The growing importance of a secure Cloud environment

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "The growing importance of a secure Cloud environment"

Transcription

1 The growing importance of a secure Cloud environment Jan Tiri System Engineer, VMware BeLux 2009 VMware Inc. All rights reserved

2 Cloud components Enterprises Cloud Service Providers Private Cloud Operated solely for an organization, typically within the firewall Low total cost of ownership Greater control over security, compliance, QoS Easier integration Support existing applications Hybrid Cloud Composition of 2 or more interoperable clouds, enabling data and application portability VMware focus to deliver the best of both worlds Public Cloud Accessible over the Internet for general consumption Low acquisition costs Less administrative burden On-demand capacity Limited offerings

3 Gartner: VMware is the Clear Market Leader VMware stands alone as a leader in this Magic Quadrant VMware is clearly ahead in : Understanding the market Product strategy Business model Technology innovation, Product capabilities Sales execution VMware Strengths : Far-reaching virtualization strategy enabling cloud computing, new application architectures and broader management Technology leadership and innovation High customer satisfaction Large installed base (especially Global 2000), and rapid growth of service providers planning to use VMware (vcloud)

4 VMware Approach to Security Platform Security Secure hypervisor architecture Platform hardening features Secure Development Lifecycle Secure Operations Prescriptive guidance for deployment and configuration Enterprise controls for security and compliance Virtualization of Security Virtualizationaware security Unique Advantage of virtualization

5 VMware Approach to Security Platform Security Secure hypervisor architecture Platform hardening features Secure Development Lifecycle Secure Operations Prescriptive guidance for deployment and configuration Enterprise controls for security and compliance Virtualization of Security Virtualizationaware security Unique Advantage of virtualization

6 Architecture: Types of Server Virtualization Hosted (Type 2) Bare-Metal (Type 1) Virtualization Layer APP Windows, Linux, Mac VMware Workstation VMware Server VMware Player VMware Fusion Host OS changes security profile VMware ESX/ESXi

7 Isolation by Design CPU & Memory Virtual Network Virtual Storage VMs have limited access to CPU Memory isolation enforced by Hardware TLB Memory pages zeroed out before being used by a VM No code exists to link virtual switches Virtual switches immune to learning and bridging attacks Virtual Machines only see virtual SCSI devices, not actual storage Exclusive virtual machine access to virtual disks enforced by VMFS using SCSI file locks 7

8 ESXi Security Model Physical / Console Management Network Production Network CIM Client VM VM VM vsphere API vsphere Client vcli vsphere SDK VC hostd vpxa vmkernel CIM Broker Tech Support Mode DCUI BIOS VMM VMM Network Stack Storage Stack VMM Trust Boundary IP-based Storage Inter-ESX network Fibre Channel Storage Keyboard or ilo/equivalent Confidential - INTERNAL ONLY 8

9 VMware Secure Development Lifecycle Process Training Protect Customer Data & Infrastructure Security Response Architecture Risk Analysis Enable Policy Compliance Security Testing Product Security Policy Best Practice and Compliance Requirements 3 rd party experts continually involved at various points Code Analysis & Inspection VMworld 2009 Session TA2543: VMware s Secure Software Development Lifecycle

10 VMware Product Security Policy Baseline requirements for the entire software development life cycle Requirements being prioritized by customers Chief Security Officers; Drives products to comply to customer security expectations Derived from Customer policies, SOX, PCI, HIPPA, FIPS, ISO 17799, NIST security standards, OWASP, CWE, CERT vulnerabilities Timely revisions tracking industry advances and feedback from the field Architecture & Design Serviceability Product Development Testing & Assurance 67 Mandatory and 25 Recommended Requirements

11 Independently validated Common Criteria EAL 4+ Certification Highest internationally recognized level Achieved for ESX 3.0 and 3.5; in process for vsphere 4 DISA STIG for ESX Approval for use in DoD information systems NSA Central Security Service guidance for both datacenter and desktop scenarios 11

12 NSA Secure Workstation Solution Source: VMworld 2009, Session TA

13 VMware Approach to Security Platform Security Secure hypervisor architecture Platform hardening features Secure Development Lifecycle Secure Operations Prescriptive guidance for deployment and configuration Enterprise controls for security and compliance Virtualization of Security Virtualizationaware security Unique Advantage of virtualization

