Mitigating Information Security Risks of Virtualization Technologies
|
|
- Leslie Neal
- 2 years ago
- Views:
Transcription
1 Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved
2 Agenda Virtualization Overview Key Components of Secure Virtualization Technologies Achieving and Demonstrating Compliance Use Case: Securely Mixing Trust Zones
3 Virtualization Basics
4 Pools of Shared Resources Traditional View Virtual Infrastructure Exchange Operating VMware Infrastructure System PCI Operating VMware Infrastructure System VMware Infrastructure DNS Operating VMware Infrastructure System CRM Operating VMware Infrastructure System CPU Pool Memory Pool Storage Pool Interconnect Pool
5 How Virtualization Affects Security and Compliance Abstraction and Consolidation Capital and Operational Cost Savings New infrastructure layer to be secured Greater impact of attack or misconfiguration Collapse of switches and servers into one device Flexibility Cost-savings Lack of virtual network visibility No separation-by-default of administration 5
6 How Virtualization Affects Security and Compliance Faster deployment of servers IT responsiveness Lack of adequate planning Incomplete knowledge of current state of infrastructure Poorly Defined Procedures Inconsistent Configurations VM Mobility Improved Service Levels Identity divorced from physical location VM Encapsulation Ease of business continuity Consistency of deployment Hardware Independence Outdated offline systems Unauthorized copy 6
7 What not to worry about Hypervisor Rootkits Examples: Blue Pill, SubVirt, etc. These are ALL theoretical, highly complex attacks Widely recognized by security community as being only of academic interest Irrelevant Architectures Example: numerous reports claiming guest escape Apply only to hosted architecture (e.g. Workstation), not bare-metal (i.e. ESX) Hosted architecture deliberately include numerous channels for exchanging information between guest and host. Contrived Scenarios Example: VMotion intercept Involved exploits where Best practices around hardening, lockdown, design, for virtualization etc, not followed, or Poor general IT infrastructure security is assumed
8 Security Advantages of Virtualization Allows Automation of Many Manual Error Prone Processes Cleaner and Easier Disaster Recovery/Business Continuity Better Forensics Capabilities Faster Recovery After an Attack Patching is Safer and More Effective Better Control Over Desktop Resources More Cost Effective Security Devices App Virtualization Allows de-privileging of end users Better Lifecycle Controls Security Through VM Introspection
9 Primary Compliance Issue: Collocation of VMs on Same Physical Hardware Virtual Machines are dedicated and isolated entities abstracted from the physical hardware Isolation characteristics of VMs and virtual networks meet compliance requirements Configuration choices are key in meeting compliance requirements Misconfiguration is greatest risk to virtual infrastructure Virtual Infrastructure VMware Infrastructure CPU Pool Memory Pool Storage Pool Interconnect Pool
10 KEYS TO A SECURE VIRTUALIZED DEPLOYMENT
11 How do we secure our Virtual Infrastructure? Use the Principles of Information Security Hardening and Lockdown Defense in Depth Authorization, Authentication, and Accounting Separation of Duties and Least Privileges Administrative Controls For virtualization this means: Secure the Guests Harden the Virtualization layer Setup Access Controls Leverage Virtualization Specific Administrative Controls
12 Securing Virtual Machines Provide Same Protection as for Physical Servers Host Anti-Virus Patch Management Network Intrusion Detection/Prevention (IDS/IPS) Firewalls 12
13 vnic vnic vnic Isolation in the Architecture Production vswitch1 vmnic Prod Network Mgmt VMkernel Storage Mgmt Network vswitch2 Segment out all non-production networks Use VLAN tagging, or Use separate vswitch (see diagram) Strictly control access to management network, e.g. RDP to jump box, or VPN through firewall vcenter Other ESX/ESXi hosts IP-based Storage 13
14 Secure/Compliant Virtualization Platform Requirements Enterprise Features for Management Controls Strong Access Controls Centralized Authentication Granular Authorization Controls Configuration Management Audit and Logging A Flexible and Well Defined API
15 Enforce Strong Access Controls Joe Harry Security Principle Least Privileges Separation of Duties Implementation in Virtual Infrastructure Roles with only required privileges Roles applied only to required objects Administrator Operator Anne User
16 Maintain Tight Administrative Controls Requirement Configuration management, monitoring, auditing Track and Manage VM Updating of offline VMs Virtual network security
17 Achieving Regulatory Compliance Think Security First Design for Compliance Understand the Scope of the Requirements Ensure that Controls are Comprehensive Don t Rely on Technology Alone Assign the Right Project Manager Collaborate with the Auditor
