Virtualization Demystified
|
|
- Iris Allison May
- 8 years ago
- Views:
Transcription
1 Virtualization Demystified Oregon State Police CJIS Statewide Training September 24, 2015 Stephen Exley, CISSP Senior Consultant/Technical Analyst FBI CJIS ISO Program
2 Virtualization Demystified
3 What is Virtualization? Defined by the CJIS Security Policy as: A methodology of dividing the resources of a computer (hardware and software) into multiple execution environments, by applying one or more concepts or technologies such as hardware and software partitioning, time sharing, partial or complete machine simulation or emulation allowing multiple operating systems, or images, to run concurrently on the same hardware.
4 What is Virtualization (cont.)? Hardware
5 A Simple Virtualized Environment
6 What can I use Virtualization for?
7 Virtualization in the CJIS Security Policy The CSP covers the concept of virtualization in the following areas: Section Partitioning and Virtualization Section Virtualization Appendix G Best Practices; G.1 Virtualization
8 Virtualization in the CJIS Security Policy (cont.) There are four general requirements for virtual environments: 1. Isolate the host from the virtual machine. In other words, virtual machine users cannot access host files, firmware, etc. 2. Maintain audit logs for all virtual machines and hosts and store the logs outside the hosts virtual environment. 3. Virtual Machines that are Internet facing (web servers, portal servers, etc.) shall be physically separate from Virtual Machines (VMs) that process CJI internally or be separated by a virtual firewall. 4. Drivers that serve critical functions shall be stored within the specific VM they service. In other words, do not store these drivers within the hypervisor, or host operating system, for sharing. Each VM is to be treated as an independent system secured as independently as possible.
9 Virtualization in the CJIS Security Policy (cont.) The following additional requirements must be applied in virtual environments where CJI is comingled with non CJI: 1. Encrypt CJI when stored in a virtualized environment where CJI is comingled with non CJI or segregate and store unencrypted CJI within its own secure VM. 2. Encrypt network traffic within the virtual environment
10 Virtualization in the CJIS Security Policy (cont.) The following are technical security industry best practices and should be implemented wherever feasible: Implement IDS and/or IPS monitoring within the virtual machine environment. Virtually or physically firewall each virtual machine from each other to ensure that only allowed protocols will transact. Segregate the administrative duties for the host.
11 Use Case #1 Logical Separation A PD network was incorporated within a virtualized network as part of a county network consolidation effort. The virtual network consists of both CJI and non CJI processing virtual machines (VM). So, the VMs are segregated (CJI processing VMs from non CJI VMs) and separated via virtual firewalls. This is a comingled environment, so the agency does encrypt network traffic within the virtual environment. The virtual network resides completely within a physically secure location (no remote connections) and CJI is stored within its own VM, so encryption is not a requirement for CJI at rest.
12 Logical Separation Example Logical Separation
13 Logical Separation Example (cont.) No CJI No CJI CJI No CJI CJI CJI
14 Use Case #2 Physical & Logical Separation The state police (SP) recently transitioned to a virtualized network. The CJI and non CJI are stored in separate VMs within a physically secure location no encryption requirement for CJI at rest. The SP manages the state switch and will allow remote connections to from the virtual network via a web portal interface link is protected via encryption (FIPS certified, 128 bit) Internet facing VM (web portal interface) is physically separated from non Internet facing VMs. This is a comingled environment, so the agency does encrypt network traffic within the virtual environment. This agency has also segregated VMs using virtual firewalls.
15 Physical & Logical Separation Example Logical and Physical Separation
16 Physical Separation in a Virtualized Environment Example of Physical Separation
17 Virtualized Environments FAQ #1 Question: In section Virtualization, item number 2 in the first paragraph states: Maintain audit logs for all virtual machines and hosts and store the logs outside the host s virtual environment." Does this mean that I have to pull the event and content logs from the virtual environment to save them? Answer: Yes. There is a CSP requirement for retaining audit logs for 1 year (Section 5.4.6). Also, know that many virtual environments are ephemeral and therefore is set to delete/erase everything when taken down, whether intentionally or by malicious means this includes log data within the virtual environment.