14 How Virtualization Affects Datacenter Security Abstraction and Consolidation Capital and Operational Cost Savings New infrastructure layer to be secured Greater impact of attack or misconfiguration Collapse of switches and servers into one device Flexibility Cost-savings Lack of virtual network visibility and control No separation-by-default of administration 14

15 How Virtualization Affects Datacenter Security Faster deployment of servers IT responsiveness Inconsistencies in configuration Poorly-defined procedures VM Mobility Improved Service Levels Identity divorced from physical location VM Encapsulation Ease of business continuity Consistency of deployment Hardware Independence Outdated offline systems Unauthorized Copy 15

16 How do we secure our Virtual Infrastructure? Use the Principles of Information Security Secure the Guests Harden the Virtualization layer Access Controls Administrative Controls

17 Securing Virtual Machines Provide Same Protection as for Physical Servers Host Anti-Virus Patch Management Network Intrusion Detection/Prevention (IDS/IPS) Edge Firewalls 17

18 vnic vnic vnic Isolation in the Architecture Segment out all non-production networks VMkernel Use VLAN tagging, or Production Mgmt Storage Use separate vswitch (see diagram) vswitch1 vmnic Prod Network Mgmt Network vswitch2 Strictly control access to management network, e.g. RDP to jump box, or VPN through firewall vcenter Other ESX/ESXi hosts IP-based Storage 18

19 vsphere Security Hardening Guide (13/4/2010) This document provides guidance on how to securely deploy vsphere 4.0 in a production environment. The focus is on initial configuration of the virtualization infrastructure layer, which covers the following: The virtualization hosts (both ESX and ESXi) Configuration of the virtual machine container Configuration of the virtual networking infrastructure, including the management and storage networks as well as the virtual switch vcenter Server, its database, and client components VMware Update Manager 19 Confidential

20 Separation of Duties with vsphere Broad scope Super Admin Networking Admin Server Admin Storage Admin Narrow scope Operator Operator VM Owner VM Owner

21 Administrative Controls for Security and Compliance Requirement VMware Solutions Partner Solutions Configuration management, monitoring, auditing Auditable and repeatable procedures Updating of offline VMs Virtual network security VMware vcenter Server VMware vsphere Host Profiles VMware vcenter ConfigControl VMware vsphere event logging VMware Ionix VMware vcenter Orchestrator VMware vcenter Lifecycle Manager VMware Update Manager VMware vshield Manager vnetwork Distributed Switch Configuresoft ECM for Virtualization NetIQ Secure Configuration Manager Tripwire Enterprise for Vmware Hyperix Shavlik NetChk Protect Cisco, Checkpoint, Reflex, Third Brigade Diverse and growing ecosystem of products to help provide secure VMware Infrastructure

22 VMware Approach to Security Platform Security Secure hypervisor architecture Platform hardening features Secure Development Lifecycle Secure Operations Prescriptive guidance for deployment and configuration Enterprise controls for security and compliance Virtualization of Security Virtualizationaware security Unique Advantage of virtualization

23 Management vshield Manager Security Solutions 2010 Plan Endpoint Seraph Thin A/V enablement McAfee, Trend Thin A/V Joint GTM with next release of View Cloud vshield Edge Port Firewall, NAT, DHCP Site-2-site VPN*, Load Balancer* Joint GTM with Service Director Mgr Application vshield Zones Distributed vnic firewall, monitor App Zones, Isolation Joint GTM with KL.next Endpoint, Cloud, App security realized via vshield security VMs Management unifies security VMs; provides REST APIs Management integrated with vcenter, Service Director Manager 23 Confidential

24 Endpoint protection: Seraph Issues AV storms can cause brownouts in shared compute (virtualization) and storage (SAN/NAS) environments SVM VM VM VM Traditional agents are resource intensive - not optimized for high utilization, efficient clouds Up to 6 GB on VMware View desktops Opportunities Leverage hypervisor to offload AV functions from agents into a dedicated security VM AV OS Hardened Introspection APP OS Kernel BIOS APP OS Kernel BIOS VMware vsphere APP OS Kernel BIOS Deploy security in a more agile, service-driven manner to both private and public cloud environments

