How Does Virtualization Change Your Approach to Enterprise Security and Compliance?

Size: px
Start display at page:

Download "How Does Virtualization Change Your Approach to Enterprise Security and Compliance?"

Transcription

1 HowDoesVirtualizationChangeYour ApproachtoEnterpriseSecurityand Compliance? SevenStepstoaVirtual awaresecuritystrategy. MichaelBaum Co founder ChiefCorporate&Business DevelopmentOfficer ScottShepard CISSP,CISM PrincipalConsultant Splunk Inc. 250 Brannan Street San Francisco, CA GlassHouse Technologies, Inc. 200 Crossing Boulevard Framingham, MA Copyright 2009 Splunk Inc. and GlassHouse Technologies, Inc.. All rights reserved.

2 SevenStepstoaVirtual awaresecuritystrategy Virtualization is a disruptive new technology that can greatly improve IT operational effectiveness while reducing overall costs, making it a critical initiative for IT Directors charged to do more with less. VirtualizationhasthepotentialtotransformeverylayeroftheenterpriseITstack,bringingconsolidationand increasedutilizationofphysicalassets,versioncontrolofentireoperatingsystemsandapplications,and instant virtualization as one of the fastest growingemerging technologies. Estimatesare thatthe server virtualizationsoftwaremarketwillgrowatacompoundannualrateof28%from2008through2013(from $1.8billionto$6.2billion). However,asvirtualizationadoptioncontinuestoincrease,ithasopenedaheateddebateinthemarketover the security and compliance of virtual environments. On one side, many virtualization product vendors arguethatimplementingvirtualizationincreasessecuritybyisolatingfunctionsintotheirownenvironments. However,manysecurityproductvendorscounterthatvirtualizationintroducesnewrisksincludingnovel pointsofattack,theabilityforvirtualresourcestoeasilyevadepolicyandthevolatilityofcriticalsecurityand compliancedata.whoisright?therearecoretruthsinbotharguments.aswithanynewtechnology,in ordertoachieveasecureimplementation,itisnecessarytoaugmentexistingpolicesandpracticeswithan understandingofhowvirtualizationworks. Ratherthandwellonthedebate,thefocusshouldbeonenablinga virtual aware securityandcompliance strategy adaptingbestpracticestotheuniquecharacteristicsofavirtualenvironment.enablingavirtualaware security and compliance strategy requires accounting for not only the technology aspects of the implementation,butalsothepeople,processandpolicycomponents.thiswhitepaperoutlinessevensteps toestablishingavirtual awaresecurityandcompliancestrategy.althoughvmwareiscitedforillustrating and explaining concepts within this document, the recommendations are applicable to any virtual environmentregardlessofthevendororproductsused. 1.AlignYourSecurityStrategywithYourBusinessRiskTolerance Astheuseofvirtualizationhasgrown,therehasbeenawaveofproductsandsolutions,includingvendors, Altor, Catbird, and Reflex, introduced in the market to address different aspects of security in virtual environments.but,indiscriminatelyimplementingsecuritytechnologiescanleavegapsinprotectionand impacttheperformanceofyourvirtualizedenvironments.inordertomakebusinessappropriatedecisions onsecuritymeasuresandsolutionstoimplement,youmuststartbyidentifyingyourbusinessrisktolerance. Thisisdefinedasthebalancebetweenthesecuritymeasuresimplementedandtheamountofriskyouare willing to take in conducting business. Security measures should always be implemented within the frameworkofadefinedsecuritystrategyandthatstrategymustalignwithkeybusinessdriversandthe businessriskappetite. Thefirststepinidentifyingrisktoleranceandbuildingyoursecuritystrategyistounderstandandidentify your business drivers for a specific virtualization environment and the organization as a whole. When consideringvirtualization,businessdriversmayincludereducingitinfrastructurecosts,improvingservice failovercapabilitiesoragreaterreturnon,andutilizationof,theinvestmentyouhavealreadymadeinit assets.thisshouldbefollowedwithasecurityriskassessmentinordertogainanunderstandingofyour current or baseline risk profile. This will provide the inputs for defining an initial security policy that is designedtoprotectcriticalassetswhileachievingtheidentifiedbusinessdrivers.keepinmindthatthe policymustmeetapplicablelawsandcompliancemandatesrelevanttoyourindustryandorganizationas HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page2

