VIRTUALIZATION SECURITY
|
|
- Buck Price
- 7 years ago
- Views:
Transcription
1 VIRTUALIZATION AND SECURITY Ramesh Bhat Deputy Manager Information Security Mastek Ltd
2 Virtualization and Security Agenda Background What is virtualization Brief introduction to virtualization architecture Concerns / Risks Mitigation Specific audit concerns and Recommendations Checklist for evaluation, implementation and post implementation Summary
3 Virtualization Background IT in any organizations that want to give their organization a suitable competitive advantage need to: Reduce infrastructure costs through more efficient use of resources Respond faster to business needs so that projects get deployed more rapidly Reduce operational costs and gain operational flexibility
4 Virtualization Background Some of the concerns and challenges for IT are: Large number of under utilized OS / application servers Long delays for operational changes Long provisioning cycle times for new servers Narrow scheduled downtime windows are over subscribed with maintenance activities Inadequate testing environment Solution to these concerns is Virtualization of IT infrastructure.
5 Virtualization According to IDC, about 50% of the enterprises will use virtualization by 2011 and according to Gartner, by 2015, virtualization will be part of every aspect of IT.
6 Virtualization What is Virtualization as applied to IT environment? It is a technology where multiple Operating Systems can run simultaneously on a single physical machine, sharing the resources of that single machine.
7 Virtualization Architecture VM1 VM2 VM3 Application O.S Hardware (CPU, Memory, HD etc) Server WITHOUT virtualization App1 App2 App3 Guest OS1 Windows 2003 Guest OS2 Windows 2003 Guest OSn Linux Virtualization O.S (Hypervisor) Hardware (CPU, Memory, HD etc) Server WITH virtualization
8 Virtualization Architecture As represented by VM Ware Virtual Hardware Resources Physical Hardware resources
9 Virtualization Architecture There are two basic types of Virtualization: - Hosted or OS based virtualization - Hypervisor based virtualization VMs Hypervisor
10 Virtualization Architecture What are the general constituents of a virtual infrastructure? Most Basic: Host Hypervisor or Virtualization layer Virtual Machines Virtual hardware resources Central Management Console Management Client Special features: V Motion HA DRS
11 Virtualization Architecture Host
12 Virtualization Architecture It is essential to know the concerns and risks that come with virtualization.
13 Concerns around: Technical Hypervisor Configurations Data protection in storage and transit Host the single point of failure Memory allocation Process Asset tracking and management Network monitoring Patch management. State Restore feature Anti malware Software Management People Training
14 Concern: Technical Area: Hypervisor Issue: Multiple Virtual Machines on Hosts. All VMs can be critical Risk: Multiple virtual machines will be compromised if Hypervisor is compromised. Mitigation: Hardening of the hypervisor Disable features like clip board sharing, drag and drop Centralized hypervisor patch management Secure management traffic. (E.g. VM Ware uses SSH protocol)
15 Hypervisor contd Mitigation contd Access to the hypervisor should be strictly limited to the machines that have authorization to manage the virtual infrastructure. Host based IDS / IPS Maturity of the hypervisor Information: Virtual Machine benchmarking guidelines from center for internet security
16 Concern: Technical Area: Configurations Issue: Improperly managed configurations. Inadequate RBAC Risks: Guest to Host to Guest attack Guest to Guest attack
17 Configuration...contd Mitigation: Segregation of Systems. Have policy spelled out upfront, that those two types of virtual machines which contain or process data of different sensitivity level can never share the same hardware. physically separate the hosting of VMs of different sensitivity level.
18 Configuration...contd Mitigation. Contd Harden the hypervisor and other virtualization components as per the guidelines from the vendor Disable features like drag and drop, clip board sharing Segregation of duties. Role-based access controls (RBAC) Audit for: Configuration management. Recommendation: ITIL based configuration management
19 Concern: Technical Area: Data protection in storage and transit Issue: Some VMs are stored as files. V Motion. Risk: Information disclosure and modifications to database itself. Virtual disk files can be copied and run from other physical machines outside VMs can be copied or tampered over network the network
20 Data protection in storage and transit contd Mitigation: Apply strong access controls and encryption on virtual disk files. Dedicated backup account, for backup process. Back up tape security. Secure migration of VM through secure protocol.