25 Cloud protection: vshield Edge vcloud Service Director vshield Manager 2.0 DMZ APPS DB Edge net/sec services VPN with overlay enables extending local L2/IP to cloud Web Load Balancer enables scaling web server farms vcloud APIs extended to include VPN, WLB services vshield Edge Firewall, NAT, DHCP, VPN/overlay, Web LB vcenter VMware vsphere Network REMOTE SITE INTERNET SITE 2 SITE VPN

26 Application protection: vshield Zones vapps Isolated Zones vsphere CLUSTER DMZ APP DB VDI vshield Zones vsphere vshield Zones vsphere vshield Zones vsphere vshield Zones vsphere Capabilities Define VM zones based on familiar VI containers Monitor allowed and disallowed activity by application-based protocols One-click flow-tofirewall blocks precise network traffic Benefits Pervasive: well-defined security posture for inter-vm traffic anywhere and everywhere in virtual environment Persistent: monitoring and assured policies for entire VM lifecycle, including VMotion live migrations Simple: Zone-based rules reduces policy errors

27 VDC Key Building Block of the Infrastructure 1. Encapsulate secure, auto-wired VDC Edge Zones EndPoint vmsafe Sales 2. Standup VDC per Org, on demand 3. Migrate, burst, federate VDC to vcloud EndPoint vmsafe Zones Edge Finance EndPoint vmsafe Zones Edge Intranet EndPoint vmsafe Security & Network vservices Secure Edge Zones Corp Web Vmware vsphere

28 Where to Learn More Security Hardening Best Practices Implementation Guidelines Compliance Partner Solutions Advice and Recommendation Operations Peer-contributed Content

29 Thank You 2009 VMware Inc. All rights reserved

Mitigating Information Security Risks of Virtualization Technologies

Mitigating Information Security Risks of Virtualization Technologies Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization

More information

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects

More information

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com 1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption

More information

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics

More information

Sichere Virtualisierung mit VMware

Sichere Virtualisierung mit VMware Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information

More information

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service

More information

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with

More information

Hardening and Hacking vsphere and Private Cloud Everything you need to know about vsphere Security

Hardening and Hacking vsphere and Private Cloud Everything you need to know about vsphere Security Hardening and Hacking vsphere and Private Cloud Everything you need to know about vsphere Security Course Length: 5 days Course Delivery: Traditional Classroom Online Live Course Overview We are well aware

More information

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0

vshield Quick Start Guide vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0 vshield Manager 4.1 vshield Edge 1.0 vshield App 1.0 vshield Endpoint 1.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE Virtualization Security and Best Practices Rob Randell, CISSP Senior Security Specialist SE Agenda General Virtualization Concepts Hardware Virtualization and Application Virtualization Types of Hardware

More information

Security in the Software Defined Data Center

Security in the Software Defined Data Center Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined

More information

Virtual Computing and VMWare. Module 4

Virtual Computing and VMWare. Module 4 Virtual Computing and VMWare Module 4 Virtual Computing Cyber Defense program depends on virtual computing We will use it for hands-on learning Cyber defense competition will be hosted on a virtual computing

More information

Network Segmentation in Virtualized Environments B E S T P R A C T I C E S

Network Segmentation in Virtualized Environments B E S T P R A C T I C E S Network Segmentation in Virtualized Environments B E S T P R A C T I C E S ware BEST PRAC TICES Table of Contents Introduction... 3 Three Typical Virtualized Trust Zone Configurations... 4 Partially Collapsed

More information

VMware vsphere Design. 2nd Edition

VMware vsphere Design. 2nd Edition Brochure More information from http://www.researchandmarkets.com/reports/2330623/ VMware vsphere Design. 2nd Edition Description: Achieve the performance, scalability, and ROI your business needs What