18 Virtualized Environments FAQ #2 Question: In section Virtualization, item number 2 in the third paragraph states: "Virtually or physically firewall each virtual machine from each other (or physically firewall each virtual machine from each other with an application layer firewall) and ensure that only allowed protocols will transact." So, is this a requirement? Will this be audited? Answer: No. This is not an auditable requirement. It is simply industry best practice guidance. Appendix G.1 provides some additional best practice guidance to provide better security for your virtualized environment.
19 Questions?
20 ISO RESOURCES ISO Resources
21 ISO RESOURCES State CJIS Representatives State CJIS CSO/ISO should be the first stop for any questions or concerns Responsible for CJIS systems in their state/agency State CJIS requirements may differ from the CSP CSO/ISO should be kept in the loop with the CJIS issues in their state/agency Forwards requests for changes to the CJIS Security Policy to the CJIS ISO Program
22 ISO RESOURCES CJIS ISO Program Steward the CJIS Security Policy for the Advisory Policy Board Draft and present topic papers at the APB meetings Provide Policy support to state ISOs and CSOs Policy Clarification Solution technical analysis for compliance with the Policy Operate a public facing web site on FBI.gov: CJIS Security Policy Resource Center Provide training support to ISOs Provide policy clarification to vendors in coordination with ISOs
23 ISO RESOURCES The CJIS Security Policy!!!
24 ISO RESOURCES CSP Requirements Document Companion document to the CSP Lists every requirement, shall statement, and corresponding location and effective date Updated annually in conjunction with the CSP
25 ISO RESOURCES CSP Resource Center Publically Available us/cjis/cjis security policy resourcecenter/view Features: Search and download the CSP Download the CSP Requirements Document 2014 ISO Symposium Presentations Use Cases (Advanced Authentication and others to follow) Cloud Computing Report & Cloud Report Control Catalog Mobile Appendix Submit a Question (question forwarded to CJIS ISO Program) Links of Importance
26 ISO RESOURCES CSP Resource Center us/cjis/cjis security policy resource center/view Step #1 Select About Us Step #2 Select Criminal Justice Information Services
27 ISO RESOURCES CSP Resource Center us/cjis/cjis security policy resource center/view Step #3 Select Security Policy Resource Center
28 ISO RESOURCES CSP Resource Center us/cjis/cjis security policy resource center/view
29 ISO RESOURCES CSP Resource Center us/cjis/cjis security policy resource center/view
30 CJIS ISO CONTACT INFORMATION George White, CJIS ISO (304) Chris Weatherly, CJIS ISO Program Manager (304) Jeff Campbell, CJIS Assistant ISO (304) Steve Exley, Senior Consultant/Technical Analyst (304)
31 QUESTIONS? Stephen Exley, CISSP Senior Consultant/Technical Analyst FBI CJIS ISO Program (304)
CJIS in the Cloud. Oregon State Police CJIS Statewide Training September 23 & 24, 2015
CJIS in the Cloud Oregon State Police CJIS Statewide Training September 23 & 24, 2015 Stephen Exley, CISSP Senior Consultant/Technical Analyst FBI CJIS ISO Program Cloud Computing Famous Quotes on Cloud
More informationCJIS SECURITY POLICY: VERSION 5.2 CHANGES AND THE UPCOMING REQUIREMENTS.
CJIS SECURITY POLICY: VERSION 5.2 CHANGES AND THE UPCOMING REQUIREMENTS. Alan Ferretti CJIS Information Security Officer Texas Department of Public Safety CJIS Security Policy version 5.2: On 8/9/2013
More informationCA Technologies Solutions for Criminal Justice Information Security Compliance
WHITE PAPER OCTOBER 2014 CA Technologies Solutions for Criminal Justice Information Security Compliance William Harrod Advisor, Public Sector Cyber-Security Strategy 2 WHITE PAPER: SOLUTIONS FOR CRIMINAL
More informationEAaaS Cloud Security Best Practices
EAaaS Cloud Security Best Practices A Technical White Paper by Sennovate Inc Jan 2013 EAaaS Cloud Security Best Practices Page 1 Introduction: Cloud security is an ever evolving subject that is difficult
More informationAlan Ferretti CJIS Information Security Officer
Alan Ferretti CJIS Information Security Officer AGENDA What is CJIS? What is the APB? What is new in the latest version of the CJIS Security Policy? Advanced Authentication change Mobile policy for Tablets
More informationConnecticut Justice Information System Security Compliance Assessment Form
The Connecticut Justice Information System (CJIS-2) is used as a mechanism for municipalities, State and Federal agencies to assess their compliance with the CJIS Security Requirements & Recommendations
More informationAlan Ferretti CJIS Information Security Officer
Alan Ferretti CJIS Information Security Officer CJIS Technical Audit Overview Who, What, Why and When Audit Process Review Network Diagram Review Written Policies/Process Available Resources Helps To Know.