21 Data protection in storage and transit..contd. Audit concern: Access controls on files. Use of secure protocol for VM migration Recommendations: Maintain access control list for back up of VMs Creation of clones and snapshots from VMs containing sensitive data like cardholder data may be disallowed entirely through policy.
22 Concern: Technical Area: Host Issue: Single point of failure Risk: Multiple applications not available simultaneously Mitigation: Build the redundancy Implement Dynamic DRS if the applications hosted are of mission critical in nature
23 Concern: Technical Area: Memory Management Issue: Hosts usually have the capability to reallocate memory among guests. Risk: Content disclosure to receiving guest Mitigation: Assurance is needed that the memory released by the first guest using that storage is not disclosing content to the receiving guest servers using those addresses.
24 Concern: Process Area: Asset tracking and management Issue: Keeping an up to date asset inventory Risks: Rogue VMs Mixture of VMs of different sensitivities on the same host Falling out of compliance with software license requirements More entry points for attackers Unauthorized software
25 Asset tracking and management contd Mitigation: Asset management tool should have virtualization awareness Role based access control Stringent change control Regular logs review Aggressive audit for rogue and unaccounted virtual machines Increase the review of assets inventory
26 Asset tracking and management.. contd. Audit concern: Identification of rogue, unaccounted virtual machines Audit for : Deployment of VM, Removal of VM, Migration of VM Proper segregation of duties through Role based access control Level of adherence to change control
27 Asset tracking and management.. contd. Recommendation: Automate asset tracking and management Food for thought: Enterprises that make the decision to go with server virtualization will need to have a way in which they can distinctly locate every virtual machine, ensuring that the placement within the enterprise is controlled by policies.
28 Concern: Process Area: Patch Management Issue: Patching dormant VMs, VM tempaltes Risk: Unpatched vulnerabilities if exploited, can lead to compromise of a VM which in turn can lead to VM to VM or VM to Host attack. Mitigation: Use products that can perform offline patching. Before deploying VM in any environment should undergo assessment for security (VA) in the test environment. During regular audit, look for security clearances for running VMs.
29 Patch Management contd Audit Concern: State restore feature is an audit concern, as it can leave the patched VM at unpatched state. Audit for: Patching status of VMs, Hypervisors. Check the records / logs for status change Cross check status changes for patch updates Recommendation: Information sharing with the internal auditors of the patching status and roll back / state changes.
30 Concern: Process Area: Anti Malware: Issue: Dormant VMs and the templates which do not get the antimalware updates and yet can get infected. Risk: Dormant or templates of VMs can be safe heavens for malwares Mitigation: Approved virtualization software should have the capability to apply latest malware signatures to dormant as well as templates of the VMs Control through the process.
31 Anti Malware contd Audit Concern: Audit for updating antivirus signatures on dormat VMs and templates Audit for: Regular signatures update process Signatures updates for dormant and template VMs Recommendation: System administrators to share the record updating signatures for dormant and template VMs and
32 Oh! I can not see what is happening. How do I know if something is wrong.
33 Concern: Process Area: Network Monitoring Issue: VM-to-VM traffic happening through virtual switch is difficult capture or inspect with physical network monitoring appliance like IDS Not all network tools are virtualization aware Risk: Malicious or suspicious network traffic of VM to VM through the virtual switch can go unnoticed
34 Network Monitoring Contd Mitigation: Requires VLAN trunking to force VM-to-VM traffic to traverse physical Implement network monitoring tools which are virtualization aware with the help of suitable APIs from the virtualization vendor
35 Network Monitoring Contd Audit Concern: Whether the external monitoring device is appropriate to capture inter VM traffic. Recommendation: Rogue scanner.
36 Concern:People Area: Administrator Training Issue: Improper understanding and usage of features, improper configurations Risk: Inadvertent introduction of vulnerabilities or not adequately addressing the vulnerabilities Mitigation: Thorough training on the virtualization software. Identify and information security awareness training concerning operation with virtualization environment.
