VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE
|
|
- Coleen Powers
- 8 years ago
- Views:
Transcription
1 VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE
2 Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with Virtualization Future of Virtualization Security 2
3 Security Advantages of Virtualization Better Forensics Capabilities Faster Recovery After an Attack Patching is Safer and More Effective Better Control Over Desktop Resources More Cost Effective Security Devices 3
4 Security Concepts in Architecture Extended Computing Stack (Hypervisor) Guest Isolation Host Visibility from the Guest Greater co-location of data and assets on one box Management Interfaces Service Console VirtualCenter Hosted vs. Bare Metal 4
5 Security Concepts: Extended Computing Stack and Guest Isolation Standard x86 VMware ESX Hypervisor VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 5
6 Are there any Hypervisor Attack Vectors? There are currently no known hypervisor attack vectors to date that have lead to VM Escape Architectural Vulnerability Designed specifically with Isolation in Mind Software Vulnerability Possible like with any code written by humans Small Code Footprint of Hypervisor (~32MB) Makes it Easier to Audit Depends on VMware Security Response and Patching If a software vulnerability is found, exploit difficulty will be very high Commonly cited: Blue Pill, SubVirt These are NOT hypervisor vulnerabilities, Use the concept of a hypervisor to create advanced malware These can only affect non-virtualized operating systems 6
7 VMware Architecture: Isolation and Containment VMM Security Design Highlights Privileged instructions within a VM are de-privileged and run within an isolated virtual memory space VMs have no direct access to hardware, only have visibility to virtual devices VMs can only communicate with each other through Virtual Switches Resource reservations and limits guarantees performance isolation OS and applications within a VM run as is with no modification (hence no recertification required) VMM Production Use Proof Points CC EAL 4+ certification ESX and VC Passed security audit and put into production by the largest Financial Institutions Passed Defense and Security Agencies scrutiny and audit (NetTop and HAP) Large number of customers run mission critical and transaction processing applications 7
8 Security Concepts in Architecture Extended Computing Stack (Hypervisor) Guest Isolation Host Visibility from the Guest Greater co-location of data and assets on one box Management Interfaces Service Console VirtualCenter Hosted vs. Bare Metal 8
9 Greater Collocation of Data on One Box Web Server Database Server PCI Server Domain Controller VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 9
10 Concern: Virtualizing the DMZ / Mixing Trust Zones Three Primary Configurations: Physical Separation of Trust Zones Virtual Separation of Trust Zone with Physical Security Devices Fully collapsing all servers and security devices into a VI3 infrastructure Also Applies to PCI Requirements 2.2.1, 1.1.x, 6.3.2, and
11 Physical Separation of Trust Zones VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 11
12 Virtual Separation of Trust Zone with Physical Security Devices VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 12
13 Full Collapse DMZ in a Box VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 13
14 Security Concepts in Architecture Extended Computing Stack (Hypervisor) Guest Isolation Host Visibility from the Guest Greater co-location of data and assets on one box Management Interfaces Service Console VirtualCenter Hosted vs. Bare Metal 14
15 Management Interfaces: Service Console Interface for advanced ESX Server Management VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 15
16 VMware ESXi: The next step in Virtualization Security Unmatched security and reliability: Compact 32MB footprint OS independence means minimal interfaces and a small attack profile Embedded in hardware --- reduces risk of tampering Unstructured Service Console management replaced by controlled API-based management Open ports highly limited. 16
17 Management Interfaces: VirtualCenter VirtualCenter: primary management tool Encrypted communication Integration with global security framework, e.g. Authentication via Active Directory Detailed auditing Extensive roles system for finegrained separation-of-duties Operational Best Practices for maximum security, e.g. Dedicated management network Lock-down of Administrator access 17
18 Security Concepts in Architecture Extended Computing Stack (Hypervisor) Guest Isolation Host Visibility from the Guest Greater co-location of data and assets on one box Management Interfaces Service Console VirtualCenter Hosted vs. Bare Metal 18