18 Use Case: Securely Mixing Trust Zones Three Primary Configurations Physical Separation of Trust Zones Virtual Separation of Trust Zone with Physical Security Devices Fully collapsing all servers and security devices into a Virtual Infrastructure
19 Physical Separation of Trust Zones
20 Physical Separation of Trust Zones Advantages Simpler, less complex configuration Less change to physical environment Little change to separation of duties Less change in staff knowledge requirements Smaller chance of misconfiguration leading to a security issue Disadvantages Lower consolidation and utilization of resources Higher cost
21 Virtual Separation of Trust Zones with Physical Security Devices
22 Virtual Separation of Trust Zones with Physical Security Devices Advantages Better utilization of resources Take Full Advantage of Virtualization Benefits Lower cost Disadvantages (can be mitigated) More complexity Greater chance of misconfiguration
23 Fully Collapsed Trust Zones including Security Devices
24 Fully Collapsed Trust Zones including Security Devices Advantages Full utilization of resources, replacing physical security devices with virtual Lowest-cost option Management of entire DMZ and network from a single management workstation Disadvantages (can be mitigated) Greatest complexity, which in turn creates highest chance of misconfiguration Requirement for explicit configuration to define separation of duties to help mitigate risk of misconfiguration; also requires regular audits of configurations Potential loss of certain functionality, such as VMotion (Being mitigated by vendors and VMsafe)
25 Conclusion Understand Virtualization Technology Isolation Characteristics of VMs make Collocation of VMs Compliant Key Components of Secure Virtualization Technologies a Must Understand the Steps Necessary for Compliance
26 Questions? 2009 VMware Inc. All rights reserved
Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE
VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with
The growing importance of a secure Cloud environment
The growing importance of a secure Cloud environment Jan Tiri jtiri@vmware.com System Engineer, VMware BeLux 2009 VMware Inc. All rights reserved Cloud components Enterprises Cloud Service Providers Private
Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE
Virtualization Security and Best Practices Rob Randell, CISSP Senior Security Specialist SE Agenda General Virtualization Concepts Hardware Virtualization and Application Virtualization Types of Hardware
Network Segmentation in Virtualized Environments B E S T P R A C T I C E S
Network Segmentation in Virtualized Environments B E S T P R A C T I C E S ware BEST PRAC TICES Table of Contents Introduction... 3 Three Typical Virtualized Trust Zone Configurations... 4 Partially Collapsed
BEST PRACTICES. DMZ Virtualization with VMware Infrastructure
BEST PRACTICES DMZ Virtualization with ware Infrastructure ware BEST PRACTICES Table of Contents Virtualized DMZ Networks... 3 Three Typical Virtualized DMZ Configurations... 4 Partially Collapsed DMZ
Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com
Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. bstrongin@hytrust.com At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud
Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com
1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption
Securing the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion
TECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend.
The Impact of Virtualization on Network Security Discover. Determine. Defend. EXECUTIVE SUMMARY Virtualization is a concept that has become highly visible in the last few years because of its perceived
Making Data Security The Foundation Of Your Virtualization Infrastructure
Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges
5 Best Practices to Protect Your Virtual Environment
CONTENTS OF THIS WHITE PAPER Security Virtualization s Big Hurdle..1 Why Old-STyle Protections Fall short..2 Best Practices...3 Create A VM Service Good List... 3 Monitor and Protect the Hypervisor...
Business Values of Network and Security Virtualization
Business Values of Network and Security Virtualization VMware NSX in the context of the Software Defined Data Center Klaus Jansen Virtual Networks Sales Specialist VMware NSBU 2014 VMware Inc. All rights
Virtualization Impact on Compliance and Audit
2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance
Security for Virtualization
Security for Virtualization Dan Broasca General Manager Omnient SRL dan.broasca@omnient.ro The two concepts Virtualize the security Complete virtualized security and network infrastructure Security for
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
VMWARE Introduction ESX Server Architecture and the design of Virtual Machines
Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................