3 wellasremediatethecriticalvulnerabilitiesidentifiedduringtheriskassessmentprocess.understandingthe business drivers and risk tolerance for specific virtualization initiatives will help you balance the security measuresrequiredtomeetbothyourbusinessandsecurityobjectives.considerthecasewhereyourmedia studioisusingvirtualizationinacloudserviceproviderenvironmenttoapplyextracomputeresourcesand speedupprojects.inthisexample,yourrisktolerancemaybefairlyhighandthesecuritymeasuresyou applyataminimum.contrastthiswithyourcrmsystemthatmanagescriticalsales,marketing,support andcustomeraccountinformation.yourrisktoleranceforthisapplicationislikelyverylowandthesecurity measuresappliedwillbesignificant. Figure1:VirtualEnvironmentRiskTolerance The next step is to identify the control points and technologies that can be applied to address the appropriate security measures. Control points identify where to place security monitoring and control technologiestoimplementthegivensecuritymeasuresandpolicies.controlpointsaretypicallyplacedon the user, network, system, application, or the data. Some control points, for example, network control points, may change drastically when moving from a physical to virtual environment. In a physical environment monitoring messages, logs, configurations and packets can be accomplished in a fairly straightforwardmannerusinganynumberoftools.inavirtualenvironment,virtualmachines(vms)have theabilitytoabstractthenetworkthroughvirtualswitchesandsomeofthetraditionalnetworkcontrol points may have moved inside the hypervisor itself. For example, since inter VM communication stays withinthehypervisor,theinformationmaynotbeabletobeeasilycollectedandmonitoredwithtraditional physicalnetworksecuritycontrolpointslikefirewalls,logmanagersorintrusiondetectionsystems(ids). Yourvirtualsecurityandcompliancestrategywillneedtoaccountforanychangesincontrolpointsand ensurethatyoursecuritysolutionisappropriateandeffectivewithinavirtualizedenvironment.traditional security products don t typically provide the same level of security when virtualized as they did in the physical environment due to physical limitations. For example, physical IDS and firewalls are not always capableofhandlingthejumboframes(largerpacketsizes)thatareusedtotransferdatawithinavirtual switch and physical monitoring and log management solutions may not be capable of collecting the necessaryinformationfromthehypervisoritself,forexample. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page3

4 Figure2:ChangingControlPoints Finally,afterthesecuritymeasuresandassociatedcontrolpointsintheformofprocessesandtechnologies havebeenimplemented,thelaststepistoperformariskandvulnerabilityassessmentinordertoverifythat thesecuritypolicyandbusinessobjectiveshavebeenmet.inordertoremaineffective,thesecuritystrategy needs regular validation by conducting periodicsecurity assessments against the implemented security measures,thecurrentsecuritypolicyandthebusinessdrivers.expectthesecuritystrategytochangeover time.theoutputoftheriskassessmentisusedtotuneandadjustthesecuritymeasuresasnecessary.the endresultwillbeasecurevirtualenvironmentandstrategythatisinlinewiththebusinessrisktolerancefor eachenvironmentandtheorganizationasawhole. 2.SecureVirtualMachinesLikePhysicalMachines ThereisacommonmisconceptionthatVMsdonotrequirethesameprotectivemeasuresasphysicalones. ThemisconceptionstemsfromtheabstractionandhidingoftheVMonavirtualnetworkbehindorinside physicalhardwarethoughnetworkaddresstranslation(nat).thismaygivetheimpressionthatsincethe VMisnotaphysicalentity,itcannotbeseenbytheoutsideworld.However,theVMhasitsownIPaddress andmustprovideaserviceporttoacceptcommunicationfromtheoutsideworldleavingitopentothe same vulnerabilities and threats as a separate physical machine. There is no additional security that is inheritedjustbydeployingvirtualization.therefore,vmsneedtheallofthesamecontrolsandprotective measures, including but not limited to: software patches, antivirus, change management, and intrusion prevention. AnadditionalmisconceptionisthattheVMsaresomehowhiddenbehindthehostoperatingsystemor hypervisor.mostvmswillneedtobeexposedinordertoprovideclientswithaccesstotheapplicationsand services on the VM. Even if the VMs are hidden behind Network Address Translation(NAT), and not directlyreachable,theyarealmostcertainlyofferingaservice,suchas ,web,oradatabase,thatis forwarded to them through that protective layer. Those services can still be attacked through the hypervisor.applicationattacks,particularlytowebapplications,areanincreasinglycommonattackvector. Simplyput,theVMsmustcomplywithandmaintainthesamelevelofsecurityasthephysicalsystemonthe networkandavirtualizedapplicationisasvulnerabletoexploitasanon virtualone. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page4

5 Figure3:VirtualResourcesBehaveLikePhysicalResourcesontheNetwork NotonlydoestheVMneedtobesecured,butalsosodoesthehostoperatingsystemorvirtualizationlayer (inmanycasesthehypervisorreplacesthehostoperatingsystemwithabaremetalvirtualizationos).itis best to use a hardened, thin host operating system or hypervisor, similar to VMware ESXi. These thin operatingsystemsalreadyhavemostoftheirunnecessaryservicesandapplicationsdisabledandremoved to reduce the chance of a vulnerability exposure. When implementing a thin host operating system considerwhatservicescouldbere enabledthroughunsupportedfeatures.forexample,anadministrator with console access to an ESXi server can enable remote SSH connections, or other services, simply by accessingarootlevelcommandpromptandthenenablingthefeaturesinthenetworkconfigurationfile. Makesuretoperformasecurityassessmentofthehostoperatingsystem,usingappropriatetoolsthatare designedforvirtualenvironments,toensurethattheenabledsystemservicesmeetthesecuritypolicy. Figure4:SecuringHostOS/VirtualizationOS HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page5

