Security Overview of the Integrity Virtual Machines Architecture

Size: px
Start display at page:

Download "Security Overview of the Integrity Virtual Machines Architecture"

Transcription

1 Security Overview of the Integrity Virtual Machines Architecture Introduction... 2 Integrity Virtual Machines Architecture... 2 Virtual Machine Host System... 2 Virtual Machine Control... 2 Scheduling Access to Physical Resources... 3 Virtual Machines... 3 Virtual Machine Monitor... 3 Virtual Ethernet Switches... 4 Processor Virtualization... 4 Memory Virtualization... 4 Storage Virtualization... 5 Virtual Networking... 5 Virtual Ethernet Switches... 5 Virtual Network Interface Cards... 6 Virtual Machine Management... 7 Command Line Interface... 7 Graphical User Interface... 8 Customizable Roles for Access and Management... 8 General Security for the VM Host System... 8 Conclusion... 9 For more information... 9

2 Introduction HP Integrity Virtual Machines (Integrity VM) is a soft partitioning and virtualization technology within HP's Virtual Server Environment, which enables you to create multiple virtual servers within a single HP Integrity server, hard partition, or blade. A single HP Integrity system running Integrity VM can support multiple virtual machines, each with its own separate guest operating system. As a result, each virtual machine (VM) can host its own applications in an isolated environment. Integrity VM shares the physical resources of the Integrity server amongst all of the virtual machines it hosts. You can define virtual machines as single-cpu or SMP servers with the flexibility to host many virtual CPUs on a single physical processor. The same is true for I/O a single I/O card can be shared by multiple virtual machines. HP enables both flexibility and scalability with its Integrity VM technology. You can create virtual servers with multiple virtual CPUs and I/O devices, each running a separate operating system instance with different OS versions, applications, and users. The result is a virtual machine technology that provides increased hardware utilization and flexibility in server provisioning with isolation, improved system availability, and higher capacity. Integrity VM development is performed using strict security guidelines and each product release undergoes a formal security review in the design phase. Integrity Virtual Machines Architecture There are effectively multiple layers of technology in the Integrity VM architecture the physical computer system and its operating system (VM Host) supporting the virtual machine environment, Virtual Machine Monitor (VMM), and finally the virtual environment which contains virtual Ethernet switches and virtual machines. Virtual Machine Host System The VM Host is responsible for managing and allocating physical resources to virtual machines. It also enforces isolation of virtual machines while providing communication capabilities for virtual I/O adapters and Ethernet switches. The VM Host s operating system is HP-UX 11iv2 which has an EAL4+ assurance rating. HP-UX 11iv2 has been successfully evaluated against the requirements for the EAL4 Common Criteria (ISO 15408) Assurance Level, augmented by ALC_FLR.3 (flaw remediation), using the Controlled Access (CAPP) and Role-Based Access Control (RBAC) Protection Profiles Virtual Machine Control Each virtual machine is managed analogously to a UNIX process. After a VM s threads finish execution of their time-slice on a given physical processor, they are context-switched out with their state and register contents saved. Before another process or VM begins execution, its context is restored, including its register contents, before execution begins. In doing so, the VM Host s operating system removes register contents and state of the previously executing thread from that processor. 2

3 Scheduling Access to Physical Resources One of the critical functions of the VM Host is managing VM access to physical resources processor resources in particular. Each virtual machine has a guaranteed resource entitlement associated with it. Leveraging the fair-share scheduler (FSS) functionality inherent in the HP-UX operating system, the VM Host system enforces processor resource allocation to virtual machines. The Integrity VM scheduler accomplishes this by assigning each VM to a unique FSS allocation group. These FSS groups are analogous to those found in HP Process Resource Manager. This functionality guarantees allocation of physical processor resources sufficient to meet the demand of a virtual machine until that allocation reaches the virtual machine s entitlement. Once a virtual machine receives its entitled share of resources it will not receive any additional resources until all other virtual machines have their resource demands met in the same manner. The VM Host system enforces this allocation behavior regardless of the resource demand of other virtual machines hosted on that VM Host system. Integrity VM uses processor resources to emulate virtual I/O adapters configured for a virtual machine. As these virtual adapters are part of the virtual machine, their use is also subject to that virtual machine s guaranteed processor entitlement. The FSS functionality is also applied to other entities running on the VM Host system, including virtual Ethernet switches, management tools and agents such as those used by HP s Global Workload Manager and Glance. The VM Host identifies any entity that is not part of the Integrity Virtual Machine environment and places it in an FSS group that collectively has a minimal guaranteed entitlement. This provides a minimal amount of processing resources necessary for management tools while protecting virtual machines from entities that may deliberately or inadvertently attempt to affect resource allocation to those virtual machines. Virtual Machines Integrity Virtual Machines presents a virtualization of an Integrity-based computer system by virtualizing computer system components such as processors, memory, storage, and network interfaces. Such a virtual machine is accessed through the Intel Extensible Firmware Interface (EFI) providing functionality analogous to that of a physical server. Operating systems are installed on the virtual machine using its firmware interface in the same way as they are with physical HP Integrity servers. Virtual Machine Monitor Each virtual machine has a virtual machine monitor (VMM). The VMM provides memory management, device emulation, binary translation, and low-level fault handling functionality to the virtual machine. Integrity systems feature processors with four privilege levels or rings. Ring zero is the most privileged and ring three is the least. Only code executing in ring zero can perform privileged operations. Integrity VM s virtual machine monitor assists in limiting the time a virtual machine executes in ring zero by trapping interrupts whenever code running in the virtual machine executes a privileged operation. In most cases, the VMM uses the binary translator to create a sequence of instructions that performs the same privileged instruction task, but does so without any privileged operations. In doing so, the VMM prevents the virtual machine from executing in a higher processor ring. The virtual machine monitor s management of memory and emulation of virtual devices prevents the virtual machine from reading or executing translated code as well as preventing access of the virtual devices belonging to other virtual machines. As a result, the VMM also services those interrupts that must be delivered to the physical VM Host system using its low-level fault handlers, e.g., to service memory-access faults or complete an I/O transaction to physical storage. 3

