You are doing it WRONG. Failures in Virtualization Systems. A tragedy in 3 acts By Claudio Criscione
|
|
- Neal Poole
- 7 years ago
- Views:
Transcription
1 You are doing it WRONG Failures in Virtualization Systems A tragedy in 3 acts By Claudio Criscione
2 /me Claudio
3 They are in Spain in 1982
4
5
6 Enough about Italy Let's get to (another) tragedy
7
8
9 The Stats 5 man/days 18 0days
10 VASTO was born from this vasto.nibblesec.org
11 A complex problem
12 Many components
13 CPU isolation Availability Management Scalability And so on
14 Can we do better? Let's see
15 Your Mission Should you decide to accept it, is to design a virtualization infrastructure You want it to be SECURE RELIABLE MANAGEABLE
16 REMEMBER
17 It is the MOST critical part your infrastructure
18
19 What you DON'T WANT Large attack surface Tons of different web services Huge OS footprint Like Windows Legacy stuff Like embedded app servers Managed by the same IT guys
20 SOUNDS FAMILIAR?
21 The driving forces of virtualization*
22 Time to market
23 Efficiency As easy as possible. Money Saving As little
24 Security Security has never been so important. However, security today means, mostly, CPU level sec or VM segregation, or inside the VM security!
25 Complexity
26 INCREDIBLY COMPLEX INFRASTRUCTURES MADE EASY QUICK TO MARKET HAVE TO ACHIEVE MONEY SAVING SECURED AT THE HYPERVISOR LEVEL
27 The Results? Security is not keeping up with this.
28 The best approach we can think of is the manual audit of the hypervisor code and to keep the hypervisor as small and simple as possible. The Invisible Things
29 The story so far OR How do I own you
30 Attack Scenario
31 Everyone is securing the VMs Securing the VM => Improve your current, no virtualization security Securing the hypervisor => Mandatory requirement, or no virtualization
32 Mapping security T0:RELEASE Time Attack Complexity Low Hanging Fruits WTF?!?! Standard issues WOOOOPS Did the homework
33 Mapping security Time Attack Complexity Low Hanging Fruits E WTF?!?! vo l ut io n Standard issues WOOOOPS Did the homework
34 VMware Complexity Time Year XSS/CSRF/Web Unsafe File or Config Path traversal, sanitization Memory Corruption
35
36 Is it that bad?
37 XSS? Yes, thank you
38 A quick demo XSS'ed! Builds channel gives session vcenter Pwnage VASTO vasto.nibblesec.org Visits evil link
39 Log Files
40 vpxd-profiler A debug file written by vcenter. With a surprise. SessionStats/SessionPool/Session/Id='06B90BCBA0A4-4B9C-B680-FB72656A1DCB'/ Username= FakeDomain\FakeUser'/ SoapSession/Id='AD45B176-63F BBF0FE1603E543F4'/Count/total 1 Update: this has just been fixed!
41 Read-only access == takeover
42 Shell Escape
43 BONSAI Oracle VM (2.1.5 Unbreakable) Authenticated As the virtualization admin, not a system user! Remote code exec Virtualization admin system root Bye bye accountability...
44
45 if it ain't broke, don't fix it Bert Lance
46 The Actual Challenge IT / Virtualization Vs Security
47 Our Goal Bringing back security to the security team Harden the virtualization infrastructure
48 Introducing a new old idea The idea
49 Virtualization Cells
50 Defining a vcell It is an atomic management unit, which defines a service or a group of services, is technologically uniform and logically self contained