6 3.VirtualMachineIsolation Whendiscussingvirtualization,mostsecurityprofessionalsfirstidentifysecurityconcernsoverhowtheVMs areisolatedfromeachotherandfromthehostoperatingsystem.initialvendorsecuritystrategiesfocused onwaystoisolatethevirtualizedoperatingsystemssothatacompromisedvmcouldnotgainaccesstothe other guest systems in the virtual environment. Additionally, VMware and other vendors go into great detaildiscussinghowtoisolatethemanagementinterfaces. However, in February of 2008, VMware introduced VMsafe, which allows access to the same internal applications VMware uses to manage the virtual infrastructure. With this capability, a special VM with promiscuous modeforwardingenabledcanmonitorthetrafficofallvmsonthevirtualswitch.besides network,thespecialvmcanbeconfiguredtomonitorothervirtualizedcomponents(i.e.process,memory, ordisk).vmsafewasintroducedtoimproveperformanceofsimilaractivitiesinallvms.forexample,why run anti virus in each VM, when a single VM can run anti virus and perform file scanning for all VMs? However,thiscapabilityviolatesthefundamentalphilosophyofvirtualmachineisolation. Figure5:ViolatingVMIsolation Atthispoint,moveforwardcautiouslywithVMsafeorsimilarsolutionsuntilthistechnologymatures.VM isolationshouldberetainedandeachvmshouldmaintainsecuritywithinthevirtualenvironmentandnot relyonvmsafe.virtualsecuritypolicyshouldrequirethatallvmtrafficcrossinganetworkboundaryroute outside of the virtual environment pass through physical networking security measures in the form of firewalls,intrusiondetectionsensors,datalossprevention,andothernetworkprotectiveandmonitoring technologies. Once the technology matures, VMsafe will likely prove quite beneficial in improving the securityofallvmsintheenvironment. 4.LimitandMonitorAdministrativeAccess Theintroductionofthehypervisorrequiresadditionalmanagementsoftware.Thisraisessecurityconcerns becausethemanagementsoftwaregrantsadministrativeaccesstomultiplevms.toaddressthisissue, establishrole basedaccesscontrolsfortheindividualvmsthroughthevcentertomirrorthephysicalaccess controls that had been established before virtualization. Additionally, establish network based firewall controlstolimitnetworkaccesstoadministrativeinterfaces.severelyrestrictthenumberofadministrators thathaveconsole/rootlevelaccesstothehostoperatingsystem.thisaccess,aswellasalladministrative HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page6

7 activities,mustbeloggedtoacentralizedlogmanagementserver(seesectiononsecuritymonitoring).in additiontoaccesscontrols,utilizeencryptionandmonitoringsoftware(sshandsudo,respectively)toavoid thesniffingofadministratorcredentialsandtomonitorforabuseofadministratorprivileges. Figure6:LimitingAdministrativeAccess Inadditiontoprotectionofthemanagementsoftware,protectingthevirtualfilesthatmakeuptheVMis critical.utilizebestpracticestoencryptthemwhennotinuse,andlimitadministrativeaccesstothesefiles. WhenVMotionorsimilartechnologyisusedtotransferthesefilesbetweenvirtualenvironments,employ encryptedchannelsoroutofbandadministrativechannels. 5.ProtectVirtualMachineResources Virtualization offers the flexibility to leverage under utilized computing power within the virtual environment.whathappenswhenmultiplevmsinthevirtualizedenvironmentcomeunderadenial ofserviceattack?inatraditional,physicallyseparatedenvironment,thesystems,whicharenotunderattack, arenotaffected.however,inavirtualenvironmenttheunderlyingphysicalinfrastructureandallvmsmay beaffected.forexample,ina4ghzphysicalinfrastructure,iffourvmswereeachallocated2ghzofvirtual processingpower,adenialofserviceattackontwovmswouldadverselyimpacttheperformanceofthe remainingtwovmseventhoughtheyarenotunderadenialofserviceattack. Expandingthisexample,assumetherearefourVMsspreadacrossmultiplenetworkboundariesinaDMZ ( demilitarizedzone thebufferzonethatseparatestheinternetandyourprivatelan).twoofthevms makeupawebclusterthatisaccessiblefromtheinternet.theothertwovmsareontheinternalnetwork andarenotdirectlyaccessiblefromtheinternet.usingtheexampleconfiguration,whereeachofthefour VMsareallocated2GHz,adenialofserviceattackontheWebclusterwillhaveaperformanceimpactonthe twointernalnetworkvms.theendresultisthattheserviceavailabilityofallfourvmswouldbedegraded. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page7