4 Virtual Ethernet Switches Integrity VM virtualizes two major entities, computer systems (machines) and Ethernet network switches. These virtual switches may be connected to virtual Network Interface Cards (NICs) on a virtual machine and to logical network ports on the physical VM Host system. VLANs allow a physical LAN to be segmented into multiple broadcast domains so that machines in different VLANs may not communicate with each other. Integrity VM provides support for IEEE 802.1q VLAN functionality by enabling the configuration of ports on virtual switches to be isolated to a given VLAN. The virtual switch tags all frames sent by virtual machine through that port. Conversely, only those inbound frames tagged for that VLAN would be forwarded through that port to the virtual machine, with the virtual switch removing the tags for those inbound frames. Processor Virtualization Virtual machines can have one or more virtual processors. These virtual processors are effectively singe-core and single-threaded. Each virtual processor or virtual CPU (vcpu) is manifested as a single thread executing on the VM Host system. Integrity VM forces these threads to execute on separate physical processor cores while allowing them to begin execution at the same time. As a result, virtual SMPs are protected from processing sluggishness caused by non-synchronous execution of their virtual CPUs. At the same time, these virtual SMPs enjoy the benefits of the fair-share scheduling functionality, precluding denial of service attacks. Hyperthreading allows threads to share memory and state on a single processor and, as a result, may provide opportunities for other software or virtual machines to monitor the execution and state of another virtual machine. Integrity VM disables hyperthreading in the VM Host as well as inside the virtual machines themselves, eliminating the potential for such security breaches. Memory Virtualization When a virtual machine is started, the virtual machine monitor allocates memory on the VM Host system and presents that memory to the virtual machine as if it were private, physical memory. Each virtual machine is provided with a virtualized physical address spaced called guest physical memory. The guest operating system manages this guest-physical memory in exactly the same way the operating system manages physical memory on a physical computer system. The VMM manages the mapping of guest-physical memory to real-physical memory on the VM Host system. Any interaction of the guest operating system with its memory management entities such as page tables and translation look-aside buffers are intercepted by the VMM, controlling access to physical memory management structures. If the guest operating system or its applications attempt to access memory other than what has been allocated by the VMM, then Integrity VM delivers a fault to the guest operating system preventing such behavior sometimes referred to as hyperspacing. Integrity VM fills memory allocated initially to a virtual machine with zeros. Whenever a virtual machine uses dynamic memory control to acquire guest-physical memory, that memory is also zero filled before the VMM allows the virtual machine access. Hence, at any given point in time, a virtual machine has exclusive access to memory and the contents of that memory cannot contain data from any other virtual machine or process. 4

5 Storage Virtualization Integrity VM virtualizes the memory-mapped I/O architecture of the Itanium processor family. It intercepts loads and store to memory addresses that would represent physical devices in a real computer, and emulates the behavior of the corresponding devices. To allow guest operating systems to control I/O devices with complete isolation and flexibility and without adding virtualization-aware drivers, Integrity VM provides register-level emulation of I/O devices. Register-level emulation is accomplished by emulating the semantics of a device such that the existing device drivers in an operating system can communicate with the virtual device. The VMM contains device emulators that intercept memory accesses and take appropriate action. In most cases, these emulators format an I/O request message that is then sent on to the VM Host operating system. The VM Host operating system then sends the I/O request to its own device driver stack where it ultimately accesses the physical device. Upon completion of the I/O request, the real hardware delivers an external interrupt serviced by the VM Host, which causes the VMM to trigger the delivery of a virtual interrupt in the guest operating system. This interrupt signals to the guest operating system that its I/O transaction has completed. When the VMM intercepts I/O requests from the virtual machine, it validates I/O space addresses and ports, as well as data address ranges so that, for example, attempts to write to invalid media are prevented. Similarly, the VMM intercepts invalid instruction sequences resulting in faults delivered to the guest operating system delivering them. Integrity Virtual Machines also provides accelerated virtual I/O (AVIO) devices that deliver higher performance while still providing connectivity to logical storage and virtual switches. This functionality requires AVIO modules on both the VM Host system as well as the guest operating systems. The VM Host s AVIO module performs all address validation and translation of I/O requests before forwarding them on to the physical I/O device. This will ensure that virtual machines are not able to accidentally or maliciously corrupt memory on other virtual machines or the VM Host. Virtual Networking With Integrity VM, the virtual networking functionality is manifested as a combination of virtual network interface adapters on virtual machines, virtual Ethernet switches, the network stack on the VM Host system and, optionally, network ports on the VM Host. Virtual Ethernet Switches The virtual Ethernet switch dispatches network traffic among the various virtual machines on a system. It consists of a HP-UX kernel module that connects to the HP-UX network stack on the VM Host, and a user-space application that invokes that driver. The virtual switch (vswitch) has ports that can be connected to virtual network adapters, analogous to ports on a physical network switch and physical servers. The virtual switch may or may not be connected to a logical port on the VM Host system. If the virtual switch is not connected to such a port, then communication through that vswitch is limited to virtual adapters located on that physical VM Host system. Moreover, such a configuration also prevents communication with the VM Host system itself. The configuration of a vswitch so that it is connected to a logical network port on the VM Host system results in that vswitch being connected to the same network as the logical port. Note that the logical port itself need not have an IP address configured and, hence, aids in securing the vswitch and any virtual machines connected to that vswitch. 5