More informationCJIS Information Technology Security Audit (ITSA) 2015 Program Update
CJIS Information Technology Security Audit (ITSA) 2015 Program Update Greg Verharst CJIS Information Security Officer Greg.Verharst@state.or.us (503) 934-2335 The 4 W s of CJIS Audits Who receives Information
More informationNC CJIN Governing Board. 13 October, 2011. George A. White
Advanced Authentication NC CJIN Governing Board 13 October, 2011 George A. White FBI CJIS ISO Brief Policy History Two year development Fully vetted by all state representation Criminal and civil Requirements
More informationVMware vcloud Air Security TECHNICAL WHITE PAPER
TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects
More informationQuantum Hyper- V plugin
Quantum Hyper- V plugin Project blueprint Author: Alessandro Pilotti Version: 1.0 Date: 01/10/2012 Hyper-V reintroduction in OpenStack with the Folsom release was primarily focused
More informationCisco Intercloud Fabric Security Features: Technical Overview
White Paper Cisco Intercloud Fabric Security Features: Technical Overview White Paper May 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of
More informationADM:49 DPS POLICY MANUAL Page 1 of 5
DEPARTMENT OF PUBLIC SAFETY POLICIES & PROCEDURES SUBJECT: IT OPERATIONS MANAGEMENT POLICY NUMBER EFFECTIVE DATE: 09/09/2008 ADM: 49 REVISION NO: ORIGINAL ORIGINAL ISSUED ON: 09/09/2008 1.0 PURPOSE The
More informationIs Your Vendor CJIS-Certified?
A Thought Leadership Profile Symantec SHUTTERSTOCK.COM Is Your Vendor CJIS-Certified? How to identify a vendor partner that can help your agency comply with new federal security standards for accessing
More informationLawrence Police Department Administrative Policy. August 2013. A. Access to CJIS sensitive data is only available to authorized users.
Lawrence Police Department Administrative Policy SUBJECT Criminal Justice Information System (CJIS) APPLIES TO All Personnel EFFECTIVE DATE REVISED DATE August 2013 APPROVED BY Chief of Police TOTAL PAGES
More informationCloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation
Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationDavid.Balka@chi.frb.org 2009 STREAM FRBC
Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework
More informationCloud Security. Are you on the train or the tracks? ISSA CISO Executive Forum April 18, 2015. Brian Grayek CISSP, CCSK, ITILv3
Cloud Security Are you on the train or the tracks? ISSA CISO Executive Forum April 18, 2015 Brian Grayek CISSP, CCSK, ITILv3 1 Agenda: Facts Opinions (based on experience) A little humor Some gold nuggets
More informationPhysical Protection Policy Sample (Required Written Policy)
Physical Protection Policy Sample (Required Written Policy) 1.0 Purpose: The purpose of this policy is to provide guidance for agency personnel, support personnel, and private contractors/vendors for the
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationPlay IT Safe. I love that everything just works with Unitrends. Unitrends Disaster Recovery as a Service. Backup, Archiving & Disaster Recovery
Unitrends Disaster Recovery as a Service (DRaaS) Frequently Asked Questions (FAQ) Backup, Archiving & Disaster Recovery Play IT Safe Unitrends Disaster Recovery as a Service (DRaaS) is a white-glove service
More informationAerohive Networks Inc. Free Bonjour Gateway FAQ
Aerohive Networks Inc. Free Bonjour Gateway FAQ 1. About the Product... 1 2. Installation... 2 3. Management... 3 4. Troubleshooting... 4 1. About the Product What is the Aerohive s Free Bonjour Gateway?