37 Security appliances for virtual infrastructure Virtualization Security Appliances Do all virtualization vendors have security appliances? Not all. The product, VMsafe, is a set of application programming interfaces (APIs) that will allow third-party vendors to develop security products that are easily integrated into it s's own hypervisors. According to VMware, its VMsafe APIs integrate at the hypervisor layer of virtualization and will allow detecting and eliminating malicious software. Some security vendors are developing products that support the VMsafe APIs, according to VMware.
38 Checklist Virtualization Security requirements checklist for Evaluation and Implementation stage. Microsoft Word Document
39 Summary The common vision of IT in any organizations today is to provide their business units with lower cost, higher service level infrastructure that enables them to respond faster to business unit demands. Solution is Virtualization of IT infrastructure. In the non virtualized environment you find one server, one OS, one application kind of environment leading under utilization of hardware. Virtualization technology enables, utilizing the hardware resource to the fullest by having many OS and many applications in one server box which is called the host. The OSs on the host are called the guest OSs. Each guest OS hosts one application.
40 Summary Contd.. Virtual Hardware Resources Physical Hardware resources
41 Summary contd. There are two basic types of Virtualization: - Hosted or OS based virtualization - Hypervisor based virtualization VMs Hypervisor
42 Summary Contd With so much benefit, virtualization is rapidly growing. As any new technology can bring new security concerns, virtualization has certainly some impact on security posture. The single biggest vulnerability of VMs is due to the ease in which users can create many VMs, which become very difficult to secure, monitor, and maintain. The effective change and configuration management processes so vital to physical infrastructure become even more critical with virtual infrastructure, as employees introduce potential risk by creating, using and de-provisioning virtual systems all within a short period of time. While security requirements understanding for virtual environment can not be termed as mature and it is yet to mature. There are certain known risks and issues and we discussed possible mitigations for that. These mitigations are based on few users experiences and the knowledge of current information security management. Over a period of time those mitigations can be time tested and there can sources with ample documentation.
43 Summary Contd Concerns around; Technical: Hypervisor Configurations Data protection in storage and transit Network monitoring Host the single point of failure Memory allocation Process: Asset tracking and management Patch management. State Restore feature Anti Malware Software Management People: Training Segregation of duties
44 Conclusion At its core, security requirements don t change drastically in a virtual environment, but must adapt to work effectively in it though there are concerns, it can be addressed by revisiting those control areas In which it is known to impact.
45 Security conscious No, we are not suffering from any of those conditions. We have done the homework, and took care of the requirements by bringing in necessary changes to the environment. We know we have to be alert to security requirements that may come as virtualization evolves.
46 Resources The recommended resources onwpfoundstonefinal.pdf pdf Information: Borton group evaluation criteria
47 Thank You. Any Questions? You may contact me on:
Virtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationVirtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE
Virtualization Security and Best Practices Rob Randell, CISSP Senior Security Specialist SE Agenda General Virtualization Concepts Hardware Virtualization and Application Virtualization Types of Hardware
More informationMaking Data Security The Foundation Of Your Virtualization Infrastructure
Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationSecure Virtualization in the Federal Government
White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More informationPICO Compliance Audit - A Quick Guide to Virtualization
WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization
More informationSolution Guide Parallels Virtualization for Linux
Solution Guide Parallels Virtualization for Linux Overview Created in 1991, Linux was designed to be UNIX-compatible software that was composed entirely of open source or free software components. Linux
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationSecuring Your Journey to the Cloud. Thomas J. Miller Executive Vice President
Securing Your Journey to the Cloud Thomas J. Miller Executive Vice President February 23, 2011 Classification 2/24/2011 Copyright 2011 Trend Micro Inc. 1 Have you ever tried to explain Virtualization to
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details
Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription
More informationMeeting the Challenges of Virtualization Security
Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationSECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE
SECURITY FOR VIRTUALIZATION: FINDING THE RIGHT BALANCE Combining protection and performance in your virtualized environment kaspersky.com/beready Introduction In the end, they re all servers and someone
More informationSecuring Industrial Control Systems on a Virtual Platform
Securing Industrial Control Systems on a Virtual Platform How to Best Protect the Vital Virtual Business Assets WHITE PAPER Sajid Nazir and Mark Lazarides sajid.nazir@firstco.uk.com 9 Feb, 2016 mark.lazarides@firstco.uk.com
More informationCA Cloud Overview Benefits of the Hyper-V Cloud
Benefits of the Hyper-V Cloud For more information, please contact: Email: sales@canadianwebhosting.com Ph: 888-821-7888 Canadian Web Hosting (www.canadianwebhosting.com) is an independent company, hereinafter
More informationVMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE
VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationVirtualization Security Checklist
Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSecurity Virtual Infrastructure - Cloud
Security Virtual Infrastructure - Cloud Your Name Ramkumar Mohan Head IT & CISO Orbis Financial Corporation Ltd Agenda Cloud Brief Introduction State of Cloud Cloud Challenges Private Cloud Journey to
More informationPatch and Vulnerability Management Program
Patch and Vulnerability Management Program What is it? A security practice designed to proactively prevent the exploitation of IT vulnerabilities within an organization To reduce the time and money spent
More informationCloud and Data Center Security
solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationHOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments
HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what
More informationGoodData Corporation Security White Paper
GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationHP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion
More informationHow Does Virtualization Change Your Approach to Enterprise Security and Compliance?
HowDoesVirtualizationChangeYour ApproachtoEnterpriseSecurityand Compliance? SevenStepstoaVirtual awaresecuritystrategy. MichaelBaum Co founder ChiefCorporate&Business DevelopmentOfficer ScottShepard CISSP,CISM
More informationNetwork and Security Controls
Network and Security Controls State Of Arizona Office Of The Auditor General Phil Hanus IT Controls Webinar Series Part I Overview of IT Controls and Best Practices Part II Identifying Users and Limiting
More information5 Best Practices to Protect Your Virtual Environment
CONTENTS OF THIS WHITE PAPER Security Virtualization s Big Hurdle..1 Why Old-STyle Protections Fall short..2 Best Practices...3 Create A VM Service Good List... 3 Monitor and Protect the Hypervisor...
More informationVirtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!
Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Ravi Kumar, Group Product Marketing Manager - Security, VMware Bob Kalka, Director, IBM Security Solutions, IBM The Rise
More informationTrend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION
SOLUTION BRIEF Trend Micro CLOUD AND DATA CENTER SECURITY Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION As you take advantage of the operational and economic
More informationTOP TEN CONSIDERATIONS
White Paper TOP TEN CONSIDERATIONS FOR CHOOSING A SERVER VIRTUALIZATION TECHNOLOGY Learn more at www.swsoft.com/virtuozzo Published: July 2006 Revised: July 2006 Table of Contents Introduction... 3 Technology
More informationAdvanced Server Virtualization: Vmware and Microsoft Platforms in the Virtual Data Center
Advanced Server Virtualization: Vmware and Microsoft Platforms in the Virtual Data Center Marshall, David ISBN-13: 9780849339318 Table of Contents BASIC CONCEPTS Introduction to Server Virtualization Overview
More informationVirtualization & Cloud Computing Risks NASSCOM-DSCI Information Security Summit 2009 November 24, 2009
Virtualization & Cloud Computing Risks NASSCOM-DSCI Information Security Summit 2009 November 24, 2009 Felix Mohan CISO, Bharti Airtel Ltd Virtualization & Cloud Computing Strategic Technologies with Significant
More informationPreparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
More informationVirtualization and Cloud Computing
Virtualization and Cloud Computing Security is a Process, not a Product Guillermo Macias CIP Security Auditor, Sr. Virtualization Purpose of Presentation: To inform entities about the importance of assessing
More informationProtecting the Irreplacable. November 2013 Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com
Protecting the Irreplacable November Athens Ian Whiteside, F-Secure Ian.Whiteside@f-secure.com PC Sales continue to fall. Lack of innovation and no excitement Windows 8 doesn t seem to have excited the
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationPCI DSS 3.0 Compliance
A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments
More informationSecuring Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption
THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has
More informationVirtualization Impact on Compliance and Audit
2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance
More informationCompTIA Cloud+ 9318; 5 Days, Instructor-led
CompTIA Cloud+ 9318; 5 Days, Instructor-led Course Description The CompTIA Cloud+ certification validates the knowledge and best practices required of IT practitioners working in cloud computing environments,
More informationAssuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices
The Payment Card Industry (PCI) Data Security Standard (DSS) provides an actionable framework for developing a robust payment card data security process. The Payment Application Data Security Standard
More informationCloud Computing Governance & Security. Security Risks in the Cloud
Cloud Computing Governance & Security The top ten questions you have to ask Mike Small CEng, FBCS, CITP Fellow Analyst, KuppingerCole This Webinar is supported by Agenda What is the Problem? Ten Cloud
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationAgentless Security for VMware Virtual Data Centers and Cloud
Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying
More informationCompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:
CompTIA Cloud+ Length: 5 Days Who Should Attend: Project manager, cloud computing services Cloud engineer Manager, data center SAN Business analyst, cloud computing Summary: The CompTIA Cloud+ certification
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationProduct Description. Product Overview
DATASHEET vgw Gateway Product Overview The vgw Gateway provides a best-in-class virtual firewall to meet the unique security challenges of virtual data centers and clouds. IT teams can now secure their
More informationAuditing Virtualized Environments
Auditing Virtualized Environments 11 CHAPTER Innovations in operating system virtualization and server hardware permanently changed the footprint, architecture, and operations of data centers. This chapter
More informationEffective End-to-End Cloud Security
Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of
More informationCitrix XenServer 7 Feature Matrix
Citrix XenServer 7 Matrix Citrix XenServer 7 Matrix A list of Citrix XenServer 7 features by product edition, including entitlements XenApp and XenDesktop license holders. The most comprehensive application
More informationJOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI
JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI Job oriented VMWARE training is offered by Peridot Systems in Chennai. Training in our institute gives you strong foundation on cloud computing by incrementing
More informationFISMA / NIST 800-53 REVISION 3 COMPLIANCE
Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationTECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend.
The Impact of Virtualization on Network Security Discover. Determine. Defend. EXECUTIVE SUMMARY Virtualization is a concept that has become highly visible in the last few years because of its perceived
More informationADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure
ADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure Patrick Daigle, VCP, VMware Operations Team Lead, CGI/ITM John Y. Arrasjid, VCP, Sr. Consulting Architect, VMware Agenda Compliance
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationIOS110. Virtualization 5/27/2014 1
IOS110 Virtualization 5/27/2014 1 Agenda What is Virtualization? Types of Virtualization. Advantages and Disadvantages. Virtualization software Hyper V What is Virtualization? Virtualization Refers to
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationWindows Server 2003 End of Support. What does it mean? What are my options?
Windows Server 2003 End of Support What does it mean? What are my options? Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock) is looming No more patches from
More informationArchitecting Security for the Private Cloud. Todd Thiemann
Architecting Security for the Private Cloud Todd Thiemann Classification 4/9/2010 Copyright 2009 Trend Micro Inc. 1 The Evolving Datacenter Lowering Costs, Increasing Flexibility Public Cloud Private Cloud
More informationCA ARCserve Replication and High Availability Deployment Options for Hyper-V
Solution Brief: CA ARCserve R16.5 Complexity ate my budget CA ARCserve Replication and High Availability Deployment Options for Hyper-V Adding value to your Hyper-V environment Overview Server virtualization
More informationSecuring Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits
A Clear View of Challenges, Solutions and Business Benefits Introduction Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide
More informationDavid.Balka@chi.frb.org 2009 STREAM FRBC
Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework
More informationvsphere Private Cloud RAZR s Edge Virtualization and Private Cloud Administration