51 Ok, we've got the cells What now?
52 The vgatekeeper
53 vgatekeeper Expectations CAUTERIZATION AGNOSTICISM Central Mandatory Access Control
54
55 Current implementations Modern virtualization and cloud solutions run on top of Web Services [SOAP] [APIs & Delta APIs]
56 Ok, that's not entirely true Proprietary protocols Command line tools But we cover most targets
57 The Strategy vcell 4 vcell 1 Cloud vcell 2 Providers vcell 5 vcell 6 vcell 3 vgatekeeper Management Node Another wonderful diagram by OpenOffice Admin
58 The PoC - VMware vcenter - ESXi - Compromised vcenter - Services to protect - VASTOkeeper
59 Easy
60 Mod-security to the rescue We use mod security and Apache as our rules enforcer We proxy VMware vcenter and vclient and everything else We decide what goes through and what doesn't
61 Sample rules Thou shalt not TURN OFF THAT VIRTUAL MACHINE Thous shalt not HAVE THE ACTUAL ROOT PASSWORD
62 Proving that!
63 vcell 1 ESXi client vcenter VASTOkeeper Linux + modsecurity + rulegen ESXi
64 So, what have we achieved?
65 Additional protection for the infrastructure [You can't reach it anymore] Mitigation of incidents [Call it hardening if you wish apparmor/selinux anyone?] Protecting all the cloud & virtualization landscape
66 I call this defence
67 Issues
68 However... Control is BACK TO SEC- TEAM The attack surface just got... smaller
69 Maybe the next XSS won't be as devastating
70 Questions
71 You are doing it WRONG Failures in Virtualization Systems A tragedy in 3 acts By Claudio blackfire@nibblesec.org
Virtually Pwned Pentesting VMware. Claudio Criscione @paradoxengine c.criscione@securenetwork.it
Virtually Pwned Pentesting VMware Claudio Criscione @paradoxengine c.criscione@securenetwork.it /me Claudio Criscione The need for security Breaking virtualization means hacking the underlying layer accessing
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationPen Testing Methodology Gueststealer TomCat Zero Day Directory Traversal VASTO
Does vsphere really have some major issues? Recent Cases involving VMware Pen Testing Methodology Gueststealer TomCat Zero Day Directory Traversal VASTO Mitigation Techniques Future Concerns? VMware 80%
More informationLearn the Essentials of Virtualization Security
Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption
More informationJOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI
JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI Job oriented VMWARE training is offered by Peridot Systems in Chennai. Training in our institute gives you strong foundation on cloud computing by incrementing
More informationBest Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software
Best Practices for Monitoring Databases on VMware Dean Richards Senior DBA, Confio Software 1 Who Am I? 20+ Years in Oracle & SQL Server DBA and Developer Worked for Oracle Consulting Specialize in Performance
More informationLearn the essentials of virtualization security
Learn the essentials of virtualization security White Paper Table of Contents 3 Introduction 4 Hypervisor connectivity and risks 4 Multi-tenancy risks 5 Management and operational network risks 5 Storage
More informationSplunk for VMware Virtualization. Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011
Splunk for VMware Virtualization Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011 Collect, index, organize, correlate to gain visibility to all IT data Using Splunk you can identify problems,
More informationThe prevention policy out of the box protects the vcenter configuration files and logs from being tampered with by anyone that is not authorized.
IC L04 How To Secure Your Data Center Using CSP Course Description: Securing your Data Center using CSP At the end of this lab, you should be able to: Notes: Understand the different components of CSP
More informationUsing SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP
Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP
More informationMetaXSSploit. Bringing XSS in Pentesting A journey in building a security tool. Claudio Criscione @paradoxengine
` MetaXSSploit Bringing XSS in Pentesting A journey in building a security tool Claudio Criscione @paradoxengine /me No Aff XSS And how a security tool is born! Relevant? Web Application Security Statistics
More informationData Center Connector for vsphere 3.0.0
Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationDARMADI KOMO: Hello, everyone. This is Darmadi Komo, senior technical product manager from SQL Server marketing.