More informationCampus VPN. Version 1.0 September 22, 2008
Campus VPN Version 1.0 September 22, 2008 University of North Texas 1 9/22/2008 Introduction This is a guide on the different ways to connect to the University of North Texas Campus VPN. There are several
More informationSecurity Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)
Security Management of Cloud-Native Applications Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM) 1 Outline Context State-of-the-Art Design Patterns Threats to cloud systems Security
More informationBiznet GIO Cloud Connecting VM via Windows Remote Desktop
Biznet GIO Cloud Connecting VM via Windows Remote Desktop Introduction Connecting to your newly created Windows Virtual Machine (VM) via the Windows Remote Desktop client is easy but you will need to make
More informationAutomated Regional Justice Information System (ARJIS) Acceptable Use Policy for Facial Recognition
Automated Regional Justice Information System (ARJIS) Acceptable Use Policy for Facial Recognition Revised: 02/13/2015 A. STATEMENT OF PURPOSE The purpose of this document is to outline the responsibilities
More informationDeployment Guide: Unidesk and Hyper- V
TECHNICAL WHITE PAPER Deployment Guide: Unidesk and Hyper- V This document provides a high level overview of Unidesk 3.x and Remote Desktop Services. It covers how Unidesk works, an architectural overview
More informationIBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]
IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationExhibit B5b South Dakota. Vendor Questions COTS Software Set
Appendix C Vendor Questions Anything t Applicable should be marked NA. Vendor Questions COTS Software Set Infrastructure 1. Typically the State of South Dakota prefers to host all systems. In the event
More informationEffective Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head:
Policy Title: Effective Date: Revision Date: Subject Matter Experts / Approval(s): TAC: LASO: C/ISO: Front Desk: Technology Support Lead: Agency Head: Every 2 years or as needed Purpose: The purpose of
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More informationSecurity. CLOUD VIDEO CONFERENCING AND CALLING Whitepaper. October 2015. Page 1 of 9
Security CLOUD VIDEO CONFERENCING AND CALLING Whitepaper October 2015 Page 1 of 9 Contents Introduction...3 Security risks when endpoints are placed outside of firewalls...3 StarLeaf removes the risk with
More informationCloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University
Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot
More informationNorth Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing
North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division
More informationVirtualization Security Checklist
Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating
More informationCriminal Justice Information Services (CJIS) Security Policy
U. S. Department of Justice Federal Bureau of Investigation Criminal Justice Information Services Division Criminal Justice Information Services (CJIS) Security Policy Version 5.5 06/01/2016 Prepared by:
More informationWindows Server 2008 R2 Hyper V. Public FAQ
Windows Server 2008 R2 Hyper V Public FAQ Contents New Functionality in Windows Server 2008 R2 Hyper V...3 Windows Server 2008 R2 Hyper V Questions...4 Clustering and Live Migration...5 Supported Guests...6
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationBest Practices For Department Server and Enterprise System Checklist
Best Practices For Department Server and Enterprise System Checklist INSTRUCTIONS Information Best Practices are guidelines used to ensure an adequate level of protection for Information Technology (IT)
More informationWhat are your firm s plans to adopt x86 server virtualization? Not interested
The benefits of server virtualization are widely accepted and the majority of organizations have deployed virtualization technologies. Organizations are virtualizing mission-critical workloads but must
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationVirtualization Impact on Compliance and Audit
2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance
More informationCompliance and Industry Regulations
Compliance and Industry Regulations Table of Contents Introduction...1 Executive Summary...1 General Federal Regulations and Oversight Agencies...1 Agency or Industry Specific Regulations...2 Hierarchy
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationUSING GENIE REMOTELY
USING GENIE REMOTELY This document outlines the available options for using Genie in offsite logging mode (Genie single user) or remotely in real-time via a remote desktop (terminal services) connection.