6 Virtual Network Interface Cards Virtual machine communication with other systems is only possible through virtual network interface cards connected to a vswitch. All network communication to and from the VM passes through the virtual network interface card (vnic) on its way to the vswitch. Integrity VM virtualizes multiple network interface devices implemented so that they all have a device emulator and a protocol driver in the VMM. All network traffic through a vnic must pass through these two entities. The protocol driver examines the source MAC address and IP address of each packet coming from the virtual machine. If these addresses do not match those of the virtual machine, then the packet goes no further. In doing so, the VMM prevents a given virtual machine from posing as another virtual machine or the physical VM Host system. As mentioned previously, Integrity VM provides AVIO network adapters for higher performance needs. The AVIO network modules on the virtual machine ensures that a guest cannot set the MAC address other than that which it has been defined with, preventing attempts by that virtual machine to pose as another virtual machine or the VM Host system. These AVIO network adapters may be connected to virtual switches along with other virtual network adapters. Due to the security functionality built into VLAN technology, multiple VLANs may be used on the same virtual switch as mentioned previously. To better isolate guests from other guests that are not in the same trust domain, it is good practice to isolate virtual switches to a single trust domain. Only guests that share the domain should have virtual NICs connected to the same virtual switch. To further isolate the virtual network from the VM Host system, define virtual switches to use logical ports on the VM Host that do not have an IP address configured. A graphical example of such a configuration is illustrated in Figure 1. 6

7 Figure 1 - Isolating virtual machines to separate network trust domains Virtual Machine Management Integrity virtual machines enable configuration and monitoring through a full-featured command line interface (CLI). Additionally, the Virtual Server Environment suite of tools provides a browser-based, graphical user interface (GUI) to Integrity VM. The CLI is available to privileged users on the physical VM Host system. Virtual machine management, monitoring, and console access is provided with the CLI. Command Line Interface The Integrity VM CLI provides for management of virtual machines residing on a given physical system through secure login to that system. Network connectivity to a third-party system (e.g., a management system) is not required to use the CLI. All options and option parameters are validated for appropriate length and character set before actual execution of the task. Pathnames are also validated for existence as well as appropriate device type corresponding to any paths provided. Integrity VM logs all command-line execution along with success or failure diagnostics, user name, and time of execution. 7

8 Graphical User Interface Virtual machine management with Integrity Virtual Machines may be achieved through the Integrity Virtual Machine Manager GUI. The GUI relies on Web Based Enterprise Management (WBEM) providers. These providers establish communication between the browser and the VM Host system with privileged login and the session is SSL-encrypted. These WBEM providers check all data request types and buffer ranges; all validated requests are for read-only data. Request types, options, and parameters are checked and validated before being passed on to the Integrity VM programmer interface libraries on the VM Host system. Customizable Roles for Access and Management Integrity VM provides secure access to virtual machine consoles. When you create the virtual machine, you can specify groups and user accounts that will have administration or operator privileges on that virtual machine. These users are allowed to log in to the VM Host under their own user accounts and to use the hpvmconsole command to perform system administration tasks on the virtual machine. A captive virtual console account is a special-purpose user account that may be created on the VM Host for each virtual machine administrator or operator. These types of user accounts have the console access command line interface for a login shell, and the desired virtual machine's per-virtualmachine-directory for a home directory. For virtual console access, the account also requires a password, and access to its associated guest. The net result is that a virtual machine s console may be accessed by a user without their having access to the VM Host itself. These types of console users are specified as either admin (guest administrators) or oper (virtual machine operators). Virtual machine operators can access to the virtual machine console, shut down and reboot the virtual machine, display system status, transfer control to another virtual machine operator or administrator, and set system identification. General Security for the VM Host System Depending on the environment, limiting access to the VM Host may be a good idea. The potential impact from an interruption of service on the VM Host is comparable for its virtual machines to a labwide service interruption. As such, HP recommends considering the use of bastille(1m) to help limit unintended access to VM Hosts. For many environments, the pre-defined configuration known as "Managed DMZ" is appropriate. Note, however, that this depends on local configuration needs and security policies. Even when those settings are not precisely what are required, they can be a good starting point. To run bastille with the Managed DMZ settings initially selected, first copy that configuration policy to the default location: # cp /etc/opt/sec_mgmt/bastille/configs/defaults/mandmz.config \ /etc/opt/sec_mgmt/bastille/config Then make changes to that configuration file as appropriate before running bastille: # bastille Be sure to read the information in the bastille(1m) manual and any security considerations for management software to be run on the VM Host before applying any bastille configuration. 8

9 Conclusion By leveraging its long history of providing secure hardware and software products, HP provides an extremely secure environment for virtualization of computer resources with Integrity Virtual Machines. Integrity VM reduces risk from threats while simplifying access control in a virtual environment, providing you with the confidence you need to securely execute your most business-critical applications while getting the most out of your computer system hardware investment. For more information Virtual Machine Security Guidelines, a white paper available from The Center for Internet Security at Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Itanium is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States and other countries. V1.0, October 2007

Configuring Virtual Blades

Configuring Virtual Blades CHAPTER 14 This chapter describes how to configure virtual blades, which are computer emulators that reside in a WAE or WAVE device. A virtual blade allows you to allocate WAE system resources for use

More information

ProCurve Manager Plus 2.2

ProCurve Manager Plus 2.2 NEW ProCurve Manager Plus 2.2 ProCurve Manager Plus 2.2 is a secure, advanced Windows -based network management platform that allows administrators to configure, update, monitor, and troubleshoot ProCurve

More information

QuickSpecs. HP Integrity Virtual Machines (Integrity VM) Overview. Currently shipping versions:

QuickSpecs. HP Integrity Virtual Machines (Integrity VM) Overview. Currently shipping versions: Currently shipping versions: HP Integrity VM (HP-UX 11i v2 VM Host) v3.5 HP Integrity VM (HP-UX 11i v3 VM Host) v4.1 Integrity Virtual Machines (Integrity VM) is a soft partitioning and virtualization

More information

Backup Strategies for Integrity Virtual Machines

Backup Strategies for Integrity Virtual Machines Backup Strategies for Integrity Virtual Machines Introduction...2 Basic Aspects of Data Protection for Virtual Environments...2 Backup and Recovery from the VM Host System...3 Backup and Recovery of Individual

More information

Top Ten Tips for Using Integrity Virtual Machines

Top Ten Tips for Using Integrity Virtual Machines Top Ten Tips for Using Integrity Virtual Machines Introduction... 3 #1 Do Not Install OS using Golden Image of a VM Host... 3 Symptoms: Performance, Reliability... 3... 3 #2 Install VM Kit in the Guests...