Microsoft SQL Server 2012 for Private cloud (Part 1) Darmadi Komo - Senior Technical Product Manager DARMADI KOMO: Hello, everyone. This is Darmadi Komo, senior technical product manager from SQL Server
More informationCloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive
Cloud Security Through Threat Modeling Robert M. Zigweid Director of Services for IOActive 1 Key Points Introduction Threat Model Primer Assessing Threats Mitigating Threats Sample Threat Model Exercise
More informationHow to Achieve Operational Assurance in Your Private Cloud
How to Achieve Operational Assurance in Your Private Cloud As enterprises implement private cloud and next-generation data centers to achieve cost efficiencies and support business agility, operational
More informationCloud Simulator for Scalability Testing
Cloud Simulator for Scalability Testing Nitin Singhvi (nitin.singhvi@calsoftinc.com) 1 Introduction Nitin Singhvi 11+ Years of experience in technology, especially in Networking QA. Currently playing roles
More informationVirtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader
Virtualization System Vulnerability Discovery Framework Speaker: Qinghao Tang Title:360 Marvel Team Leader 1 360 Marvel Team Established in May 2015, the first professional could computing and virtualization
More informationProtect Root Abuse privilege on Hypervisor (Cloud Security)
Protect Root Abuse privilege on Hypervisor (Cloud Security) Nantharat Puwarang, CISSP Senior Technical Consultant Protect Software Defined Data Center 1 The Road to Software Defined Data Centers: Virtualization
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationSecuring sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant
Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV Nadav Elkabets Presale Consultant Protecting Your Data Encrypt Your Data 1 ProtectFile StorageSecure ProtectDB ProtectV Databases File
More informationCedric Rajendran VMware, Inc. Security Hardening vsphere 5.5
Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs
More informationProviding Self-Service, Life-cycle Management for Databases with VMware vfabric Data Director
Providing Self-Service, Life-cycle Management for Databases with VMware vfabric Data Director Graeme Gordon Senior Systems Engineer, VMware 2013 VMware Inc. All rights reserved Traditional IT Application
More informationVirtualization and Cloud: Orchestration, Automation, and Security Gaps
Virtualization and Cloud: Orchestration, Automation, and Security Gaps SESSION ID: CSV-R02 Dave Shackleford Founder & Principal Consultant Voodoo Security @daveshackleford Introduction Private cloud implementations
More information13.1 Backup virtual machines running on VMware ESXi / ESX Server
13 Backup / Restore VMware Virtual Machines Tomahawk Pro This chapter describes how to backup and restore virtual machines running on VMware ESX, ESXi Server or VMware Server 2.0. 13.1 Backup virtual machines
More informationVMware ESXi 3.5 update 2
VMware ESXi 3.5 update 2 VMware ESXi 3.5 Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor for FREE Partitions servers to create
More informationVMware vcenter Log Insight Security Guide
VMware vcenter Log Insight Security Guide vcenter Log Insight 2.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationComprehensive Monitoring of VMware vsphere ESX & ESXi Environments
Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Table of Contents Overview...3 Monitoring VMware vsphere ESX & ESXi Virtual Environment...4 Monitoring using Hypervisor Integration...5
More informationThe more laws and order are made prominent, the more thieves and robbers there will be. Lao Tzu
The more laws and order are made prominent, the more thieves and robbers there will be. Lao Tzu Burim Bakalli Frederick Eichhorst Madeleine England Software used to create virtual resources from physical
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationVirtually Secure. a journey from analysis to remote root 0day on an industry leading SSL-VPN appliance
Virtually Secure a journey from analysis to remote root 0day on an industry leading SSL-VPN appliance Who am I? Tal Zeltzer Independent security researcher from Israel Reverse engineering (mostly embedded
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationLinux Server Support by Applied Technology Research Center. Proxy Server Configuration
Linux Server Support by Applied Technology Research Center Proxy Server Configuration We configure squid for your LAN. Including transparent for HTTP and proxy for HTTPS. We also provide basic training
More informationcubesql ReadMe 2005-2015 SQLabs, All rights reserved.