More informationPCI Compliance in a Virtualized World
PCI Compliance in a Virtualized World Security Technology Infrastructure Security Integration 24x7 Support MSS Training Information Assurance Staff Augmentation Presenters John Clark QSA, PMP, CISA, CISSP
More informationCriminal Justice Information Services (CJIS) Security Policy
U. S. Department of Justice Federal Bureau of Investigation Criminal Justice Information Services Division Criminal Justice Information Services (CJIS) Security Policy Version 5.4 Prepared by: CJIS Information
More informationMS-6422A - Implement and Manage Microsoft Windows Server Hyper-V
MS-6422A - Implement and Manage Microsoft Windows Server Hyper-V Table of Contents Introduction Audience At Completion Prerequisites Microsoft Certified Professional Exams Student Materials Outline Introduction
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationM6422A Implementing and Managing Windows Server 2008 Hyper-V
M6422A Implementing and Managing Windows Server 2008 Hyper-V Looking at Training Differently... Course 6422A: Implementing and Managing Windows Server 2008 Hyper-V Length: Published: Language(s): Audience(s):
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationCriminal Justice Information Services (CJIS) Security Policy
U. S. Department of Justice Federal Bureau of Investigation Criminal Justice Information Services Division Criminal Justice Information Services (CJIS) Security Policy Version 5.3 Prepared by: CJIS Information
More informationPreparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
More informationSecuring the Intelligent Network
WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network New Threats Demand New Strategies The network is the door to your organization for both legitimate users and would-be attackers.
More informationLearn the Essentials of Virtualization Security
Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationAn overwhelming majority of IaaS clouds leverage virtualization for their foundation.
1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources
More informationThe Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities
Briefing Paper The Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities Sean A. Ensz University of Oklahoma 200 Felgar Street, Norman, Oklahoma 73019 405.325.3954 Office 405.325.1633 Fax
More informationInformation Technology Branch Access Control Technical Standard
Information Technology Branch Access Control Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 5 November 20, 2014 Approved: Date: November 20,
More informationSAN Conceptual and Design Basics
TECHNICAL NOTE VMware Infrastructure 3 SAN Conceptual and Design Basics VMware ESX Server can be used in conjunction with a SAN (storage area network), a specialized high speed network that connects computer
More informationI believe. Satya Nadella CEO, Microsoft. History of making big bets
I believe over the next decade computing will become even more ubiquitous and intelligence will become ambient. The coevolution of software and new hardware form factors will intermediate and digitize
More informationHow to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade
How to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade Executive summary... 2 System requirements... 2 Hardware requirements...
More informationCJIS Division Update
CJIS Division Update Oregon State Police Criminal Justice Information Services Division Kendele Miyasaki, Training Coordinator Russ Hoskins, Training Specialist CJIS/LEDS Contact Information Criminal Justice
More informationIT ASSET MANAGEMENT Securing Assets for the Financial Services Sector
IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector V.2 Final Draft May 1, 2014 financial_nccoe@nist.gov This revision incorporates comments from the public. Page Use case 1 Comments
More informationSecuring the Physical, Virtual, Cloud Continuum
Securing the Physical, Virtual, Cloud Continuum By Ted Ritter, CISSP Senior Research Analyst Executive Summary The data center is undergoing a radical shift, from virtualization towards internal cloud
More informationPCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR
PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR AUTHOR: UDIT PATHAK SENIOR SECURITY ANALYST udit.pathak@niiconsulting.com Public Network Intelligence India 1 Contents 1. Background... 3 2. PCI Compliance
More information雲 端 發 展 與 安 全 趨 勢. 陳 建 宏 Jovi Chen 技 術 顧 問 jovichen@checkpoint.com. 2011 Check Point Software Technologies Ltd. [Unrestricted] For everyone
雲 端 發 展 與 安 全 趨 勢 陳 建 宏 Jovi Chen 技 術 顧 問 jovichen@checkpoint.com 2011 Check Point Software Technologies Ltd. [Unrestricted] For everyone Agenda 1 雲 端 發 展 概 況 2 私 有 雲 演 進 過 程 及 未 來 3 雲 端 虛 擬 化 的 安 全 疑
More informationSecuring Virtualization with Check Point and Consolidation with Virtualized Security
Securing Virtualization with Check Point and Consolidation with Virtualized Security consolidate security gateways with full power of Software Blades with Check Point Virtual Systems (VSX) secure virtualized
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationClearPass Policy Manager 6.3
ClearPass Policy Manager 6.3 Tech Note: Installing or Upgrading on a Virtual Machine This document describes the procedures for installing and upgrading ClearPass Policy Manager 6.3 on a Virtual Machine.