VMware vcloud Networking and Security Overview
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3
VMware Solution Guide for Payment Card Industry (PCI) September 2012 v1.3 VALIDATION DO CU MENT Table of Contents INTRODUCTION... 3 OVERVIEW OF PCI AS IT APPLIES TO CLOUD/VIRTUAL ENVIRONMENTS... 5 GUIDANCE
Security Compliance in a Virtual World
RSA Security Brief Security Compliance in a Virtual World Best Practices to Build a Solid Foundation Authors Bret Hartman, Chief Technology Officer, RSA, the Security Division of EMC Dr. Stephen Herrod,
managing the risks of virtualization
managing the risks of virtualization Chris Wraight CA Technologies 28 February 2011 Session Number 8951 abstract Virtualization opens the door to a world of opportunities and well managed virtualization
Measuring Hypervisor Footprints: Assessing Risk
Measuring Hypervisor Footprints: Assessing Risk Edward L. Haletky The Virtualization Practice, LLC Author of: VMware vsphere TM and Virtual Infrastructure Security: Securing the Virtual Environment Assessing,
Intro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
Sichere Virtualisierung mit VMware
Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information
David.Balka@chi.frb.org 2009 STREAM FRBC
Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework
Network Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
Meeting the Challenges of Virtualization Security
Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization
An overwhelming majority of IaaS clouds leverage virtualization for their foundation.
1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources
Presentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012
Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:
Virtualization, SDN and NFV
Virtualization, SDN and NFV HOW DO THEY FIT TOGETHER? Traditional networks lack the flexibility to keep pace with dynamic computing and storage needs of today s data centers. In order to implement changes,
Product Description. Product Overview
DATASHEET vgw Gateway Product Overview The vgw Gateway provides a best-in-class virtual firewall to meet the unique security challenges of virtual data centers and clouds. IT teams can now secure their
Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security
WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization
The Top 8 Questions to ask about Virtualization in a PCI Environment
A COALFIRE WHITE PAPER The Top 8 Questions to ask about Virtualization in a PCI Environment DALLAS DENVER LOS ANGELES NEW YORK SEATTLE 877.224.8077 info@coalfire.com www.coalfire.com This paper provides
Overcoming Security Challenges to Virtualize Internet-facing Applications
Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing
VirtualclientTechnology 2011 July
WHAT S NEW IN VSPHERE VirtualclientTechnology 2011 July Agenda vsphere Platform Recap vsphere 5 Overview Infrastructure Services Compute, Storage, Network Applications Services Availability, Security,
VMware vsphere Design. 2nd Edition
Brochure More information from http://www.researchandmarkets.com/reports/2330623/ VMware vsphere Design. 2nd Edition Description: Achieve the performance, scalability, and ROI your business needs What
Potecting your business assets in The Cloud, with. Secure Multitency Environment from CloudHPT.
Potecting your business assets in The Cloud, with Secure Multitency Environment from CloudHPT. Whitepaper 1 Introduction Goal of This Document To provide a guide to the security features of CloudHPT. CloudHPT
What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant
What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant Nationwide Insurance Learning Objectives Understand the fundamentals of virtualization and supporting architecture Develop
Trend Micro Cloud Protection
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
Solving the Desktop Dilemma
Solving the Desktop Dilemma Enterprise Desktop Solutions Raymond Sleiman DL Groupe GMG rsleiman@dlge.ch Mobile :079 200 81 03 Agenda What is VMware View 3 What s new with VMware View 3 Architecture RTO
H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments
H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
Delivering the Software Defined Data Center
Delivering the Software Defined Data Center Georgina Schäfer Sr. Product Marketing Manager VMware Calvin Rowland, VP, Business Development F5 Networks 2014 VMware Inc. All rights reserved. F5 & Vmware
Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
What s New with VMware Virtual Infrastructure
What s New with VMware Virtual Infrastructure Virtualization: Industry-Standard Way of Computing Early Adoption Mainstreaming Standardization Test & Development Server Consolidation Infrastructure Management
Learn the Essentials of Virtualization Security
Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption
Virtualization Security Checklist
Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating
ADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure
ADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure Patrick Daigle, VCP, VMware Operations Team Lead, CGI/ITM John Y. Arrasjid, VCP, Sr. Consulting Architect, VMware Agenda Compliance
Securing the private cloud
Securing the private cloud Gary Gardiner Security Engineer 2011 Check Point Software Technologies Ltd. [Unrestricted] For everyone Top Trends of 2011 1 2 3 4 5 6 7 8 9 Virtualization & Cloud Computing
Solutions as a Service N.Konstantinidis Technical Director - MNG
Med Nautilus Greece Connected World April 10, 2014 Solutions as a Service N.Konstantinidis Technical Director - MNG MedNautilus Greece Solutions as a Service 2014 SINCE 2002 Data Center Physical Colocation
Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0
WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,
VMware for your hosting services
VMware for your hosting services Anindya Kishore Das 2009 VMware Inc. All rights reserved Everybody talks Cloud! You will eat your cloud and you will like it! Everybody talks Cloud - But what is it? VMware
End to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!
Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Ravi Kumar, Group Product Marketing Manager - Security, VMware Bob Kalka, Director, IBM Security Solutions, IBM The Rise
Endpoint Security: Become Aware of Virtual Desktop Infrastructures!
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
Catbird vsecurity : Security and Compliance For The Virtualized Data Center
Catbird vsecurity : Security and Compliance For The Virtualized Data Center www.catbird.com 2011 Catbird All rights reserved Catbird vsecurity: Securing the Virtual & Cloud Data Center Executive Summary
Secure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
Security in the Software Defined Data Center
Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined
Technology Insight Series
Advancing VMware-based Data Resilience John Webster August, 2011 Technology Insight Series Evaluator Group Advancing VMware-based Data Resilience Copyright 2011 Evaluator Group, Inc. All rights reserved.
VMsources Group Inc. www.vmsources.com 1-866-644-7764
VMware Horizon View 6 Virtual Desktop Deployment COURSE DESCRIPTION Our VMware View class offers participants the most extensive training available in the Installation, Configuration and Management of
CS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
VMware Virtual Infrastucture From the Virtualized to the Automated Data Center
VMware Virtual Infrastucture From the Virtualized to the Automated Data Center Senior System Engineer VMware Inc. ngalante@vmware.com Agenda Vision VMware Enables Datacenter Automation VMware Solutions
Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5
Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs
Virtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
How to Achieve Operational Assurance in Your Private Cloud
How to Achieve Operational Assurance in Your Private Cloud As enterprises implement private cloud and next-generation data centers to achieve cost efficiencies and support business agility, operational
Expert Reference Series of White Papers. VMware vsphere Distributed Switches
Expert Reference Series of White Papers VMware vsphere Distributed Switches info@globalknowledge.net www.globalknowledge.net VMware vsphere Distributed Switches Rebecca Fitzhugh, VCAP-DCA, VCAP-DCD, VCAP-CIA,
A Look at the New Converged Data Center
Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable
Secure networks are crucial for IT systems and their
ISSA The Global Voice of Information Security Network Security Architecture By Mariusz Stawowski ISSA member, Poland Chapter Secure networks are crucial for IT systems and their proper operation. Essential
Protect Root Abuse privilege on Hypervisor (Cloud Security)
Protect Root Abuse privilege on Hypervisor (Cloud Security) Nantharat Puwarang, CISSP Senior Technical Consultant Protect Software Defined Data Center 1 The Road to Software Defined Data Centers: Virtualization
VMware: Advanced Security
VMware: Advanced Security Course Introduction Course Introduction Chapter 01 - Primer and Reaffirming Our Knowledge Primer and Reaffirming Our Knowledge ESX Networking Components How Virtual Ethernet Adapters
PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre
Unlock the full potential of data centre virtualisation with micro-segmentation Making software-defined security (SDS) work for your data centre Contents 1 Making software-defined security (SDS) work for
Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Eric A. Hibbard, CISSP, CISA Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies and individual members may
SECURITY MODELS FOR CLOUD 2012. Kurtis E. Minder, CISSP
SECURITY MODELS FOR CLOUD 2012 Kurtis E. Minder, CISSP INTRODUCTION Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer Salesperson
SECURITY IN OPERATING SYSTEM VIRTUALISATION
SECURITY IN OPERATING SYSTEM VIRTUALISATION February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in
Desktop Support Advanced Virtual Desktop Initiative
Desktop Support Advanced Virtual Desktop Initiative Rick Downs and Jim Jokl University of Virginia June 2011 CSG Meeting Virtual Desktop History at UVa The Hive: Virtualized Public Computer Labs The State
Securing the Physical, Virtual, Cloud Continuum
Securing the Physical, Virtual, Cloud Continuum By Ted Ritter, CISSP Senior Research Analyst Executive Summary The data center is undergoing a radical shift, from virtualization towards internal cloud
How Does Virtualization Change Your Approach to Enterprise Security and Compliance?