cubesql ReadMe 2005-2015 SQLabs, All rights reserved. Preface 3 System Requirements 4 Default installation paths 4 Five Minutes Guide 5 MacOS X 5 Windows 5 Linux 6 2 Preface cubesql is a fully featured
More informationCloud Optimize Your IT
Cloud Optimize Your IT Windows Server 2012 The information contained in this presentation relates to a pre-release product which may be substantially modified before it is commercially released. This pre-release
More informationWeek Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration
ULI101 Week 06b Week Overview Installing Linux Linux on your Desktop Virtualization Basic Linux system administration Installing Linux Standalone installation Linux is the only OS on the computer Any existing
More informationVMware vsphere Replication Security Guide
VMware Security Guide 6.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More information1. Building Testing Environment
The Practice of Web Application Penetration Testing 1. Building Testing Environment Intrusion of websites is illegal in many countries, so you cannot take other s web sites as your testing target. First,
More informationVMware: Advanced Security
VMware: Advanced Security Course Introduction Course Introduction Chapter 01 - Primer and Reaffirming Our Knowledge Primer and Reaffirming Our Knowledge ESX Networking Components How Virtual Ethernet Adapters
More informationCloudControl Support for PCI DSS 3.0
HyTrust CloudControl Support for PCI DSS 3.0 Summary In PCI DSS 3.0, hypervisors and virtual networking components are always in-scope for audit; Native auditing capabilities from the core virtualization
More informationSecurity Considerations in Cloud Deployments Matthew Garrett <matthew.garrett@nebula.com>
Security Considerations in Cloud Deployments Matthew Garrett (cloud) Computing for the Enterprise Security concerns in traditional hosting Someone hacks your system Your hosting
More informationAppendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems
Appendix to; Assessing Systemic Risk to Cloud Computing Technology as Complex Interconnected Systems of Systems Yacov Y. Haimes and Barry M. Horowitz Zhenyu Guo, Eva Andrijcic, and Joshua Bogdanor Center
More informationIOS110. Virtualization 5/27/2014 1
IOS110 Virtualization 5/27/2014 1 Agenda What is Virtualization? Types of Virtualization. Advantages and Disadvantages. Virtualization software Hyper V What is Virtualization? Virtualization Refers to
More informationThe QEMU/KVM Hypervisor
The /KVM Hypervisor Understanding what's powering your virtual machine Dr. David Alan Gilbert dgilbert@redhat.com 2015-10-14 Topics Hypervisors and where /KVM sits Components of a virtual machine KVM Devices:
More informationHelping Customers Move Workloads into the Cloud. A Guide for Providers of vcloud Powered Services
Helping Customers Move Workloads into the Cloud A Guide for Providers of vcloud Powered Services Technical WHITE PAPER Table of Contents Introduction.... 3 About VMware vcloud Connector.... 3 Use Cases....
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationAcronis Backup & Recovery 10 Advanced Server Virtual Edition. Quick Start Guide
Acronis Backup & Recovery 10 Advanced Server Virtual Edition Quick Start Guide Table of contents 1 Main components...3 2 License server...3 3 Supported operating systems...3 3.1 Agents... 3 3.2 License
More informationVMware vsphere Design. 2nd Edition
Brochure More information from http://www.researchandmarkets.com/reports/2330623/ VMware vsphere Design. 2nd Edition Description: Achieve the performance, scalability, and ROI your business needs What
More informationInstalling and Configuring vcenter Multi-Hypervisor Manager
Installing and Configuring vcenter Multi-Hypervisor Manager vcenter Server 5.1 vcenter Multi-Hypervisor Manager 1.1 This document supports the version of each product listed and supports all subsequent
More informationPrivileged Session Management Suite: Solution Overview
Privileged Session Management Suite: Solution Overview June 2012 z Table of Contents 1 The Challenges of Isolating, Controlling and Monitoring Privileged Sessions... 3 2 Cyber-Ark s Privileged Session
More informationVMware ESXi in a Cloud-based Lab David Davis, VCP, VCAP, and vexpert
VMware ESXi in a Cloud-based Lab David Davis, VCP, VCAP, and vexpert WHITE PAPER BROUGHT TO YOU BY SKYTAP 2 VMware ESXi in a Cloud-based Lab Contents Executive Summary... 3 1. Scenarios Enabled by ESXi
More informationUser Guide for VMware Adapter for SAP LVM VERSION 1.2
User Guide for VMware Adapter for SAP LVM VERSION 1.2 Table of Contents Introduction to VMware Adapter for SAP LVM... 3 Product Description... 3 Executive Summary... 3 Target Audience... 3 Prerequisites...