More information

vshield Quick Start Guide

vshield Quick Start Guide vshield Manager 5.0 vshield App 5.0 vshield Edge 5.0 vshield Endpoint 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

vsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration

vsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration Course Details Level: 1 Course: V6PCRE Duration: 5 Days Language: English Delivery Methods Instructor Led Training Instructor Led Online Training Participants: Virtualization and Cloud Administrators,

More information

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security

More information

vshield Quick Start Guide

vshield Quick Start Guide vshield Manager 5.0.1 vshield App 5.0.1 vshield Edge 5.0.1 vshield Endpoint 5.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««; Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization

More information

Vmware VSphere 6.0 Private Cloud Administration

Vmware VSphere 6.0 Private Cloud Administration To register or for more information call our office (208) 898-9036 or email register@leapfoxlearning.com Vmware VSphere 6.0 Private Cloud Administration Class Duration 5 Days Introduction This fast paced,

More information

Business Values of Network and Security Virtualization

Business Values of Network and Security Virtualization Business Values of Network and Security Virtualization VMware NSX in the context of the Software Defined Data Center Klaus Jansen Virtual Networks Sales Specialist VMware NSBU 2014 VMware Inc. All rights

More information

Managed Object - PerformanceManager http://www.vmware.com/support/developer/vc-sdk/visdk400pubs/referenceguide/vim.performancemanager.

Managed Object - PerformanceManager http://www.vmware.com/support/developer/vc-sdk/visdk400pubs/referenceguide/vim.performancemanager. URLs disponibles dans http://www.tdeig.ch/vmware/liens.pdf mise à jour du 17 juin 2011 / GL Documents vsphere Introduction to VMware vsphere http://www.vmware.com/pdf/vsphere4/r40/vsp_40_intro_vs.pdf Basic

More information

Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT.

Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT. Potecting your business assets in The Cloud, with Secure Multitency Environment from CloudHPT. Whitepaper 1 Introduction Goal of This Document To provide a guide to the security features of CloudHPT. CloudHPT

More information

VirtualclientTechnology 2011 July

VirtualclientTechnology 2011 July WHAT S NEW IN VSPHERE VirtualclientTechnology 2011 July Agenda vsphere Platform Recap vsphere 5 Overview Infrastructure Services Compute, Storage, Network Applications Services Availability, Security,

More information

RSA Security Solutions for Virtualization

RSA Security Solutions for Virtualization RSA Security Solutions for Virtualization Grzegorz Mucha grzegorz.mucha@rsa.com Securing the Journey to the Cloud The RSA Solution for Virtualized Datacenters The RSA Solution for VMware View The RSA Solution

More information

The best platform for building cloud infrastructures. Ralf von Gunten Sr. Systems Engineer VMware

The best platform for building cloud infrastructures. Ralf von Gunten Sr. Systems Engineer VMware The best platform for building cloud infrastructures Ralf von Gunten Sr. Systems Engineer VMware The Problem Overwhelming complexity >70% of IT budgets just to keep the lights on

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility

More information

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax:

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax: Course: Virtualization with VMware ESX and VirtualCenter Description: Price: $2,895.00 Category: VMware Duration: 5 days Schedule: Request Dates Outline: This class is a 5-day (optional 4-day) intense

More information

Migrating to ESXi: How To

Migrating to ESXi: How To ILTA Webinar Session Migrating to ESXi: How To Strategies, Procedures & Precautions Server Operations and Security Technology Speaker: Christopher Janoch December 29, 2010 Migrating to ESXi: How To Strategies,

More information

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud

More information

VMware for SMB environments(min. 505 1 st year)

VMware for SMB environments(min. 505 1 st year) VMware offers dozens of products, but at its core is vsphere, its virtualization platform, and vcenter Server, its management family. Understanding VMware's vsphere, vcenter and vcloud licensing is critical

More information

vsphere 6.0 Advantages Over Hyper-V

vsphere 6.0 Advantages Over Hyper-V v3c Advantages Over Hyper-V The most trusted and complete virtualization platform 2015 Q1 2015 VMware Inc. All rights reserved. The Most Trusted Virtualization Platform Hypervisor Architecture Broad Support

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes

More information

Meeting the Challenges of Virtualization Security

Meeting the Challenges of Virtualization Security Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts

Expert Reference Series of White Papers. vcloud Director 5.1 Networking Concepts Expert Reference Series of White Papers vcloud Director 5.1 Networking Concepts 1-800-COURSES www.globalknowledge.com vcloud Director 5.1 Networking Concepts Rebecca Fitzhugh, VMware Certified Instructor

More information

Devising a Server Protection Strategy with Trend Micro

Devising a Server Protection Strategy with Trend Micro Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.