19 Hosted Virtualization vs. Bare Metal Virtualization Hosted Virtualization Bare-Metal Virtualization VMware Workstation VMware Server VMware Player Host OS Changes Security Profile Greatly VMware ESX Server VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 19
20 Common Misconception about VMware Security Hosted Platforms Guest Escape Vulnerabilities Does NOT affect ESX only hosted platforms (Workstation and Server) Not exactly escape nor a hypervisor vulnerability Uses documented communication interface for hosted features such as drag-n-drop, cut n-paste, and shared folders. This communication interface can be disabled (on by default) 20
21 Adapt existing security processes Adapt existing security solutions Operational Security Issues The datacenter becomes much more dynamic and flexible Misconfiguration is #1 Risk 21
22 How do we secure our Virtual Infrastructure? Use the Principles of Information Security Hardening and Lockdown Defense in Depth Authorization, Authentication, and Accounting Separation of Duties and Least Privileges Administrative Controls 22
23 Best Practices References Security Design of the VMware Infrastructure 3 Architecture ( VMware Infrastructure 3 Security Hardening ( Managing VMware VirtualCenter Roles and Permissions ( DISA STIG and Checklist for VMware ESX ( ( r_2008.pdf) CIS (Center for Internet Security) Benchmark ( Xtravirt Virtualization Security Risk Assessment ( 75&func=fileinfo&id=15) 23
24 The Future of Virtualization Security
25 Leveraging Virtualization To Solve Security Problems Security solutions are facing a growing problem Protection engines do not get complete visibility in and below the OS Protection engines are running in the same context as the malware they are protecting against Even those that are in a safe context, can t see other contexts (e.g. network protection has no host visibility). Virtualization can provide the needed visibility Better Context Provide protection from outside the OS, from a trusted context New Capabilities view all interactions and contexts CPU Memory Network Storage VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 25
26 Introducing VMsafe Security VM HIPS Firewall IPS/IDS Anti-Virus Security API ESX New security solutions can be developed and integrated into VMware virtual infrastructure Protect the VM by inspection of virtual components (CPU, Memory, Network and Storage) Complete integration and awareness of VMotion, Storage VMotion, HA, etc. Provides an unprecedented level of security for the application and the data inside the VM VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 26
27 VMsafe APIs API s for all virtual hardware components of the VM CPU/Memory Inspection Inspection of specific memory pages being used by the VM or it applications Knowledge of the CPU state Policy enforcement through resource allocation of CPU and memory pages Networking View all IO traffic on the host Ability to intercept, view, modify and replicate IO traffic from any one VM or all VM s on a single host. Capability to provide inline or passive protection Storage Ability to mount and read virtual disks (VMDK) Inspect IO read/writes to the storage devices Transparent to the device and inline of the ESX Storage stack VMware Confidential/Proprietary Copyright 2006 VMware, Inc. All rights reserved. 27
28 Questions? Rob Randell, CISSP Senior Security Specialist SE
Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE
Virtualization Security and Best Practices Rob Randell, CISSP Senior Security Specialist SE Agenda General Virtualization Concepts Hardware Virtualization and Application Virtualization Types of Hardware
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationSecurely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Securely Architecting the Internal Cloud Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Securely Building the Internal Cloud Virtualization is the Key How Virtualization Affects
More informationSichere Virtualisierung mit VMware
Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information
More informationCedric Rajendran VMware, Inc. Security Hardening vsphere 5.5
Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5 Agenda Security Hardening vsphere 5.5 ESXi Architectural Review ESXi Software Packaging The ESXi Firewall ESXi Local User Security Host Logs
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More informationVMware ESXi 3.5 update 2
VMware ESXi 3.5 update 2 VMware ESXi 3.5 Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor for FREE Partitions servers to create