More information

The Microsoft Windows Hypervisor High Level Architecture

The Microsoft Windows Hypervisor High Level Architecture The Microsoft Windows Hypervisor High Level Architecture September 21, 2007 Abstract The Microsoft Windows hypervisor brings new virtualization capabilities to the Windows Server operating system. Its

More information

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines

VMWARE Introduction ESX Server Architecture and the design of Virtual Machines Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................

More information

HP Virtual Connect Ethernet Cookbook: Single and Multi Enclosure Domain (Stacked) Scenarios

HP Virtual Connect Ethernet Cookbook: Single and Multi Enclosure Domain (Stacked) Scenarios HP Virtual Connect Ethernet Cookbook: Single and Multi Enclosure Domain (Stacked) Scenarios Part number 603028-003 Third edition August 2010 Copyright 2009,2010 Hewlett-Packard Development Company, L.P.

More information

HP Intelligent Management Center v7.1 Virtualization Monitor Administrator Guide

HP Intelligent Management Center v7.1 Virtualization Monitor Administrator Guide HP Intelligent Management Center v7.1 Virtualization Monitor Administrator Guide Abstract This guide describes the Virtualization Monitor (vmon), an add-on service module of the HP Intelligent Management

More information

Introduction to Virtual Datacenter

Introduction to Virtual Datacenter Oracle Enterprise Manager Ops Center Configuring a Virtual Datacenter 12c Release 1 (12.1.1.0.0) E27347-01 June 2012 This guide provides an end-to-end example for how to use Oracle Enterprise Manager Ops

More information

Using HP ProLiant Network Teaming Software with Microsoft Windows Server 2008 Hyper-V or with Microsoft Windows Server 2008 R2 Hyper-V

Using HP ProLiant Network Teaming Software with Microsoft Windows Server 2008 Hyper-V or with Microsoft Windows Server 2008 R2 Hyper-V Using HP ProLiant Network Teaming Software with Microsoft Windows Server 2008 Hyper-V or with Microsoft Windows Server 2008 R2 Hyper-V HOWTO, 4 TH Edition Introduction... 2 Software requirements... 2 Order

More information

Full and Para Virtualization

Full and Para Virtualization Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels

More information

QuickSpecs. Overview. Compaq Remote Insight Lights-Out Edition

QuickSpecs. Overview. Compaq Remote Insight Lights-Out Edition Overview M ODELS Remote Insight Lights-Out Edition 157866-001 New Remote Insight Lights-Out Edition provides virtual graphical control using any standard browser to your remote or data centre server, giving

More information

Chapter 14 Virtual Machines

Chapter 14 Virtual Machines Operating Systems: Internals and Design Principles Chapter 14 Virtual Machines Eighth Edition By William Stallings Virtual Machines (VM) Virtualization technology enables a single PC or server to simultaneously

More information

HP Systems Insight Manager 7.0 and HP Agentless Management overview

HP Systems Insight Manager 7.0 and HP Agentless Management overview HP Systems Insight Manager 7.0 and HP Agentless Management overview Technology brief Introduction... 2 Overview of HP Agentless Management... 2 Using traditional OS-based management software... 4 Using

More information

Install Guide for JunosV Wireless LAN Controller

Install Guide for JunosV Wireless LAN Controller The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller

More information

HP VMware ESXi 5.0 and Updates Getting Started Guide

HP VMware ESXi 5.0 and Updates Getting Started Guide HP VMware ESXi 5.0 and Updates Getting Started Guide Abstract This guide is intended to provide setup information for HP VMware ESXi. HP Part Number: 616896-002 Published: August 2011 Edition: 1 Copyright

More information

Intel vpro Provisioning

Intel vpro Provisioning Intel vpro Provisioning Introduction............................................................ 2 AMT Setup and Configuration............................................... 2 SMB Mode - AMT Setup and

More information

Using Integrated Lights-Out in a VMware ESX environment

Using Integrated Lights-Out in a VMware ESX environment Using Integrated Lights-Out in a VMware ESX environment 2 nd Edition Technology Brief Abstract... 2 ilo architecture in a virtualized environment... 2 The benefits of ilo in a virtualized environment...

More information

ProLiant Essentials Intelligent Networking Active Path Failover in Microsoft Windows environments

ProLiant Essentials Intelligent Networking Active Path Failover in Microsoft Windows environments ProLiant Essentials Intelligent Networking Active Path Failover in Microsoft Windows environments white paper Abstract... 2 Introduction... 2 Benefits of Active Path Failover... 3 How the Active Path Failover

More information

Integrating HP Insight Management WBEM (WMI) Providers for Windows with HP System Insight Manager

Integrating HP Insight Management WBEM (WMI) Providers for Windows with HP System Insight Manager Integrating HP Insight Management WBEM (WMI) Providers for Windows with HP System Insight Manager Integration note, 4 th edition Introduction... 2 Utilizing HP WBEM Providers for Windows... 2 Security...