More information

What s New with VMware Virtual Infrastructure

What s New with VMware Virtual Infrastructure What s New with VMware Virtual Infrastructure Virtualization: Industry-Standard Way of Computing Early Adoption Mainstreaming Standardization Test & Development Server Consolidation Infrastructure Management

More information

VMware for your hosting services

VMware for your hosting services VMware for your hosting services Anindya Kishore Das 2009 VMware Inc. All rights reserved Everybody talks Cloud! You will eat your cloud and you will like it! Everybody talks Cloud - But what is it? VMware

More information

Learn the Essentials of Virtualization Security

Learn the Essentials of Virtualization Security Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption

More information

Securing Large Scale Virtual Server Environments in US Government Enterprises

Securing Large Scale Virtual Server Environments in US Government Enterprises Securing Large Scale Virtual Server Environments in Whitepaper Document Number: TMIC-002 Client File Number: PO 309 6/28/2011 Document Version Number 1.0 Date: 29 November 2011 Prepared by: BD Pro www.bdpro.ca

More information

VMware ESXi 3.5 update 2

VMware ESXi 3.5 update 2 VMware ESXi 3.5 update 2 VMware ESXi 3.5 Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor for FREE Partitions servers to create

More information

VMware End User Computing Horizon Suite

VMware End User Computing Horizon Suite VMware End User Computing Horizon Suite Luc Gallet lgallet@vmware.com 2010 VMware Inc. All rights reserved The pace and rate of technology change is faster than ever Devices 66 % use 2+ devices for work

More information

The Virtualization Practice

The Virtualization Practice The Virtualization Practice White Paper: A Look at Trend Micro Deep Security 7.5 Edward L. Haletky Analyst March 2011 2011 The Virtualization Practice. All Rights Reserved. Abstract Trend Micro Deep Security

More information

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................

More information

VMware vsphere: Fast Track [V5.0]

VMware vsphere: Fast Track [V5.0] VMware vsphere: Fast Track [V5.0] Experience the ultimate in vsphere 5 skills-building and VCP exam-preparation training. In this intensive, extended-hours course, you will focus on installing, configuring,

More information

VMware Virtualization. Garrett Hartney VMware Evangelist

VMware Virtualization. Garrett Hartney VMware Evangelist VMware Virtualization Garrett Hartney VMware Evangelist Agenda Virtualization VMware Management vservices The Virtual Datacenter Operating System Desktop Virtualization Virtualization Virtualization on

More information

Shifting Roles for Security in the Virtualized Data Center: Who Owns What?

Shifting Roles for Security in the Virtualized Data Center: Who Owns What? Shifting Roles for Security in the Virtualized Data Center: Who Owns What? SESSION ID: CSV-T07 Rob Randell, CISSP Director Systems Engineering Principal Security Architect VMware / NSBU Malcolm Rieke Director

More information

Secure Cloud-Ready Data Centers Juniper Networks

Secure Cloud-Ready Data Centers Juniper Networks Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security

More information

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure BEST PRACTICES DMZ Virtualization with ware Infrastructure ware BEST PRACTICES Table of Contents Virtualized DMZ Networks... 3 Three Typical Virtualized DMZ Configurations... 4 Partially Collapsed DMZ

More information

Table of Contents. vsphere 4 Suite 24. Chapter Format and Conventions 10. Why You Need Virtualization 15 Types. Why vsphere. Onward, Through the Fog!