Course Details Level: 1 Course: V6PCRE Duration: 5 Days Language: English Delivery Methods Instructor Led Training Instructor Led Online Training Participants: Virtualization and Cloud Administrators,
More informationOvercoming Security Challenges to Virtualize Internet-facing Applications
Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing
More informationVirtualisation. A newsletter for IT Professionals. Issue 2. I. Background of Virtualisation. Hardware
Virtualisation A newsletter for IT Professionals Issue 2 UEducation Sector Updates I. Background of Virtualisation Virtualisation is the separation of resource or request for a service from the underlying
More informationLogicalis Enterprise Cloud Frequently Asked Questions
Logicalis Enterprise Cloud Frequently Asked Questions Getting Started What is the Logicalis Enterprise Cloud and why is it a great solution? The Logicalis Enterprise Cloud (LEC) is a shared computing environment
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More informationPCI DSS Virtualization Guidelines. Information Supplement: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: June 2011
Standard: Version: 2.0 Date: June 2011 Author: PCI Data Security Standard (PCI DSS) Virtualization Special Interest Group PCI Security Standards Council Information Supplement: PCI DSS Virtualization Guidelines
More informationLogRhythm and PCI Compliance
LogRhythm and PCI Compliance The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent
More informationVmware VSphere 6.0 Private Cloud Administration
To register or for more information call our office (208) 898-9036 or email register@leapfoxlearning.com Vmware VSphere 6.0 Private Cloud Administration Class Duration 5 Days Introduction This fast paced,
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationVirtualized Domain Name System and IP Addressing Environments. White Paper September 2010
Virtualized Domain Name System and IP Addressing Environments White Paper September 2010 Virtualized DNS and IP Addressing Environments As organizations initiate virtualization projects in their operating
More informationRemote PC Guide Series - Volume 1
Introduction and Planning for Remote PC Implementation with NETLAB+ Document Version: 2016-02-01 What is a remote PC and how does it work with NETLAB+? This educational guide will introduce the concepts
More informationTop virtualization security risks and how to prevent them
E-Guide Top virtualization security risks and how to prevent them There are multiple attack avenues in virtual environments, but this tip highlights the most common threats that are likely to be experienced
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationParallels Virtuozzo Containers
Parallels Virtuozzo Containers White Paper Top Ten Considerations For Choosing A Server Virtualization Technology www.parallels.com Version 1.0 Table of Contents Introduction... 3 Technology Overview...
More informationCloud IaaS: Security Considerations
G00210095 Cloud IaaS: Security Considerations Published: 7 March 2011 Analyst(s): Lydia Leong, Neil MacDonald Ensuring adherence to your organization's security and compliance requirements is one of the
More informationHow To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
More informationHow To Protect A Virtual Desktop From Attack
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
More informationTotal Cloud Protection
Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased
More information10 BenefIts. that only an Integrated platform security solution can BrIng
If It s not KaspersKy endpoint security for BusIness, It s not an endpoint protection platform 10 BenefIts that only an Integrated platform security solution can BrIng Kaspersky Lab s Global IT Security
More informationThe Payment Card Industry (PCI) Data Security Standards (DSS) v1.2 Requirements:
Compliance Brief The Payment Card Industry (PCI) Data Security Standards (DSS) v1.2 Requirements: Using Server Isolation and Encryption as a Regulatory Compliance Solution and IT Best Practice Introduction
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationSQL Server Virtualization 101. David Klee, Group Principal and Practice Lead. SQL PASS Virtualization VC, 2014.01.08
SQL Server Virtualization 101 David Klee, Group Principal and Practice Lead SQL PASS Virtualization VC, 2014.01.08 www.linchpinpeople.com 1 David Klee Group Principal and Practice Lead @kleegeek davidklee.net
More informationStaying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro
Staying Secure After Microsoft Windows Server 2003 Reaches End of Life Trevor Richmond, Sales Engineer Trend Micro Windows Server 2003 End of Life- Why Care? The next big vulnerability (Heartbleed/Shellshock)
More informationAutomating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0
WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationBEST PRACTICES. Systems Management. www.kaspersky.com
BEST PRACTICES www.kaspersky.com 2 YOUR GUIDE TO SYSTEMS MANAGEMENT BEST PRACTICES. Enhance security and manage complexity using centralized IT management tools. Unpatched vulnerabilities in popular applications
More information