8 Figure7:PhysicalHostPartitioning Figure8:ResourceLoadBalancing To maintain the desired level of service availability across all VMs, resource (processor and memory) allocation should be managed based on the desired service levels for the VMs, and not solely on the business driver in reduction of physical servers. Establishing reservations, shares, and limits, will ensure stabilityandavailabilityofcriticalvmsifmultiplevmscomeunderdenialofserviceattack.additionally, thesesettingsshouldbemonitoredandadjustedovertimeasthevirtualenvironmentevolves.thiscanbe donemanuallyorthroughvmwaredrs(distributedresourcescheduler),whichallocatesandbalances computingcapacityforvirtualenvironmentsonmultipleesxhosts. 6.EnforceVirtualMachineConfigurationandPatchManagementPolicies Inaphysicalenvironment,configurationandpatchmanagementaremandatoryformaintainingasecure environment.thissameprincipleappliesequallytothevirtualenvironment.allvirtualsystemsshouldfall underthesameconfigurationandpatchmanagementprocess.withvirtualization,however,thereisone notabledifference.howdoyouaddressconfigurationandpatchmanagementforoff linevms?utilizing serverendpointprotectiontoensureanyoff linevmsarebroughtintosecuritycompliancebeforetheygo online can solve this. Additionally, all VMs used for disaster recoveryplanning must be brought online periodicallytoensurethattheyarecompliantwithcurrentsecuritypolicy,andensureimmediateactivation duringanemergency. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page8

9 Figure9:EnforcingConfigurationPolicies Withavirtualenvironment,configurationandpatchmanagementofthehostoperatingsystemisamust. Vulnerabilitiesandpoorconfigurations,ifexploited,canimpacttheentirevirtualizedinfrastructure.Insome cases additional processes need to be created to handle bare metal host operating systems that are hardenedandstripped down.sincethesearereducedoperatingsystems,patchingandconfigurationtools may not be capable of applying the same patches to the host operating system. A customized patch management and configuration process must be established for patching the host OS. Ideally, the customizedprocessshouldleveragevirtualization shighavailabilitycapabilitiesthatmovecriticalvmsfrom onevirtualenvironmenttoanotherwhiletheunderlyinghostoperatingsystemispatched.lesscriticalvms cangoofflinewhilethehostosisbeingpatched.inbothcases,ensurethecustomizedprocessincludes notificationstoallusers,administrators,andownersofthesevms. 7.SecurityMonitoring Today sitcomputingenvironmentiscomplex,withbusinessrequirementsdrivinganinfrastructurethatis madeupofawidevarietyofapplications,systems,devicesandtechnologies.thethreatsandvulnerabilities inherentwithintoday senvironmentsmakemaintenanceandsecurityaconstantconcern.asimplechange to a single component can have a rippling effect on many other applications and systems across the enterprise. Industry best practices dictate the need for monitoring and reporting on the securityand compliancestateofyourenvironment. Addinganewtechnology,suchasvirtualization,toanalreadycomplexenvironmentmagnifiesthesecurity issues.deployingvirtualizationrequiresadditionalsecuritymonitoringoftheadministrationactivities,the virtualizationmanagementinterface,andaccesstothevirtualmachinelogs,messagesandevents.muchof this data will also need to be retained for security investigations and compliance reporting. Effective monitoringandreportingacrossavirtualenvironmentcanbetrickyasvirtualresourcesandtheirassociated securityandcompliancedatamigratebetweenphysicalsystemsandpotentiallydisappearalltogether. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page9

10 Figure10:VirtualizationSecurityMonitoringandReporting Security monitoring and reporting can be achieved by first performing an inventory of the security and compliancedatayourphysicalandvirtualresourcesgenerateincludingthelocation(memory,filesystem, network port) and the best way to access the data. Often accessing the logs and messages from a virtualizedenvironmentcanbetricky,asmanyvirtualizationvendorshaven tdesignedveryrobust,scalable APIsordataforwardingmechanisms.Capturingdatainnearrealtimeisimportantgiventhemigrationand volatilityofvirtualresourcesanddata.onceidentifiedthedatasourcesandcollectionmechanism,you ll needtodeployasecurityeventmanagementandreportingsolutiontocorrelateallthedifferenttypesof events and technologies in your virtual stack (applications, operating system, network, storage, access control). Best practice is not to deploy security monitoring and reporting solutions as part of the virtualized environment,asadministratorshavetheabilitytoremovetracesoftheirownactivity.onceyourdatais consolidated, the logs, events and message can be correlated to provide actionable alerts, enable comprehensivesecurityinvestigations,speedtroubleshootingofcomplexproblemsandarchivedtomeet complianceretentionandreportingrequirements. GettingAheadoftheGame Takingadvantageofnewtechnologiesneednotbeariskyproposition.Bycombiningsecuritybestpractices andanunderstandingofhowthetechnologyworks,companiescanefficientlyandsecurelyimplementthe promisedbenefits.byutilizingtherecommendationsoutlinedinthispaperyoucandefinetheappropriate risk basedsecuritypoliciesandimplementnecessarycontrolstoachieveasecurevirtualenvironment. Developawellthoughtout virtual aware securitystrategy. Assessandunderstandyourvulnerabilities Enhanceexistingsecuritymeasures,controlpointsandmonitoringtoaddressvirtualizationgaps. Balanceacceptableriskwithbusinessdrivestoachievethebenefitsofvirtualization. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page10