More information

How to manage non-hp x86 Windows servers with HP SIM

How to manage non-hp x86 Windows servers with HP SIM How to manage non-hp x86 Windows servers with HP SIM Introduction... 3 HP SIM inventory for non-hp x86 Windows servers... 3 Discovery and Identification... 3 Events... 4 System properties and reports...

More information

HP Serviceguard Cluster Configuration for Partitioned Systems

HP Serviceguard Cluster Configuration for Partitioned Systems HP Serviceguard Cluster Configuration for Partitioned Systems July 2005 Abstract...2 Partition configurations...3 Serviceguard design assumptions...4 Hardware redundancy...4 Cluster membership protocol...4

More information

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide Product overview... 3 Vulnerability scanning components... 3 Vulnerability fix and patch components... 3 Checklist... 4 Pre-installation

More information

ProCurve Networking. Troubleshooting WLAN Connectivity. Technical White paper

ProCurve Networking. Troubleshooting WLAN Connectivity. Technical White paper ProCurve Networking Troubleshooting WLAN Connectivity Technical White paper Introduction... 3 Identifying the Problem... 3 Troubleshooting Wireless Station Connection to AP... 4 Can Any Wireless Stations

More information

FortiAnalyzer VM (VMware) Install Guide

FortiAnalyzer VM (VMware) Install Guide FortiAnalyzer VM (VMware) Install Guide FortiAnalyzer VM (VMware) Install Guide December 05, 2014 05-520-203396-20141205 Copyright 2014 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiCare

More information

Performance and Recommended Use of AB545A 4-Port Gigabit Ethernet Cards

Performance and Recommended Use of AB545A 4-Port Gigabit Ethernet Cards Performance and Recommended Use of AB545A 4-Port Gigabit Ethernet Cards From Results on an HP rx4640 Server Table of Contents June 2005 Introduction... 3 Recommended Use Based on Performance and Design...

More information

HP-UX Role-Based Access Control B.11.31.04 Release Notes

HP-UX Role-Based Access Control B.11.31.04 Release Notes HP-UX Role-Based Access Control B.11.31.04 Release Notes HP Part Number: 5992-0628 Published: June 2007 Edition: E028 Copyright 2001 2007 Hewlett-Packard Development Company L.P. Confidential computer

More information

HP Insight Management Agents architecture for Windows servers

HP Insight Management Agents architecture for Windows servers HP Insight Management Agents architecture for Windows servers Technology brief, 2 nd edition Introduction... 3 A first look at the Insight Management Agents architecture... 3 HP Insight Management agents...

More information

5nine Security for Hyper-V Datacenter Edition. Version 3.0 Plugin for Microsoft System Center 2012 Virtual Machine Manager

5nine Security for Hyper-V Datacenter Edition. Version 3.0 Plugin for Microsoft System Center 2012 Virtual Machine Manager 5nine Security for Hyper-V Datacenter Edition Version 3.0 Plugin for Microsoft System Center 2012 Virtual Machine Manager November 2013 11 Table of Contents Summary... 5 System requirements... 5 Permissions...

More information

The Advantages of Multi-Port Network Adapters in an SWsoft Virtual Environment

The Advantages of Multi-Port Network Adapters in an SWsoft Virtual Environment The Advantages of Multi-Port Network Adapters in an SWsoft Virtual Environment Introduction... 2 Virtualization addresses key challenges facing IT today... 2 Introducing Virtuozzo... 2 A virtualized environment

More information

Microsoft Windows Compute Cluster Server 2003 Getting Started Guide

Microsoft Windows Compute Cluster Server 2003 Getting Started Guide Microsoft Windows Compute Cluster Server 2003 Getting Started Guide Part Number 434709-003 March 2007 (Third Edition) Copyright 2006, 2007 Hewlett-Packard Development Company, L.P. The information contained

More information

HP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances

HP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances HP Compaq dc7800p Business PC with Intel vpro Processor Technology and Virtual Appliances Introduction............................................................ 2 What is Virtualization?....................................................2

More information

HP-UX Support Tools Manager (STM) Release Notes

HP-UX Support Tools Manager (STM) Release Notes HP-UX Support Tools Manager (STM) Release Notes HP-UX 11i v3 Version: B.11.31.23.02 HP Part Number: 820365-001 Published: March 2015 Edition: 1 (April 2015) Legal Notices Copyright 2003, 2015 Hewlett-Packard

More information

Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U

Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U Datasheet Brings the performance and reliability of mainframe virtualization to blade computing BladeSymphony is the first true enterprise-class

More information

Introducing logical servers: Making data center infrastructures more adaptive

Introducing logical servers: Making data center infrastructures more adaptive Introducing logical servers: Making data center infrastructures more adaptive technology brief, 2 nd edition Abstract... 2 Introduction... 2 Overview of logical servers... 3 Why use logical servers?...

More information

Cisco Application Networking Manager Version 2.0

Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager Version 2.0 Cisco Application Networking Manager (ANM) software enables centralized configuration, operations, and monitoring of Cisco data center networking equipment

More information

Table of Contents. VMready. Virtual Machine-Aware Networking

Table of Contents. VMready. Virtual Machine-Aware Networking VMready Virtual Machine-Aware Networking White Paper Table of Contents Executive Summary... 2 Current Server Virtualization Environments... 3 Hypervisors... 3 Virtual Switches... 3 Leading Server Virtualization

More information

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D ware and CPU Virtualization Technology Jack Lo Sr. Director, R&D This presentation may contain ware confidential information. Copyright 2005 ware, Inc. All rights reserved. All other marks and names mentioned

More information

IP videoconferencing solution with ProCurve switches and Tandberg terminals

IP videoconferencing solution with ProCurve switches and Tandberg terminals An HP ProCurve Networking Application Note IP videoconferencing solution with ProCurve switches and Tandberg terminals Contents 1. Introduction... 3 2. Architecture... 3 3. Videoconferencing traffic and

More information

Chapter 5 Cloud Resource Virtualization

Chapter 5 Cloud Resource Virtualization Chapter 5 Cloud Resource Virtualization Contents Virtualization. Layering and virtualization. Virtual machine monitor. Virtual machine. Performance and security isolation. Architectural support for virtualization.