Table of Contents. vsphere 4 Suite 24. Chapter Format and Conventions 10. Why You Need Virtualization 15 Types. Why vsphere. Onward, Through the Fog! Table of Contents Introduction 1 About the VMware VCP Program 1 About the VCP Exam 2 Exam Topics 3 The Ideal VCP Candidate 7 How to Prepare for the Exam 9 How to Use This Book and CD 10 Chapter Format

More information

VMware: Advanced Security

VMware: Advanced Security VMware: Advanced Security Course Introduction Course Introduction Chapter 01 - Primer and Reaffirming Our Knowledge Primer and Reaffirming Our Knowledge ESX Networking Components How Virtual Ethernet Adapters

More information

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3 VMware Solution Guide for Payment Card Industry (PCI) September 2012 v1.3 VALIDATION DO CU MENT Table of Contents INTRODUCTION... 3 OVERVIEW OF PCI AS IT APPLIES TO CLOUD/VIRTUAL ENVIRONMENTS... 5 GUIDANCE

More information

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.

Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved. Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security

More information

Building the Private cloud

Building the Private cloud Building the Private cloud Yiannis Psichas Senior Technology Consultant Psichas_yiannis@emc.com 1 IT Infrastructure Needs to Change 77% keeping the lights on 23% delivering new capabilities Too much complexity.

More information

Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012

Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012 Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:

More information

VMware vsphere-6.0 Administration Training

VMware vsphere-6.0 Administration Training VMware vsphere-6.0 Administration Training Course Course Duration : 20 Days Class Duration : 3 hours per day (Including LAB Practical) Classroom Fee = 20,000 INR Online / Fast-Track Fee = 25,000 INR Fast

More information

Security for Virtualization

Security for Virtualization Security for Virtualization Dan Broasca General Manager Omnient SRL dan.broasca@omnient.ro The two concepts Virtualize the security Complete virtualized security and network infrastructure Security for

More information

VMware vsphere 5.1 Advanced Administration

VMware vsphere 5.1 Advanced Administration Course ID VMW200 VMware vsphere 5.1 Advanced Administration Course Description This powerful 5-day 10hr/day class is an intensive introduction to VMware vsphere 5.0 including VMware ESX 5.0 and vcenter.

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Agentless Security for VMware Virtual Data Centers and Cloud

Agentless Security for VMware Virtual Data Centers and Cloud Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

VMware Virtual Infrastucture From the Virtualized to the Automated Data Center

VMware Virtual Infrastucture From the Virtualized to the Automated Data Center VMware Virtual Infrastucture From the Virtualized to the Automated Data Center Senior System Engineer VMware Inc. ngalante@vmware.com Agenda Vision VMware Enables Datacenter Automation VMware Solutions

More information

Desktop Virtualization. The back-end

Desktop Virtualization. The back-end Desktop Virtualization The back-end Will desktop virtualization really fit every user? Cost? Scalability? User Experience? Beyond VDI with FlexCast Mobile users Guest workers Office workers Remote workers

More information

Building an Enterprise Hybrid Cloud with the VMware vcloud Solution

Building an Enterprise Hybrid Cloud with the VMware vcloud Solution Building an Enterprise Hybrid Cloud with the VMware vcloud Solution Glenn Grabowski, Staff Systems Engineer, Senior Cloud Specialist, VMware May 4, 2011 Customer Presentation 2009 VMware Inc. All rights

More information

Khóa học dành cho các kỹ sư hệ thống, quản trị hệ thống, kỹ sư vận hành cho các hệ thống ảo hóa ESXi, ESX và vcenter Server

Khóa học dành cho các kỹ sư hệ thống, quản trị hệ thống, kỹ sư vận hành cho các hệ thống ảo hóa ESXi, ESX và vcenter Server 1. Mục tiêu khóa học. Khóa học sẽ tập trung vào việc cài đặt, cấu hình và quản trị VMware vsphere 5.1. Khóa học xây dựng trên nền VMware ESXi 5.1 và VMware vcenter Server 5.1. 2. Đối tượng. Khóa học dành

More information

Bla Bla Bla Cloud. Massimo Re Ferre VMware Staff Systems Engineer vcloud Architect. 2009 VMware Inc. All rights reserved

Bla Bla Bla Cloud. Massimo Re Ferre VMware Staff Systems Engineer vcloud Architect. 2009 VMware Inc. All rights reserved Bla Bla Bla Cloud Massimo Re Ferre VMware Staff Systems Engineer vcloud Architect 2009 VMware Inc. All rights reserved Uh? 2 Virtualization explained in one picture (note reaction) 3 Cloud explained in