11 References SecurityDesignoftheVMwareInfrastructure3Architecture bycharuchaubal,vmware SecurityConsiderationsandBestPracticesforSecuringVirtualMachines byneilmacdonald,gartner, 6March2007 ESX SERVER SECURITY TECHNICAL IMPLEMENTATION GUIDE Version 1, Release 1 Developed by DefenseInformationSystemsAgencyfortheDepartmentofDefense,28April2008 Dataquest Insight: Virtualization Market Size Driven by Cost Reduction, Resource Utilization and ManagementAdvantages bygartner,5january2009 TheGuidetoITSearch bysplunk,january2008 TheBusinessModelOntologyaPropositioninaDesignScienceApproach byalexanderosterwalder, UNIVERSITEDELAUSANNE,2004 AbouttheAuthors MichaelBaumco foundedsplunkwithtwofriendsandanambitiontoassisthumansinthebattleagainst increasingitcomplexityandtheonslaughtofmachinegenerateddata.asfoundingceo,michaelledthe teamthatquicklyscaledsplunkfromageekyideatooneofthefastestgrowingprivatesoftwarecompanies in Silicon Valley. The company has transformed how more than 1,100 enterprises, service providers and governmentorganizationsandmorethan350,000usersworldwideunderstandandmanagecomplexit environments.splunkwasthewinnerofdeloitte's2008fastestgrowingrisingstarsinsiliconvalleyand recognizedasoneofthetopplacestoworkinthebayareabythesanfranciscotimes.nowmichaelis leadingtheteambuildingsplunk'sglobalecosystemofconsultants,solutiondevelopers,resellers,managed serviceprovidersandtechnologypartners. ScottShepard,CISSP,CISM,isaPrincipalConsultantforGlassHouseTechnologies,Inc.Heisaninformation securityexpertwhohasledthedevelopmentofabroadportfolioofmarket leading,differentiatedsecurity servicesolutionsandarchitectures.inhispriorpositionasthedirectoryofsecurityarchitectureatmotorola, heledthedevelopmentandtechnicalbuild outofthe E zones architectureinsupportmotorola sseamless Mobility business vision. Scott received recognition for this unique security implementation with multiple industryawards. Allthetrademarksorbrandsinthisdocumentareregisteredbytheirrespectiveowner(s).VMware,theVMwarelogo, VMotionaretrademarksorregisteredtrademarksofVMware,Inc..Allothermarksandnamesmentionedhereinmaybe trademarksoftherespectivecompanies.allrightsreserved. HowDoesVirtualizationChangeYourApproachtoEnterpriseSecurityandCompliance? Copyright2009SplunkInc.andGlassHouseTechnologies,Inc.AllRightsReserved. Page11

David.Balka@chi.frb.org 2009 STREAM FRBC

David.Balka@chi.frb.org 2009 STREAM FRBC Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework

More information

WHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment

WHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment WHITE PAPER Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment www.ixiacom.com 915-6892-01 Rev. A, July 2014 2 Table of Contents The Challenge of the Virtual Environment...

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

Before we can talk about virtualization security, we need to delineate the differences between the

Before we can talk about virtualization security, we need to delineate the differences between the 1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via

More information

MobiKEY TM with TruOFFICE

MobiKEY TM with TruOFFICE MobiKEY TM with TruOFFICE Virtual Desktop Infrastructure (VDI) SOLUTION February 8, 2011 Copyright 2011 Route1 Inc. All rights reserved. Route1, the Route1 and shield design Logo, SECURING THE DIGITAL

More information

Mitigating Information Security Risks of Virtualization Technologies

Mitigating Information Security Risks of Virtualization Technologies Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization

More information

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with

More information

MobiKEY. Virtual Desktop Infrastructure (VDI) Integration. September 2012

MobiKEY. Virtual Desktop Infrastructure (VDI) Integration. September 2012 MobiKEY Virtual Desktop Infrastructure (VDI) Integration September 2012 Copyright 2012 Route1 Inc. All rights reserved. Route1, the Route1 and shield design Logo, SECURING THE DIGITAL WORLD, Mobi, MobiSecure,

More information

5 Best Practices to Protect Your Virtual Environment

5 Best Practices to Protect Your Virtual Environment CONTENTS OF THIS WHITE PAPER Security Virtualization s Big Hurdle..1 Why Old-STyle Protections Fall short..2 Best Practices...3 Create A VM Service Good List... 3 Monitor and Protect the Hypervisor...

More information

Learn the Essentials of Virtualization Security

Learn the Essentials of Virtualization Security Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption

More information

Managed Hosting is a managed service provided by MN.IT. It is structured to help customers meet:

Managed Hosting is a managed service provided by MN.IT. It is structured to help customers meet: Managed Hosting Service Description Version 1.10 Effective Date: 3/3/2015 Purpose This Service Description is applicable to Managed Hosting services (MH) offered by MN.IT Services (MN.IT) and described

More information

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................

More information

Learn the essentials of virtualization security

Learn the essentials of virtualization security Learn the essentials of virtualization security White Paper Table of Contents 3 Introduction 4 Hypervisor connectivity and risks 4 Multi-tenancy risks 5 Management and operational network risks 5 Storage

More information

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1) Configuring Virtual Switches for Use with PVS February 7, 2014 (Revision 1) Table of Contents Introduction... 3 Basic PVS VM Configuration... 3 Platforms... 3 VMware ESXi 5.5... 3 Configure the ESX Management

More information

Balancing CPU, Storage

Balancing CPU, Storage TechTarget Data Center Media E-Guide Server Virtualization: Balancing CPU, Storage and Networking Demands Virtualization initiatives often become a balancing act for data center administrators, who are

More information

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)

More information

Catbird 6.0: Private Cloud Security

Catbird 6.0: Private Cloud Security WHITE PAPER Catbird 6.0: Private Cloud Security and agile infrastructure that is exposing weaknesses in legacy perimeter-based network controls and leaving applications vulnerable to advanced threats.