More information

Network Access Control ProCurve and Microsoft NAP Integration

Network Access Control ProCurve and Microsoft NAP Integration HP ProCurve Networking Network Access Control ProCurve and Microsoft NAP Integration Abstract...2 Foundation...3 Network Access Control basics...4 ProCurve Identity Driven Manager overview...5 Microsoft

More information

HP Auto Port Aggregation (APA) Release Notes

HP Auto Port Aggregation (APA) Release Notes HP Auto Port Aggregation (APA) Release Notes HP-UX 11i v3 HP Part Number: J4240-90036 Published: February 2007 Edition: February 2007, E0207 Copyright 2007 Hewlett-Packard Development Company, L.P. Confidential

More information

HP Cloud Map for TIBCO ActiveMatrix BusinessWorks: Importing the template

HP Cloud Map for TIBCO ActiveMatrix BusinessWorks: Importing the template HP Cloud Map for TIBCO ActiveMatrix BusinessWorks: Importing the template An HP Reference Architecture for TIBCO Technical white paper Table of contents Executive summary... 2 Solution environment... 2

More information

HP Operations Orchestration Software

HP Operations Orchestration Software HP Operations Orchestration Software Software Version: 9.00 Microsoft Hyper-V Integration Guide Document Release Date: June 2010 Software Release Date: June 2010 Legal Notices Warranty The only warranties

More information

Integrity Virtual Machines Technical Overview

Integrity Virtual Machines Technical Overview Integrity Virtual Machines Technical Overview Jörg Brand Support Zentrum Ratingen 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Agenda

More information

Exploring the Remote Access Configuration Utility

Exploring the Remote Access Configuration Utility Exploring the Remote Access Configuration Utility in Ninth-Generation Dell PowerEdge Servers The Remote Access Configuration Utility supports local and remote server management in ninth-generation Dell

More information

HP Serviceguard Cluster Configuration for HP-UX 11i or Linux Partitioned Systems April 2009

HP Serviceguard Cluster Configuration for HP-UX 11i or Linux Partitioned Systems April 2009 HP Serviceguard Cluster Configuration for HP-UX 11i or Linux Partitioned Systems April 2009 Abstract... 2 Partition Configurations... 2 Serviceguard design assumptions... 4 Hardware redundancy... 4 Cluster

More information

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines Dr. Johann Pohany, Virtualization Virtualization deals with extending or replacing an existing interface so as to

More information

Virtual Machine Security

Virtual Machine Security Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ 1 Operating System Quandary Q: What is the primary goal

More information

HP Data Protector software. Assuring Business Continuity in Virtualised Environments

HP Data Protector software. Assuring Business Continuity in Virtualised Environments HP Data Protector software Assuring Business Continuity in Virtualised Environments Would not it be great if your virtual server environment actually translated to a better reality? One where you could

More information

HP Device Manager 4.6

HP Device Manager 4.6 Technical white paper HP Device Manager 4.6 LDAP Troubleshooting Guide Table of contents Introduction... 2 HPDM LDAP-related context and background... 2 LDAP in HPDM... 2 Configuring User Authentication...

More information

HP network adapter teaming: load balancing in ProLiant servers running Microsoft Windows operating systems

HP network adapter teaming: load balancing in ProLiant servers running Microsoft Windows operating systems HP network adapter teaming: load balancing in ProLiant servers running Microsoft Windows operating systems white paper Introduction... 2 Overview of teaming and load balancing... 2 Transmit Load Balancing...

More information

Performance brief for IBM WebSphere Application Server 7.0 with VMware ESX 4.0 on HP ProLiant DL380 G6 server

Performance brief for IBM WebSphere Application Server 7.0 with VMware ESX 4.0 on HP ProLiant DL380 G6 server Performance brief for IBM WebSphere Application Server.0 with VMware ESX.0 on HP ProLiant DL0 G server Table of contents Executive summary... WebSphere test configuration... Server information... WebSphere

More information

Tunable Base Page Size

Tunable Base Page Size Tunable Base Page Size Table of Contents Executive summary... 1 What is Tunable Base Page Size?... 1 How Base Page Size Affects the System... 1 Integrity Virtual Machines Platform Manager... 2 Working

More information

Event Monitoring Service Version A.04.20.11 Release Notes

Event Monitoring Service Version A.04.20.11 Release Notes Event Monitoring Service Version A.04.20.11 Release Notes HP-UX 11i v1 December 2006 Manufacturing Part Number: B7609-90039 December 2006 Copyright 2006 Hewlett-Packard Development Company, L.P. Legal

More information

Virtualization for Cloud Computing

Virtualization for Cloud Computing Virtualization for Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF CLOUD COMPUTING On demand provision of computational resources

More information

HP Intelligent Management Center User Access Management Software

HP Intelligent Management Center User Access Management Software Data sheet HP Intelligent Management Center User Access Management Software Key features One central database of users and available services Advanced reporting capabilities Directory of network-attached

More information

How to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade

How to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade How to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade Executive summary... 2 System requirements... 2 Hardware requirements...