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationInformation Technology Security Guideline. Network Security Zoning
Information Technology Security Guideline Network Security Zoning Design Considerations for Placement of s within Zones ITSG-38 This page intentionally left blank. Foreword The Network Security Zoning
More informationConnecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs
Connecting your Virtual Machine to the Internet BT Cloud Compute The power to build your own cloud solutions to serve your specific business needs Introduction Once you have created your virtual machine
More informationPCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011
Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines
More informationInteragency Advisory Board Meeting Agenda, August 25, 2009
Interagency Advisory Board Meeting Agenda, August 25, 2009 1. Opening Remarks 2. Policy, process, regulations, technology, and infrastructure to employ HSPD-12 in USDA (Owen Unangst, USDA) 3. Policy and
More informationLevel 3 Public Use. Information Technology. Log/Event Management Guidelines
Page 1 of 5 Prepared by: Leigh Lopez Approved by: Chris Olsen, ISO Date: May 12, 2009 Date: June 8, 2009 Last revised by: Chris Olsen Last approved by: Chris Olsen, ISO Date: June 6, 2009 Date: January
More informationThis presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.
This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1. WD31_VirtualApplicationSharedServices.ppt Page 1 of 29 This presentation covers the shared
More information1.1.1 Introduction to Cloud Computing
1 CHAPTER 1 INTRODUCTION 1.1 CLOUD COMPUTING 1.1.1 Introduction to Cloud Computing Computing as a service has seen a phenomenal growth in recent years. The primary motivation for this growth has been the
More informationSecure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com
Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud
More informationVirtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,
More informationAn Analysis of Propalms TSE and Microsoft Remote Desktop Services
An Analysis of TSE and Remote Desktop Services JULY 2010 This document illustrates how TSE can extend your Remote Desktop Services environment providing you with the simplified and consolidated management
More informationInformation Security @ Blue Valley Schools FEBRUARY 2015
Information Security @ Blue Valley Schools FEBRUARY 2015 Student Data Privacy & Security Blue Valley is committed to providing an education beyond expectations to each of our students. To support that
More informationVirtualization and Cloud Computing
Virtualization and Cloud Computing Security is a Process, not a Product Guillermo Macias CIP Security Auditor, Sr. Virtualization Purpose of Presentation: To inform entities about the importance of assessing
More informationOvercoming Security Challenges to Virtualize Internet-facing Applications
Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing
More informationApache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific
Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide
More informationDesigning Virtual Network Security Architectures Dave Shackleford
SESSION ID: CSV R03 Designing Virtual Network Security Architectures Dave Shackleford Sr. Faculty and Analyst SANS @daveshackleford Introduction Much has been said about virtual networking and softwaredefined
More informationBest Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008
Best Practices Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008 Installation and Configuration Guide 2010 LSI Corporation August 13, 2010
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationUsing LISP for Secure Hybrid Cloud Extension
Using LISP for Secure Hybrid Cloud Extension draft-freitasbellagamba-lisp-hybrid-cloud-use-case-00 Santiago Freitas Patrice Bellagamba Yves Hertoghs IETF 89, London, UK A New Use Case for LISP It s a use
More information05.0 Application Development
Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationSTORMY WEATHER SECURING CLOUD COMPUTING. Russell Skingsley Director of Advanced Technology Data Centre and Cloud, APAC Juniper Networks
STORMY WEATHER SECURING CLOUD COMPUTING Russell Skingsley Director of Advanced Technology Data Centre and Cloud, APAC Juniper Networks DISCLAIMER These are not necessarily the views of Juniper Networks
More information