More information

Securing Industrial Control Systems on a Virtual Platform

Securing Industrial Control Systems on a Virtual Platform Securing Industrial Control Systems on a Virtual Platform How to Best Protect the Vital Virtual Business Assets WHITE PAPER Sajid Nazir and Mark Lazarides sajid.nazir@firstco.uk.com 9 Feb, 2016 mark.lazarides@firstco.uk.com

More information

Control your corner of the cloud.

Control your corner of the cloud. Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing

More information

Virtual Cascade Shark

Virtual Cascade Shark WHITE PAPER Virtual Cascade Shark Enabling ubiquitous visibility in virtualized enterprises Executive Summary Enterprises have been using Cascade products from Riverbed Technology for many years to discover,

More information

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««; Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization

More information

Meeting the Challenges of Virtualization Security

Meeting the Challenges of Virtualization Security Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization

More information

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Virtualization Technologies. Embrace the new world of healthcare

Virtualization Technologies. Embrace the new world of healthcare Virtualization Technologies Embrace the new world of healthcare Overview Introduction and Virtualization Basics Core Virtualization Technologies Enterprise Server Virtualization Solutions End User and

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

Netzwerkvirtualisierung? Aber mit Sicherheit!

Netzwerkvirtualisierung? Aber mit Sicherheit! Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction

More information

Virtualization for Cloud Computing

Virtualization for Cloud Computing Virtualization for Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF CLOUD COMPUTING On demand provision of computational resources

More information

VMware vsphere 5.1 Advanced Administration

VMware vsphere 5.1 Advanced Administration Course ID VMW200 VMware vsphere 5.1 Advanced Administration Course Description This powerful 5-day 10hr/day class is an intensive introduction to VMware vsphere 5.0 including VMware ESX 5.0 and vcenter.

More information

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure

BEST PRACTICES. DMZ Virtualization with VMware Infrastructure BEST PRACTICES DMZ Virtualization with ware Infrastructure ware BEST PRACTICES Table of Contents Virtualized DMZ Networks... 3 Three Typical Virtualized DMZ Configurations... 4 Partially Collapsed DMZ

More information

Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012

Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012 Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:

More information

Shavlik NetChk Protect 7.1

Shavlik NetChk Protect 7.1 Shavlik NetChk Protect 7.1 New s in Shavlik NetChk Protect 7.1 Asset Management Define asset scans for physical and virtual machines for Software Assets, Hardware Assets, and Virtual Machine Assets. This

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

Boost your VDI Confidence with Monitoring and Load Testing

Boost your VDI Confidence with Monitoring and Load Testing White Paper Boost your VDI Confidence with Monitoring and Load Testing How combining monitoring tools and load testing tools offers a complete solution for VDI performance assurance By Adam Carter, Product

More information

What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant

What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant Nationwide Insurance Learning Objectives Understand the fundamentals of virtualization and supporting architecture Develop

More information

WHITE PAPER. Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs

WHITE PAPER. Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs WHITE PAPER Net Optics Phantom Virtual Tap Delivers Best-Practice Network Monitoring For Virtualized Server Environs www.ixiacom.com 915-6909-01 Rev. A, July 2014 2 Table of Contents Event... 4 Context...

More information

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE Virtualization Security and Best Practices Rob Randell, CISSP Senior Security Specialist SE Agenda General Virtualization Concepts Hardware Virtualization and Application Virtualization Types of Hardware

More information

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax:

365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax: Course: Virtualization with VMware ESX and VirtualCenter Description: Price: $2,895.00 Category: VMware Duration: 5 days Schedule: Request Dates Outline: This class is a 5-day (optional 4-day) intense

More information

Architecting Security for the Private Cloud. Todd Thiemann

Architecting Security for the Private Cloud. Todd Thiemann Architecting Security for the Private Cloud Todd Thiemann Classification 4/9/2010 Copyright 2009 Trend Micro Inc. 1 The Evolving Datacenter Lowering Costs, Increasing Flexibility Public Cloud Private Cloud

More information

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations

More information

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion

More information

S24 Virtualiza.on Security from the Auditor Perspec.ve

S24 Virtualiza.on Security from the Auditor Perspec.ve S24 Virtualiza.on Security from the Auditor Perspec.ve Rob Clyde, CEO, Adap.ve Compu.ng; former CTO, Symantec David Lu, Senior Product Manager, Trend Micro Hemma Prafullchandra, CTO/SVP Products, HyTrust

More information

PC Blade Virtualization Configuration Guide

PC Blade Virtualization Configuration Guide PC Blade Virtualization Configuration Guide The combination of ClearCube PC Blades and management software with industry-standard virtualization technology gives IT managers a new way to more efficiently

More information

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC

Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service

More information

Sygate Secure Enterprise and Alcatel

Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and

More information

Secure Virtualization in the Federal Government

Secure Virtualization in the Federal Government White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in

More information

Hypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept.

Hypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept. Hypervisor Software and Virtual Machines Learning Objectives Understand the common features of today s desktop virtualization products Select and implement a desktop virtualization option on a Linux, Mac,

More information

Virtualization System Security

Virtualization System Security Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability

More information

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL

More information

VMware ESXi 3.5 update 2

VMware ESXi 3.5 update 2 VMware ESXi 3.5 update 2 VMware ESXi 3.5 Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor for FREE Partitions servers to create

More information

SECURITY IN OPERATING SYSTEM VIRTUALISATION

SECURITY IN OPERATING SYSTEM VIRTUALISATION SECURITY IN OPERATING SYSTEM VIRTUALISATION February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Install Guide for JunosV Wireless LAN Controller

Install Guide for JunosV Wireless LAN Controller The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller

More information

Management of VMware ESXi. on HP ProLiant Servers

Management of VMware ESXi. on HP ProLiant Servers Management of VMware ESXi on W H I T E P A P E R Table of Contents Introduction................................................................ 3 HP Systems Insight Manager.................................................

More information

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects

More information

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER CORPORATE COLLEGE SEMINAR SERIES Date: April 15-19 Presented by: Lone Star Corporate College Format: Location: Classroom instruction 8 a.m.-5 p.m. (five-day session)

More information

VirtualclientTechnology 2011 July

VirtualclientTechnology 2011 July WHAT S NEW IN VSPHERE VirtualclientTechnology 2011 July Agenda vsphere Platform Recap vsphere 5 Overview Infrastructure Services Compute, Storage, Network Applications Services Availability, Security,

More information

Avoiding the Top 5 Vulnerability Management Mistakes

Avoiding the Top 5 Vulnerability Management Mistakes WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability

More information

VMware vcloud Air Security TECHNICAL WHITE PAPER

VMware vcloud Air Security TECHNICAL WHITE PAPER TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects

More information

Strategies for Protecting Virtual Servers and Desktops

Strategies for Protecting Virtual Servers and Desktops Strategies for Protecting Virtual Servers and Desktops by Jonathan Tait, Product Marketing Manager Virtualization Today Over the past few years, virtualization technology has transformed the data center.

More information

McAfee Server Security

McAfee Server Security Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or

More information

Hyper-V R2: What's New?

Hyper-V R2: What's New? ASPE IT Training Hyper-V R2: What's New? A WHITE PAPER PREPARED FOR ASPE BY TOM CARPENTER www.aspe-it.com toll-free: 877-800-5221 Hyper-V R2: What s New? Executive Summary This white paper provides an

More information

VMware vsphere 5.0 Boot Camp

VMware vsphere 5.0 Boot Camp VMware vsphere 5.0 Boot Camp This powerful 5-day 10hr/day class is an intensive introduction to VMware vsphere 5.0 including VMware ESX 5.0 and vcenter. Assuming no prior virtualization experience, this

More information

Network Access Control in Virtual Environments. Technical Note

Network Access Control in Virtual Environments. Technical Note Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved

More information

Altor Virtual Network Security Analyzer v1.0 Installation Guide

Altor Virtual Network Security Analyzer v1.0 Installation Guide Altor Virtual Network Security Analyzer v1.0 Installation Guide The Altor Virtual Network Security Analyzer (VNSA) application is deployed as Virtual Appliance running on VMware ESX servers. A single Altor

More information

VDI can reduce costs, simplify systems and provide a less frustrating experience for users.

VDI can reduce costs, simplify systems and provide a less frustrating experience for users. 1 INFORMATION TECHNOLOGY GROUP VDI can reduce costs, simplify systems and provide a less frustrating experience for users. infor ation technology group 2 INFORMATION TECHNOLOGY GROUP CONTENTS Introduction...3

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R O r a c l e V i r t u a l N e t w o r k i n g D e l i v e r i n g F a b r i c

More information

6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days)

6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days) www.peaklearningllc.com 6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days) Introduction This three-day instructor-led course teaches students how to implement and manage Windows Server

More information

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs

More information

Secure Cloud-Ready Data Centers Juniper Networks

Secure Cloud-Ready Data Centers Juniper Networks Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security

More information

Virtualization Journey Stages

Virtualization Journey Stages Deep Security 7.5 Todd Thiemann Sr. Dir. of Datacenter Security Marketing Trend Micro Harish Agastya Director of Datacenter Security Marketing Trend Micro Classification 11/12/2010 1 Virtualization Journey

More information

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Kurt Klemperer, Principal System Performance Engineer kklemperer@blackboard.com Agenda Session Length:

More information

Ease Server Support With Pre-Configured Virtualization Systems

Ease Server Support With Pre-Configured Virtualization Systems Ease Server Support With Pre-Configured Virtualization Systems Manufacturers and industrial production companies are increasingly challenged with supporting the complex server environments that host their