More information

NetScaler VPX FAQ. Table of Contents

NetScaler VPX FAQ. Table of Contents NetScaler VPX FAQ Table of Contents Feature and Functionality Frequently Asked Questions... 2 Pricing and Packaging Frequently Asked Questions... 4 NetScaler VPX Express Frequently Asked Questions... 5

More information

Review from last time. CS 537 Lecture 3 OS Structure. OS structure. What you should learn from this lecture

Review from last time. CS 537 Lecture 3 OS Structure. OS structure. What you should learn from this lecture Review from last time CS 537 Lecture 3 OS Structure What HW structures are used by the OS? What is a system call? Michael Swift Remzi Arpaci-Dussea, Michael Swift 1 Remzi Arpaci-Dussea, Michael Swift 2

More information

Jukka Ylitalo Tik-79.5401 TKK, April 24, 2006

Jukka Ylitalo Tik-79.5401 TKK, April 24, 2006 Rich Uhlig, et.al, Intel Virtualization Technology, Computer, published by the IEEE Computer Society, Volume 38, Issue 5, May 2005. Pages 48 56. Jukka Ylitalo Tik-79.5401 TKK, April 24, 2006 Outline of

More information

Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008

Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008 Best Practices Best Practices for Installing and Configuring the Hyper-V Role on the LSI CTS2600 Storage System for Windows 2008 Installation and Configuration Guide 2010 LSI Corporation August 13, 2010

More information

VMWARE WHITE PAPER 1

VMWARE WHITE PAPER 1 1 VMWARE WHITE PAPER Introduction This paper outlines the considerations that affect network throughput. The paper examines the applications deployed on top of a virtual infrastructure and discusses the

More information

GE Measurement & Control. Cyber Security for NEI 08-09

GE Measurement & Control. Cyber Security for NEI 08-09 GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4

More information

HP Converged Infrastructure Solutions

HP Converged Infrastructure Solutions HP Converged Infrastructure Solutions HP Virtual Connect and HP StorageWorks Simple SAN Connection Manager Enterprise Software Solution brief Executive summary Whether it is with VMware vsphere, Microsoft

More information

HP CloudSystem Enterprise

HP CloudSystem Enterprise Technical white paper HP CloudSystem Enterprise Creating a multi-tenancy solution with HP Matrix Operating Environment and HP Cloud Service Automation Table of contents Executive summary 2 Multi-tenancy

More information

ELEC 377. Operating Systems. Week 1 Class 3

ELEC 377. Operating Systems. Week 1 Class 3 Operating Systems Week 1 Class 3 Last Class! Computer System Structure, Controllers! Interrupts & Traps! I/O structure and device queues.! Storage Structure & Caching! Hardware Protection! Dual Mode Operation

More information

Virtualization System Security

Virtualization System Security Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability

More information

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE MODULE 3 VIRTUALIZED DATA CENTER COMPUTE Module 3: Virtualized Data Center Compute Upon completion of this module, you should be able to: Describe compute virtualization Discuss the compute virtualization

More information

An Oracle White Paper April 2010. Oracle VM Server for SPARC Enabling a Flexible, Efficient IT Infrastructure

An Oracle White Paper April 2010. Oracle VM Server for SPARC Enabling a Flexible, Efficient IT Infrastructure An Oracle White Paper April 2010 Oracle VM Server for SPARC Enabling a Flexible, Efficient IT Infrastructure Executive Overview... 1 Introduction... 1 Improving Consolidation Strategies Through Virtualization...

More information

features at a glance

features at a glance hp availability stats and performance software network and system monitoring for hp NonStop servers a product description from hp features at a glance Online monitoring of object status and performance

More information

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Microkernels, virtualization, exokernels. Tutorial 1 CSC469 Microkernels, virtualization, exokernels Tutorial 1 CSC469 Monolithic kernel vs Microkernel Monolithic OS kernel Application VFS System call User mode What was the main idea? What were the problems? IPC,

More information

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture Last Class: OS and Computer Architecture System bus Network card CPU, memory, I/O devices, network card, system bus Lecture 3, page 1 Last Class: OS and Computer Architecture OS Service Protection Interrupts

More information

Backup & Disaster Recovery Appliance User Guide

Backup & Disaster Recovery Appliance User Guide Built on the Intel Hybrid Cloud Platform Backup & Disaster Recovery Appliance User Guide Order Number: G68664-001 Rev 1.0 June 22, 2012 Contents Registering the BDR Appliance... 4 Step 1: Register the

More information

HP Intelligent Management Center Standard Software Platform

HP Intelligent Management Center Standard Software Platform Data sheet HP Intelligent Management Center Standard Software Platform Key features Highly flexible and scalable deployment Powerful administration control Rich resource management Detailed performance

More information

Using HP Systems Insight Manager to achieve high availability for Microsoft Team Foundation Server

Using HP Systems Insight Manager to achieve high availability for Microsoft Team Foundation Server Using HP Systems Insight Manager to achieve high availability for Microsoft Team Foundation Server Executive summary... 2 Audience... 2 Architecture... 3 Prerequisite... 4 Deploying AT servers... 5 Configuring

More information

Stateful Inspection Technology

Stateful Inspection Technology Stateful Inspection Technology Security Requirements TECH NOTE In order to provide robust security, a firewall must track and control the flow of communication passing through it. To reach control decisions

More information

HP System Management Homepage for OpenVMS V2.0 Release Notes

HP System Management Homepage for OpenVMS V2.0 Release Notes HP System Management Homepage for OpenVMS V2.0 Release Notes Copyright 2009 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use

More information

An Oracle Technical White Paper November 2011. Oracle Solaris 11 Network Virtualization and Network Resource Management

An Oracle Technical White Paper November 2011. Oracle Solaris 11 Network Virtualization and Network Resource Management An Oracle Technical White Paper November 2011 Oracle Solaris 11 Network Virtualization and Network Resource Management Executive Overview... 2 Introduction... 2 Network Virtualization... 2 Network Resource

More information

QuickSpecs. Models HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module

QuickSpecs. Models HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module Models HP MSR Open Application Platform (OAP) with VMware vsphere FIC Module HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module JG533A JG532A Key features Industry-leading VMware vsphere