More information

VMware vcloud Networking and Security

VMware vcloud Networking and Security VMware vcloud Networking and Security Efficient, Agile and Extensible Software-Defined Networks and Security BROCHURE Overview Organizations worldwide have gained significant efficiency and flexibility

More information

Building YOURcloud: The Federal Government s first Secure Hybrid Community Cloud

Building YOURcloud: The Federal Government s first Secure Hybrid Community Cloud Building YOURcloud: The Federal Government s first Secure Hybrid Community Cloud Anil Karmel, Deputy Chief Technology Officer National Nuclear Security Administration A Partnership between the Office of

More information

Oracle Solutions on Top of VMware vsphere 4. Saša Hederić VMware Adriatic

Oracle Solutions on Top of VMware vsphere 4. Saša Hederić VMware Adriatic Oracle Solutions on Top of VMware vsphere 4 Saša Hederić VMware Adriatic The Problem Where the IT Budget Goes 5% Infrastructure Investment 23% Application Investment 42% Infrastructure Maintenance Overwhelming

More information

Trend Micro Deep Security

Trend Micro Deep Security Trend Micro Deep Security VMware Global Technology Alliance Partner Changing the Game with Agentless Security for the Virtual Data Center A 2012 Trend Micro White Paper I. INTRODUCTION From its early experimental

More information

Install Guide for JunosV Wireless LAN Controller

Install Guide for JunosV Wireless LAN Controller The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller

More information

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic

VMware Software Defined Network. Dejan Grubić VMware Systems Engineer for Adriatic VMware Software Defined Network Dejan Grubić VMware Systems Engineer for Adriatic The Transformation of Infrastructure Infrastructure Servers Clouds Be more responsive to business, change economics of

More information

Barnaby Jeans Sr. Solution Architect Business Critical Applications

Barnaby Jeans Sr. Solution Architect Business Critical Applications Barnaby Jeans Sr. Solution Architect Business Critical Applications Connected, Mobile, Information-Centric World Business Reduction in Complexity via New IT Architectures and Business Models The IT Dilemma

More information

Network Troubleshooting & Configuration in vsphere 5.0. 2010 VMware Inc. All rights reserved

Network Troubleshooting & Configuration in vsphere 5.0. 2010 VMware Inc. All rights reserved Network Troubleshooting & Configuration in vsphere 5.0 2010 VMware Inc. All rights reserved Agenda Physical Network Introduction to Virtual Network Teaming - Redundancy and Load Balancing VLAN Implementation

More information

Learn how to build Enterprise Hybrid Clouds for your customers using VMware vcloud

Learn how to build Enterprise Hybrid Clouds for your customers using VMware vcloud Learn how to build Enterprise Hybrid Clouds for your customers using VMware vcloud 1 The business has strict demands of IT As the CIO, I provide Through Cloud I am able business with the to cost effectively

More information

TGL VMware Presentation. Guangzhou Macau Hong Kong Shanghai Beijing

TGL VMware Presentation. Guangzhou Macau Hong Kong Shanghai Beijing TGL VMware Presentation Guangzhou Macau Hong Kong Shanghai Beijing The Path To IT As A Service Existing Apps Future Apps Private Cloud Lots of Hardware and Plumbing Today IT TODAY Internal Cloud Federation

More information

Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!

Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Ravi Kumar, Group Product Marketing Manager - Security, VMware Bob Kalka, Director, IBM Security Solutions, IBM The Rise

More information

VMware vsphere 4.1. Pricing, Packaging and Licensing Overview. E f f e c t i v e A u g u s t 1, 2 0 1 0 W H I T E P A P E R

VMware vsphere 4.1. Pricing, Packaging and Licensing Overview. E f f e c t i v e A u g u s t 1, 2 0 1 0 W H I T E P A P E R VMware vsphere 4.1 Pricing, Packaging and Licensing Overview E f f e c t i v e A u g u s t 1, 2 0 1 0 W H I T E P A P E R Table of Contents Executive Summary...................................................