More information5nine Virtual Firewall 2.1 for Microsoft Hyper-V
KEY POINTS Secure your Hyper-V Virtual Machines & Virtual Servers Control Network Traffic In and Out of Your Virtual Machines & Virtual Servers Restrict Virtual Network Traffic Using Stateful Packet Filtering
More informationZerto Virtual Manager Administration Guide
Zerto Virtual Manager Administration Guide AWS Environment ZVR-ADVA-4.0U2-01-23-07-15 Copyright 2015, Zerto Ltd. All rights reserved. Information in this document is subject to change without notice and
More informationHP Virtualization Performance Viewer
HP Virtualization Performance Viewer Efficiently detect and troubleshoot performance issues in virtualized environments Jean-François Muller - Principal Technical Consultant - jeff.muller@hp.com HP Business
More informationVMware vrealize Operations for Horizon Security
VMware vrealize Operations for Horizon Security vrealize Operations for Horizon 6.2 This document supports the version of each product listed and supports all subsequent versions until the document is
More informationPut a Firewall in Your JVM Securing Java Applications!
Put a Firewall in Your JVM Securing Java Applications! Prateep Bandharangshi" Waratek Director of Client Security Solutions" @prateep" Hussein Badakhchani" Deutsche Bank Ag London Vice President" @husseinb"
More informationAcronis Backup Product Line
New Generation Data Protection Powered by Acronis AnyData Technology Acronis Backup Product Line Speaker name Introducing Acronis Backup Acronis Backup Target: Smaller environments, home office, remote
More informationSecuring Platform as a Service: A Technical Whitepaper on Security Practices at CloudBees
Securing Platform as a Service: A Technical Whitepaper on Security Practices at CloudBees As a consumer of cloud services, you are relying on your cloud service provider in ways that were previously limited
More informationTenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
More informationMeasuring Hypervisor Footprints: Assessing Risk
Measuring Hypervisor Footprints: Assessing Risk Edward L. Haletky The Virtualization Practice, LLC Author of: VMware vsphere TM and Virtual Infrastructure Security: Securing the Virtual Environment Assessing,
More informationvsphere 6.0 Advantages Over Hyper-V
v3c Advantages Over Hyper-V The most trusted and complete virtualization platform 2015 Q1 2015 VMware Inc. All rights reserved. The Most Trusted Virtualization Platform Hypervisor Architecture Broad Support
More informationHardening and Hacking vsphere and Private Cloud Everything you need to know about vsphere Security
Hardening and Hacking vsphere and Private Cloud Everything you need to know about vsphere Security Course Length: 5 days Course Delivery: Traditional Classroom Online Live Course Overview We are well aware
More informationVMware vsphere: [V5.5] Admin Training
VMware vsphere: [V5.5] Admin Training (Online Remote Live TRAINING) Summary Length Timings : Formats: Lab, Live Online : 5 Weeks, : Sat, Sun 10.00am PST, Wed 6pm PST Overview: This intensive, extended-hours
More informationUsing Nessus In Web Application Vulnerability Assessments
Using Nessus In Web Application Vulnerability Assessments Paul Asadoorian Product Evangelist Tenable Network Security pasadoorian@tenablesecurity.com About Tenable Nessus vulnerability scanner, ProfessionalFeed
More information10 Integration with System Center Operations Manager 2012 SP1
10 Integration with System Center Operations Manager 2012 SP1 In this chapter, we will cover: Installing System Center Operations Manager 2012 SP1 Installing management packs Managing Discovery and Agents
More informationDeployment - post Xserve
MONTREAL 1/3 JULY 2011 Deployment - post Xserve Pascal Robert Miguel Arroz David LeBer The Menu Deployment options Deployment on CentOS Linux Deployment on Ubuntu Linux Deployment on BSD Hardware/environment
More informationAccelerate with Ampleflex Cloud! Highly adoptable and dependable platform for deploying services and applications into the Cloud. www.ampleflex.
