamless Microsoft Windows desktop experience with cloud-accelerated web browsing and full Adobe Flash. The marketing talks of “instant-response multi-touch gestures“, “complete and convenient viewing and editing of even the most complex documents” and “high-speed transfer from cloud storage or Web mail attachments“.  Sounds like something a CFO would bite your hand off for.

Still, delivering a ubiquitous desktop environment is a complex undertaking. Desktone tried punting to end users and then thought better of it. The default position when delivering desktops is to deliver a Microsoft Windows workspace: that’s what most users need and want to run their applications. However, a “use any device” model gets hampered by Microsoft’s VDA yearly license cost, and further constrained by the lack of a viable way of policing/validating VDA assignment. VDI can leave an enterprise open to Microsoft beating them with a stick for a host of additional end device licenses.

Have OnLive taken an impressive application delivery model and tried to apply it to windows desktops without necessarily thinking licensing through? Will the scalability and experience that Onlive have mean that VDI vendors should re-think their technology? Will the buzz that OnLive has created mean an new level of engagement with Microsoft, perhaps even a shotgun wedding? Will Onlive Desktop be the technology that prompts Microsoft to get its licensing-of-vdi house in order, properly enabling a Desktop-as-a-Service market: what better way to laugh in the face of Apple than to have most iPads running Windows 8?

Continue reading Onlive Desktop: VDI cannot be DaaS until Microsoft say so.

Future Proofing Data Protection

VirtualizationBackupDuring a briefing of Quest’s new data protection announcements I started to think about the future of data protection. Quest recently announced that NetVault will now work with Exagrid devices and that there is now a Capacity Edition targeting SMBs and SMEs. These changes add some more capabilities to an existing product suite. While, these announcements do not necessarily merge with virtualization backup, the combination of Quest’s tools and partnerships do form an impressive view of the future with respect to Data Protection. But is this future here now or even achievable? Continue reading Future Proofing Data Protection

VMware – The Next Microsoft, or the Next Oracle?

VMware100x30VMware is already the best (most competent) and most important (fastest growing and the source of the most innovation) system software company on the planet. But as successful as VMware has been to date, it is worthwhile to ask what lies ahead – and most importantly in what direction VMware is likely to go on some key business and technical issues. In order to understand the range of choices VMware has it is worth looking at both Microsoft and Oracle as points of reference. Continue reading VMware – The Next Microsoft, or the Next Oracle?

Application Security within the Virtual and Cloud Environments

Virtualization and Cloud Security architects, pundits, and writers like myself often talk about protecting the data within the virtual and cloud environments. However, in order to protect that data we need to be able to determine how the data will be used, accessed, modified, and eventually removed.  So, how can we understand data security without understanding the application around it. But there is an even more fundamental problem, how do we define the application and the security measures we should take? Continue reading Application Security within the Virtual and Cloud Environments