HowDoesVirtualizationChangeYour ApproachtoEnterpriseSecurityand Compliance? SevenStepstoaVirtual awaresecuritystrategy. MichaelBaum Co founder ChiefCorporate&Business DevelopmentOfficer ScottShepard CISSP,CISM
Shifting Roles for Security in the Virtualized Data Center: Who Owns What?
Shifting Roles for Security in the Virtualized Data Center: Who Owns What? SESSION ID: CSV-T07 Rob Randell, CISSP Director Systems Engineering Principal Security Architect VMware / NSBU Malcolm Rieke Director
Data Center Manager (DCM)
DATA SHEET Data Center Manager (DCM) Unified Virtual/Physical Data Center Fabric Management Benefits LOWER OPERATIONAL COSTS High degree of automation within physical and virtual environments to streamline
Netzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
Cloud Security. Securing what you can t touch. Presentation to Malaysia Government Cloud Computing Forum 2012-04-05 HUAWEI TECHNOLOGIES CO., LTD.
2012-04-05 Cloud Security Securing what you can t touch www.huawei.com www.huawei.com Presentation to Malaysia Government Cloud Computing Forum HUAWEI TECHNOLOGIES CO., LTD. Why worry about cloud security?
Securing the Virtual Environment
Securing the Virtual Environment January 13, 2012 Nathaniel C. Gravel, CISA, CISM, CRISC Director Information Security Practice GraVoc Associates, Inc. Founded in 1994 Located in Peabody, MA Organized
PCI Compliance in a Virtualized World
PCI Compliance in a Virtualized World Security Technology Infrastructure Security Integration 24x7 Support MSS Training Information Assurance Staff Augmentation Presenters John Clark QSA, PMP, CISA, CISSP
VCE Addendum to VMware Solution Guide for Payment Card Industry Data Security Standard
March 2013 Solution Guide for Payment Card Industry (PCI) Partner Addendum VCE Addendum to VMware Solution Guide for Payment Card Industry Data Security Standard VCE Vblock Systems The findings and recommendations
Securing the Administration of Virtualization
Securing the Administration of Virtualization An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Market Research Report Prepared for RSA, The Security Division of EMC March 2010 IT MANAGEMENT RESEARCH, Table of
Security Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
Lecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
A comprehensive framework for securing virtualized data centers. Business white paper
A comprehensive framework for securing virtualized data centers Business white paper Contents Experiencing the virtualization wave...3 Addressing virtualization security challenges...3 Understanding security
IOS110. Virtualization 5/27/2014 1
IOS110 Virtualization 5/27/2014 1 Agenda What is Virtualization? Types of Virtualization. Advantages and Disadvantages. Virtualization software Hyper V What is Virtualization? Virtualization Refers to
T4 - Process Control: Virtualization for Manufacturing
T4 - Process Control: Virtualization for Manufacturing Insert Photo Here Anthony Baker PlantPAx Characterization & Lab Manager Rockwell Automation Rockwell Automation Process Solutions User Group (PSUG)
Secure your Virtual World with Cyberoam
White paper Secure your Virtual World with Cyberoam www.cyberoam.com Virtualization The Why and the What... Rising Data Center costs... Ever-increasing demand for data storage... Under-utilized processors...
Cloud Service Providers Overcoming security and compliance barriers
Cloud Service Providers Overcoming security and compliance barriers Dr Theodoros Stergiou, CEng, CPMM Security Solutions Product Manager & Cloud Security Officer Agenda A brief introduction Security barriers
365 Evans Suite 300 Toronto, Ontario M8Z 1K2 Phone: Fax:
Course: Virtualization with VMware ESX and VirtualCenter Description: Price: $2,895.00 Category: VMware Duration: 5 days Schedule: Request Dates Outline: This class is a 5-day (optional 4-day) intense
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,
Decrease your HMI/SCADA risk
Decrease your HMI/SCADA risk Key steps to minimize unplanned downtime and protect your organization. Are you running your plant operations with serious risk? Most industrial applications lack recommended
Locking Down the Cloud for Healthcare. Kurt Hagerman Chief Information Security Officer
Locking Down the Cloud for Healthcare Kurt Hagerman Chief Information Security Officer SECURITY TRENDS Healthcare businesses are fighting REAL threats Threats are growing over time by percent of breaches