More information

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines: Virtual Machines Uses for Virtual Machines Virtual machine technology, often just called virtualization, makes one computer behave as several computers by sharing the resources of a single computer between

More information

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various

More information

Best Practices for Using Integrity Virtual Machines

Best Practices for Using Integrity Virtual Machines Best Practices for Using Integrity Virtual Machines Introduction... 3 Basics Read This First... 3 Take Advantage of HP-UX on the Host... 4 System Management and Security... 4 Workload Management... 4 Instant

More information

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont. Objectives To describe the services an operating system provides to users, processes, and other systems To discuss the various ways of structuring an operating system Chapter 2: Operating-System Structures

More information

HP IMC Firewall Manager

HP IMC Firewall Manager HP IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW102-20120420 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this

More information

SUSE Linux Enterprise 10 SP2: Virtualization Technology Support

SUSE Linux Enterprise 10 SP2: Virtualization Technology Support Technical White Paper LINUX OPERATING SYSTEMS www.novell.com SUSE Linux Enterprise 10 SP2: Virtualization Technology Support Content and modifications. The contents of this document are not part of the

More information

Using the Enhanced Write Filter

Using the Enhanced Write Filter Using the Enhanced Write Filter HP Windows XP Embedded-based thin clients: t5630 t57x0 Abstract... 2 Introduction... 2 Benefits of the Enhanced Write Filter... 2 Enhanced Write Filter Status Service...

More information

ProCurve Web Managed Switches: Increase Control Without Complexity

ProCurve Web Managed Switches: Increase Control Without Complexity ProCurve Networking ProCurve Web Managed Switches: Increase Control Without Complexity Introduction... 2 What is a Web Managed Switch?... 2 Benefits of a Web Managed Switch... 2 Ideal Customer Environment...

More information

HP ProCurve Identity Driven Manager 3.0

HP ProCurve Identity Driven Manager 3.0 Product overview HP ProCurve Identity Driven Manager (IDM), a plug-in to HP ProCurve Manager Plus, dynamically provisions network security and performance settings based on user, device, location, time,

More information

Remote PC Guide for Standalone PC Implementation

Remote PC Guide for Standalone PC Implementation Remote PC Guide for Standalone PC Implementation Updated: 2007-01-22 The guide covers features available in NETLAB+ version 3.6.1 and later. IMPORTANT Standalone PC implementation is no longer recommended.

More information

Citrix MetaFrame Presentation Server 3.0 and Microsoft Windows Server 2003 Value Add Feature Guide

Citrix MetaFrame Presentation Server 3.0 and Microsoft Windows Server 2003 Value Add Feature Guide Citrix MetaFrame Presentation Server 3.0 and Microsoft Windows Server 2003 Value Add Feature Guide Advanced Functionality Basic Functionality Feature MANAGEMENT Microsoft Management Console Enhanced Connection

More information

HP Insight Diagnostics Online Edition. Featuring Survey Utility and IML Viewer

HP Insight Diagnostics Online Edition. Featuring Survey Utility and IML Viewer Survey Utility HP Industry Standard Servers June 2004 HP Insight Diagnostics Online Edition Technical White Paper Featuring Survey Utility and IML Viewer Table of Contents Abstract Executive Summary 3

More information

HP Helion CloudSystem 9.0: Using VMware ESXi Clusters as Compute Nodes

HP Helion CloudSystem 9.0: Using VMware ESXi Clusters as Compute Nodes HP Helion CloudSystem Enterprise and Foundation Software HP Helion CloudSystem 9.0: Using VMware ESXi Clusters as Compute Nodes This white paper provides an overview of VMware ESXi support in CloudSystem

More information

PARALLELS SERVER 4 BARE METAL README

PARALLELS SERVER 4 BARE METAL README PARALLELS SERVER 4 BARE METAL README This document provides the first-priority information on Parallels Server 4 Bare Metal and supplements the included documentation. TABLE OF CONTENTS 1 About Parallels

More information

Using Red Hat Network Satellite Server to Manage Dell PowerEdge Servers

Using Red Hat Network Satellite Server to Manage Dell PowerEdge Servers Using Red Hat Network Satellite Server to Manage Dell PowerEdge Servers Enterprise Product Group (EPG) Dell White Paper By Todd Muirhead and Peter Lillian July 2004 Contents Executive Summary... 3 Introduction...

More information

Hyper-V Networking. Aidan Finn

Hyper-V Networking. Aidan Finn Hyper-V Networking Aidan Finn About Aidan Finn Technical Sales Lead at MicroWarehouse (Dublin) Working in IT since 1996 MVP (Virtual Machine) Experienced with Windows Server/Desktop, System Center, virtualisation,

More information

SSL VPN Technology White Paper

SSL VPN Technology White Paper SSL VPN Technology White Paper Keywords: SSL VPN, HTTPS, Web access, TCP access, IP access Abstract: SSL VPN is an emerging VPN technology based on HTTPS. This document describes its implementation and

More information

An Oracle White Paper April 2012. Network Isolation in Private Database Clouds

An Oracle White Paper April 2012. Network Isolation in Private Database Clouds An Oracle White Paper April 2012 Network Isolation in Private Database Clouds Executive Overview... 1 Different types of network isolation... 2 Network Traffic Isolation... 3 Network Security Isolation...

More information

Microsoft SQL Server 2012 on Cisco UCS with iscsi-based Storage Access in VMware ESX Virtualization Environment: Performance Study

Microsoft SQL Server 2012 on Cisco UCS with iscsi-based Storage Access in VMware ESX Virtualization Environment: Performance Study White Paper Microsoft SQL Server 2012 on Cisco UCS with iscsi-based Storage Access in VMware ESX Virtualization Environment: Performance Study 2012 Cisco and/or its affiliates. All rights reserved. This

More information