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the

More information

VDI Security for Better Protection and Performance

VDI Security for Better Protection and Performance VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments

More information

VMware vsphere 4. Pricing, Packaging and Licensing Overview W H I T E P A P E R

VMware vsphere 4. Pricing, Packaging and Licensing Overview W H I T E P A P E R Pricing, Packaging and Licensing Overview W H I T E P A P E R Table of Contents Introduction to VMware vsphere 4..................................... 3 Pricing, Packaging and Licensing Overview..............................

More information

Cloud Optimize Your IT

Cloud Optimize Your IT Cloud Optimize Your IT Windows Server 2012 The information contained in this presentation relates to a pre-release product which may be substantially modified before it is commercially released. This pre-release

More information

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0 WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,

More information

Building an Internal Cloud that is ready for the external Cloud

Building an Internal Cloud that is ready for the external Cloud Building an Internal Cloud that is ready for the external Cloud Luca ZERMINIANI, Senior Systems Engineer, VMware Italy Athens, February 2010 2009 VMware Inc. All rights reserved Agenda How virtualization

More information

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion

More information

VMware vsphere 5.0 Boot Camp

VMware vsphere 5.0 Boot Camp VMware vsphere 5.0 Boot Camp This powerful 5-day 10hr/day class is an intensive introduction to VMware vsphere 5.0 including VMware ESX 5.0 and vcenter. Assuming no prior virtualization experience, this

More information

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems Cisco Prime Network Services Controller Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems Agenda Cloud Networking Challenges Prime Network Services Controller L4-7 Services Solutions

More information

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs

More information

vshield Administration Guide

vshield Administration Guide vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Enterprise. ESXi in the. VMware ESX and. Planning Deployment of. Virtualization Servers. Edward L. Haletky

Enterprise. ESXi in the. VMware ESX and. Planning Deployment of. Virtualization Servers. Edward L. Haletky VMware ESX and ESXi in the Enterprise Planning Deployment of Virtualization Servers Edward L. Haletky PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London

More information

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER CORPORATE COLLEGE SEMINAR SERIES Date: April 15-19 Presented by: Lone Star Corporate College Format: Location: Classroom instruction 8 a.m.-5 p.m. (five-day session)

More information

Security Compliance in a Virtual World

Security Compliance in a Virtual World RSA Security Brief Security Compliance in a Virtual World Best Practices to Build a Solid Foundation Authors Bret Hartman, Chief Technology Officer, RSA, the Security Division of EMC Dr. Stephen Herrod,

More information

CloudCore. cloudcore infrastructure 4 100% SOLID STATE STORAGE 4 TRUE SCALE-OUT ARCHITECTURE 5 RAID-LESS DATA PROTECTION 5

CloudCore. cloudcore infrastructure 4 100% SOLID STATE STORAGE 4 TRUE SCALE-OUT ARCHITECTURE 5 RAID-LESS DATA PROTECTION 5 OVERVIEW CloudCore Supports the Most Demanding Workloads ISO 27001:2013 Security with 100% Data Encryption VMware s vcloud Air Network Service Compatible Choice of Multiple Offshore Jurisdictions calligo

More information

The Top 8 Questions to ask about Virtualization in a PCI Environment

The Top 8 Questions to ask about Virtualization in a PCI Environment A COALFIRE WHITE PAPER The Top 8 Questions to ask about Virtualization in a PCI Environment DALLAS DENVER LOS ANGELES NEW YORK SEATTLE 877.224.8077 info@coalfire.com www.coalfire.com This paper provides

More information

TECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend.

TECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend. The Impact of Virtualization on Network Security Discover. Determine. Defend. EXECUTIVE SUMMARY Virtualization is a concept that has become highly visible in the last few years because of its perceived

More information

Cloud Infrastructure Licensing, Packaging and Pricing

Cloud Infrastructure Licensing, Packaging and Pricing Cloud Infrastructure Licensing, Packaging and Pricing ware, August 2011 2009 ware Inc. All rights reserved On July 12 2011 ware is Introducing a Major Upgrade of the Entire Cloud Infrastructure Stack vcloud

More information