Accelerate with Ampleflex Cloud! Highly adoptable and dependable platform for deploying services and applications into the Cloud. www.ampleflex.com The Challenge Enterprises are updating applications to
More informationAssignment # 1 (Cloud Computing Security)
Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual
More informationPractical 10 Minutes Security Audit Oracle Case. Cesar Cerrudo Argeniss
Practical 10 Minutes Security Audit Oracle Case Cesar Cerrudo Argeniss Overview Introduction The technique Finding 0days in Oracle Getting technical Owning Oracle Conclusions References Introduction Sometimes
More informationTable of Contents Introduction and System Requirements 9 Installing VMware Server 35
Table of Contents Introduction and System Requirements 9 VMware Server: Product Overview 10 Features in VMware Server 11 Support for 64-bit Guest Operating Systems 11 Two-Way Virtual SMP (Experimental
More informationBuilding an Internal Cloud that is ready for the external Cloud
Building an Internal Cloud that is ready for the external Cloud Luca ZERMINIANI, Senior Systems Engineer, VMware Italy Athens, February 2010 2009 VMware Inc. All rights reserved Agenda How virtualization
More informationAbout the VM-Series Firewall
About the VM-Series Firewall Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 http://www.paloaltonetworks.com/contact/contact/
More informationOracle EXAM - 1Z0-102. Oracle Weblogic Server 11g: System Administration I. Buy Full Product. http://www.examskey.com/1z0-102.html
Oracle EXAM - 1Z0-102 Oracle Weblogic Server 11g: System Administration I Buy Full Product http://www.examskey.com/1z0-102.html Examskey Oracle 1Z0-102 exam demo product is here for you to test the quality
More informationPresenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013
Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues
More informationInstall Guide for JunosV Wireless LAN Controller
The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller
More informationExpert Reference Series of White Papers. VMware vsphere Essentials
Expert Reference Series of White Papers VMware vsphere Essentials 1-800-COURSES www.globalknowledge.com VMware vsphere Essentials Raj Tolani, Global Knowledge Instructor Introduction Every VMware class
More informationV3 Storage Architecture Overview and Implications for VDI. May 2016
V3 Architecture Overview and Implications for VDI May 2016 Our Technology Philosophy At Sphere 3D, our philosophy is to reduce as many layers of abstraction between hardware and software as possible. 2
More informationVMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE
VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with
More informationHow to Backup and Restore a VM using Veeam
How to Backup and Restore a VM using Veeam Table of Contents Introduction... 3 Assumptions... 3 Add ESXi Server... 4 Backup a VM... 6 Restore Full VM... 12 Appendix A: Install Veeam Backup & Replication
More informationIntroduction to Open Atrium s workflow
Okay welcome everybody! Thanks for attending the webinar today, my name is Mike Potter and we're going to be doing a demonstration today of some really exciting new features in open atrium 2 for handling
More informationMark Bennett. Search and the Virtual Machine
Mark Bennett Search and the Virtual Machine Agenda Intro / Business Drivers What to do with Search + Virtual What Makes Search Fast (or Slow!) Virtual Platforms Test Results Trends / Wrap Up / Q & A Business
More informationInstalling & Using KVM with Virtual Machine Manager COSC 495
Installing & Using KVM with Virtual Machine Manager COSC 495 1 Abstract:. There are many different hypervisors and virtualization software available for use. One commonly use hypervisor in the Linux system
More informationAuditing a Web Application. Brad Ruppert. SANS Technology Institute GWAS Presentation 1