More information

Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure

Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure Security studies back up this fact: It takes less than 20

More information

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015. Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines

More information

M6422A Implementing and Managing Windows Server 2008 Hyper-V

M6422A Implementing and Managing Windows Server 2008 Hyper-V M6422A Implementing and Managing Windows Server 2008 Hyper-V Looking at Training Differently... Course 6422A: Implementing and Managing Windows Server 2008 Hyper-V Length: Published: Language(s): Audience(s):

More information

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI

JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI JOB ORIENTED VMWARE TRAINING INSTITUTE IN CHENNAI Job oriented VMWARE training is offered by Peridot Systems in Chennai. Training in our institute gives you strong foundation on cloud computing by incrementing

More information

Security for Virtualization

Security for Virtualization Security for Virtualization Dan Broasca General Manager Omnient SRL dan.broasca@omnient.ro The two concepts Virtualize the security Complete virtualized security and network infrastructure Security for

More information

Data Center Connector for vsphere 3.0.0

Data Center Connector for vsphere 3.0.0 Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Course VM-03 5 Days Instructor-led, Hands-on Course Description This is a 5-day intense introduction to virtualization using VMware s

More information

HRG Assessment: Stratus everrun Enterprise

HRG Assessment: Stratus everrun Enterprise HRG Assessment: Stratus everrun Enterprise Today IT executive decision makers and their technology recommenders are faced with escalating demands for more effective technology based solutions while at

More information

Enterprise Desktop Virtualization

Enterprise Desktop Virtualization Enterprise Desktop Virtualization Introduction For nearly a decade, IT industry thought leaders and vendor proponents have hailed the anticipated widespread adoption of virtual display desktop as the new

More information

Virtualization: an old concept in a new approach

Virtualization: an old concept in a new approach MPRA Munich Personal RePEc Archive Virtualization: an old concept in a new approach Logica Banica and Doina Rosca and Cristian Stefan University of Pitesti, Faculty of Economics, University of Craiova,

More information

Windows Server 2008 R2 Hyper-V Live Migration

Windows Server 2008 R2 Hyper-V Live Migration Windows Server 2008 R2 Hyper-V Live Migration Table of Contents Overview of Windows Server 2008 R2 Hyper-V Features... 3 Dynamic VM storage... 3 Enhanced Processor Support... 3 Enhanced Networking Support...

More information

Virtualization Security Checklist

Virtualization Security Checklist Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating

More information

Making Data Security The Foundation Of Your Virtualization Infrastructure

Making Data Security The Foundation Of Your Virtualization Infrastructure Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges

More information

The Virtualization Practice

The Virtualization Practice The Virtualization Practice White Paper: A Look at Trend Micro Deep Security 7.5 Edward L. Haletky Analyst March 2011 2011 The Virtualization Practice. All Rights Reserved. Abstract Trend Micro Deep Security

More information

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Driving Company Security is Challenging. Centralized Management Makes it Simple. Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary

More information

CA Cloud Overview Benefits of the Hyper-V Cloud

CA Cloud Overview Benefits of the Hyper-V Cloud Benefits of the Hyper-V Cloud For more information, please contact: Email: sales@canadianwebhosting.com Ph: 888-821-7888 Canadian Web Hosting (www.canadianwebhosting.com) is an independent company, hereinafter

More information

Solution Guide Parallels Virtualization for Linux

Solution Guide Parallels Virtualization for Linux Solution Guide Parallels Virtualization for Linux Overview Created in 1991, Linux was designed to be UNIX-compatible software that was composed entirely of open source or free software components. Linux

More information

Managing the virtual revolution

Managing the virtual revolution Managing the virtual revolution John Abbott Chief Analyst Today s agenda About The 451 Group Virtualization: our story so far Ten tools for managing virtual infrastructure The future of virtualization

More information

VIRTUALIZATION SECURITY IN THE REAL WORLD

VIRTUALIZATION SECURITY IN THE REAL WORLD VIRTUALIZATION SECURITY IN THE REAL WORLD Growing Technology Virtualization has become the standard for many corporate IT departments. The market for server virtualization infrastructure has matured, surpassing

More information

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE

JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE White Paper JUNIPER NETWORKS FIREFLY HOST ANTIVIRUS ARCHITECTURE Copyright 2012, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3 Typical Antivirus Use Cases...3 Use Case

More information

Virtualization Impact on Compliance and Audit

Virtualization Impact on Compliance and Audit 2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance

More information

Verve Security Center

Verve Security Center Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution

More information

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server

More information

Virtualization. Michael Tsai 2015/06/08

Virtualization. Michael Tsai 2015/06/08 Virtualization Michael Tsai 2015/06/08 What is virtualization? Let s first look at a video from VMware http://bcove.me/x9zhalcl Problems? Low utilization Different needs DNS DHCP Web mail 5% 5% 15% 8%

More information

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0 WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,

More information

managing the risks of virtualization

managing the risks of virtualization managing the risks of virtualization Chris Wraight CA Technologies 28 February 2011 Session Number 8951 abstract Virtualization opens the door to a world of opportunities and well managed virtualization

More information

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization

More information