More informationThe growing importance of a secure Cloud environment
The growing importance of a secure Cloud environment Jan Tiri jtiri@vmware.com System Engineer, VMware BeLux 2009 VMware Inc. All rights reserved Cloud components Enterprises Cloud Service Providers Private
More informationUnmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Eric A. Hibbard, CISSP, CISA Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies and individual members may
More informationKeith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com
1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationNetwork Segmentation in Virtualized Environments B E S T P R A C T I C E S
Network Segmentation in Virtualized Environments B E S T P R A C T I C E S ware BEST PRAC TICES Table of Contents Introduction... 3 Three Typical Virtualized Trust Zone Configurations... 4 Partially Collapsed
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationBEST PRACTICES. DMZ Virtualization with VMware Infrastructure
BEST PRACTICES DMZ Virtualization with ware Infrastructure ware BEST PRACTICES Table of Contents Virtualized DMZ Networks... 3 Three Typical Virtualized DMZ Configurations... 4 Partially Collapsed DMZ
More informationWhat s New with VMware Virtual Infrastructure
What s New with VMware Virtual Infrastructure Virtualization: Industry-Standard Way of Computing Early Adoption Mainstreaming Standardization Test & Development Server Consolidation Infrastructure Management
More informationmanaging the risks of virtualization
managing the risks of virtualization Chris Wraight CA Technologies 28 February 2011 Session Number 8951 abstract Virtualization opens the door to a world of opportunities and well managed virtualization
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the
More informationSecuring Your Journey to the Cloud. Thomas J. Miller Executive Vice President
Securing Your Journey to the Cloud Thomas J. Miller Executive Vice President February 23, 2011 Classification 2/24/2011 Copyright 2011 Trend Micro Inc. 1 Have you ever tried to explain Virtualization to
More informationVMware Virtual Infrastucture From the Virtualized to the Automated Data Center
VMware Virtual Infrastucture From the Virtualized to the Automated Data Center Senior System Engineer VMware Inc. ngalante@vmware.com Agenda Vision VMware Enables Datacenter Automation VMware Solutions
More informationMaking Data Security The Foundation Of Your Virtualization Infrastructure
Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationSecurity. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;
Security N Environments '' J J H -. i ^ s j}! Dave Shackleford '**»* t i j i««; l:i in: John Wiley &. Sons, Inc. Contents Introduction.. : xix Chapter l Fundamentals of Virtualization Security Virtualization
More informationVirtual Computing and VMWare. Module 4
Virtual Computing and VMWare Module 4 Virtual Computing Cyber Defense program depends on virtual computing We will use it for hands-on learning Cyber defense competition will be hosted on a virtual computing
More informationHP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion
More informationPresentation for ISACA Chapter NL. Auditing Virtual Servers. VMware: Security and Operations. Gert-Jan Timmer 3. September, 2012
Presentation for ISACA Chapter NL Auditing Virtual Servers VMware: Security and Operations Gert-Jan Timmer 3. September, 2012 Auditing Virtual Servers: Vmware: Security and Operations Presentation today:
More informationPICO Compliance Audit - A Quick Guide to Virtualization
WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization
More informationVMware: Advanced Security
VMware: Advanced Security Course Introduction Course Introduction Chapter 01 - Primer and Reaffirming Our Knowledge Primer and Reaffirming Our Knowledge ESX Networking Components How Virtual Ethernet Adapters
More informationVMWARE Introduction ESX Server Architecture and the design of Virtual Machines
Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................
More informationHow Does Virtualization Change Your Approach to Enterprise Security and Compliance?
HowDoesVirtualizationChangeYour ApproachtoEnterpriseSecurityand Compliance? SevenStepstoaVirtual awaresecuritystrategy. MichaelBaum Co founder ChiefCorporate&Business DevelopmentOfficer ScottShepard CISSP,CISM
More informationEnabling Technologies for Distributed Computing
Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF Multi-core CPUs and Multithreading Technologies
More informationManaged Object - PerformanceManager http://www.vmware.com/support/developer/vc-sdk/visdk400pubs/referenceguide/vim.performancemanager.