Auditing a Web Application Brad Ruppert SANS Technology Institute GWAS Presentation 1 Objectives Define why application vulnerabilities exist Address Auditing Approach Discuss Information Interfaces Walk
More informationSecuring VMware Virtual Infrastructure with Centrify's Identity and Access Management Suite
WHITE PAPER CENTRIFY CORP. MARCH 2009 Securing VMware Virtual Infrastructure with Centrify's Identity and Access Management Suite Securing and auditing administrative access to the Virtual Infrastructure
More information2012 Best Practice Seminar. Presented by David Rawle
2012 Best Practice Seminar Presented by David Rawle Welcome Housekeeping Mobiles on Silent please Toilets are Fire exits are Agenda Introduction What's new R75.45 R75.40VS E80.40 with integrated management
More informationA Look at the New Converged Data Center
Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable
More informationAdvanced Service Design
vcloud Automation Center 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationLoad Testing with JMeter
Load Testing with JMeter Presented by Matthew Stout - mat@ucsc.edu JMeter Overview Java application for load testing and measuring performance Originally for web applications but has grown to support lots
More informationWebCruiser Web Vulnerability Scanner User Guide
WebCruiser Web Vulnerability Scanner User Guide Content 1. Software Introduction...2 2. Key Features...3 2.1. POST Data Resend...3 2.2. Vulnerability Scanner...6 2.3. SQL Injection...8 2.3.1. POST SQL
More informationRudder. Sharing IT automation benefits in a team with Rudder. Benoît Peccatte bpe@normation.com. Normation Tous droits réservés normation.
Rudder Sharing IT automation benefits in a team with Rudder Benoît Peccatte bpe@ 1 Who am I? Benoît Peccatte Origins: Sysadmin and a developper Now: Automation, Rudder, ncf ncf 2 What is Rudder anyway?
More informationidentity management in Linux and UNIX environments
Whitepaper identity management in Linux and UNIX environments EXECUTIVE SUMMARY In today s IT environments everything is growing, especially the number of users, systems, services, applications, and virtual
More informationSecuring your virtual machines
How to integrate cloud services management into your IT operations David Strom, david@strom.com December 2011 (this is the basis for a webinar given on MSPtv.net) Getting started with a cloud- based service
More informationThreat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437. Specialist Security Training Catalogue
Threat Intelligence Pty Ltd info@threatintelligence.com 1300 809 437 Specialist Security Training Catalogue Did you know that the faster you detect a security breach, the lesser the impact to the organisation?
More informationQuick Note 052. Connecting to Digi Remote Manager SM Through Web Proxy
Quick Note 052 Connecting to Digi Remote Manager SM Through Web Proxy Digi Product Management August 2015 Contents 1 Document Version...2 2 Abstract...3 3 Introduction...3 4 Web Proxy Configuration...4
More informationMaking Data Security The Foundation Of Your Virtualization Infrastructure
Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges
More informationSichere Virtualisierung mit VMware
Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information
More informationSTeP-IN SUMMIT 2013. June 18 21, 2013 at Bangalore, INDIA. Performance Testing of an IAAS Cloud Software (A CloudStack Use Case)
10 th International Conference on Software Testing June 18 21, 2013 at Bangalore, INDIA by Sowmya Krishnan, Senior Software QA Engineer, Citrix Copyright: STeP-IN Forum and Quality Solutions for Information
More informationAbout the Authors About the Technical Editor
Acknowledgments p. xiii About the Authors p. xv About the Technical Editor p. xix Foreword p. xxi Planning Platform Security p. 1 Reviewing the Gore Security Principles p. 2 Planning a Secure Platform
More information