URLs disponibles dans http://www.tdeig.ch/vmware/liens.pdf mise à jour du 17 juin 2011 / GL Documents vsphere Introduction to VMware vsphere http://www.vmware.com/pdf/vsphere4/r40/vsp_40_intro_vs.pdf Basic
More informationVirtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies
Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Kurt Klemperer, Principal System Performance Engineer kklemperer@blackboard.com Agenda Session Length:
More informationRED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES
RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationVirtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,
More informationThe Top 8 Questions to ask about Virtualization in a PCI Environment
A COALFIRE WHITE PAPER The Top 8 Questions to ask about Virtualization in a PCI Environment DALLAS DENVER LOS ANGELES NEW YORK SEATTLE 877.224.8077 info@coalfire.com www.coalfire.com This paper provides
More informationEMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management
EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Applied Technology Abstract Securing a Microsoft Exchange e-mail environment presents a myriad of challenges and compliance issues
More informationVirtualization & Cloud Computing Risks NASSCOM-DSCI Information Security Summit 2009 November 24, 2009
Virtualization & Cloud Computing Risks NASSCOM-DSCI Information Security Summit 2009 November 24, 2009 Felix Mohan CISO, Bharti Airtel Ltd Virtualization & Cloud Computing Strategic Technologies with Significant
More informationArchitecting Security for the Private Cloud. Todd Thiemann
Architecting Security for the Private Cloud Todd Thiemann Classification 4/9/2010 Copyright 2009 Trend Micro Inc. 1 The Evolving Datacenter Lowering Costs, Increasing Flexibility Public Cloud Private Cloud
More informationPreparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
More informationVirtualization Security Checklist
Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating
More informationCOS 318: Operating Systems. Virtual Machine Monitors
COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationRunning VirtualCenter in a Virtual Machine
VMWARE TECHNICAL NOTE VirtualCenter 2.x Running VirtualCenter in a Virtual Machine Running VirtualCenter in a virtual machine is fully supported by VMware to the same degree as if it were installed on
More informationTECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend.
The Impact of Virtualization on Network Security Discover. Determine. Defend. EXECUTIVE SUMMARY Virtualization is a concept that has become highly visible in the last few years because of its perceived
More informationDistributed and Cloud Computing
Distributed and Cloud Computing K. Hwang, G. Fox and J. Dongarra Chapter 3: Virtual Machines and Virtualization of Clusters and datacenters Adapted from Kai Hwang University of Southern California March
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationAuditing Virtualized Environments
Auditing Virtualized Environments 11 CHAPTER Innovations in operating system virtualization and server hardware permanently changed the footprint, architecture, and operations of data centers. This chapter
More informationDMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch
DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationCloud Computing #6 - Virtualization
Cloud Computing #6 - Virtualization Main source: Smith & Nair, Virtual Machines, Morgan Kaufmann, 2005 Today What do we mean by virtualization? Why is it important to cloud? What is the penalty? Current
More informationTenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationHow To Protect Virtualized Data From Security Threats
S24 Virtualiza.on Security from the Auditor Perspec.ve Rob Clyde, CEO, Adap.ve Compu.ng; former CTO, Symantec David Lu, Senior Product Manager, Trend Micro Hemma Prafullchandra, CTO/SVP Products, HyTrust
More informationHow Virtualization Affects PCI DSS
How Virtualization Affects PCI DSS Part 2: A Review of the Top 5 Issues Authors: William Hau Vice President Professional Services Foundstone Professional Services Rudolph Araujo Director Foundstone Professional
More informationWhat is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant
What is Virtualization and How Do I Audit It? Rick Schnierer and Chris Tennant Nationwide Insurance Learning Objectives Understand the fundamentals of virtualization and supporting architecture Develop
More informationFull and Para Virtualization
Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationShavlik NetChk Protect 7.1
Shavlik NetChk Protect 7.1 New s in Shavlik NetChk Protect 7.1 Asset Management Define asset scans for physical and virtual machines for Software Assets, Hardware Assets, and Virtual Machine Assets. This
More informationCPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers
CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture 4 Virtualization of Clusters and Data Centers Text Book: Distributed and Cloud Computing, by K. Hwang, G C. Fox, and J.J. Dongarra,
More informationVirtualization: an old concept in a new approach
MPRA Munich Personal RePEc Archive Virtualization: an old concept in a new approach Logica Banica and Doina Rosca and Cristian Stefan University of Pitesti, Faculty of Economics, University of Craiova,
More informationSolutions as a Service N.Konstantinidis Technical Director - MNG
Med Nautilus Greece Connected World April 10, 2014 Solutions as a Service N.Konstantinidis Technical Director - MNG MedNautilus Greece Solutions as a Service 2014 SINCE 2002 Data Center Physical Colocation
More informationVirtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!
Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Ravi Kumar, Group Product Marketing Manager - Security, VMware Bob Kalka, Director, IBM Security Solutions, IBM The Rise
More informationEnabling Technologies for Distributed and Cloud Computing
Enabling Technologies for Distributed and Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Multi-core CPUs and Multithreading
More informationADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure
ADC9521: Surviving Regulatory Compliance in the Virtual Infrastructure Patrick Daigle, VCP, VMware Operations Team Lead, CGI/ITM John Y. Arrasjid, VCP, Sr. Consulting Architect, VMware Agenda Compliance
More informationFrontiers in Cyber Security: Beyond the OS
2013 DHS S&T/DoD ASD (R&E) CYBER SECURITY SBIR WORKSHOP Frontiers in Cyber Security: Beyond the OS Clear Hat Consulting, Inc. Sherri Sparks 7/23/13 Company Profile CHC was founded in 2007 by S. Sparks
More informationSimplifying the Transition to Virtualization TS17
Simplifying the Transition to Virtualization TS17 Name Sandeep Redkar Title Manager Process Solutions Date 11 th February 2015 Agenda Overview & Drivers Virtualization for Production Rockwell Automation
More informationDrobo How-To Guide. Use a Drobo iscsi Array as a Target for Veeam Backups
This document shows you how to use a Drobo iscsi SAN Storage array with Veeam Backup & Replication version 5 in a VMware environment. Veeam provides fast disk-based backup and recovery of virtual machines
More informationCompromise-as-a-Service
ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg 3/31/14 Compromise-as-a-Service Our PleAZURE Felix Wilhelm & Matthias Luft {fwilhelm, mluft}@ernw.de ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg Agenda
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationIntroduction. Setup of Exchange in a VM. VMware Infrastructure
Introduction VMware Infrastructure is deployed in data centers for deploying mission critical applications. Deployment of Microsoft Exchange is a very important task for the IT staff. Email system is an
More informationVirtualization Impact on Compliance and Audit
2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance
More informationMeeting the Challenges of Virtualization Security
Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization
More informationVisions of Clouds and Cloud Security. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.
Visions of Clouds and Cloud Security Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc. Visions of Clouds and Cloud Security What is the Cloud? PAAS SAAS IAAS Chris Hoff s Model
More informationVMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3
VMware Solution Guide for Payment Card Industry (PCI) September 2012 v1.3 VALIDATION DO CU MENT Table of Contents INTRODUCTION... 3 OVERVIEW OF PCI AS IT APPLIES TO CLOUD/VIRTUAL ENVIRONMENTS... 5 GUIDANCE
More informationMcAfee MOVE / VMware Collaboration Best Practices
McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationTable of Contents. vsphere 4 Suite 24. Chapter Format and Conventions 10. Why You Need Virtualization 15 Types. Why vsphere. Onward, Through the Fog!
Table of Contents Introduction 1 About the VMware VCP Program 1 About the VCP Exam 2 Exam Topics 3 The Ideal VCP Candidate 7 How to Prepare for the Exam 9 How to Use This Book and CD 10 Chapter Format
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationSymantec Endpoint Protection 11.0 Securing Virtual Environments Best Practices White Paper. Updated 7/20/2010
W H I T E P A P E R : T E C H N I C A L S E C U R I T Y S O L U T I O N S Symantec Endpoint Protection 11.0 Securing Virtual Environments Best Practices White Paper Updated 7/20/2010 White Paper: Symantec
More informationBest Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software
Best Practices for Monitoring Databases on VMware Dean Richards Senior DBA, Confio Software 1 Who Am I? 20+ Years in Oracle & SQL Server DBA and Developer Worked for Oracle Consulting Specialize in Performance
More informationManaging Physical and Virtual Machines in Paragon Protect & Restore
Managing Physical and Virtual Machines in Paragon Protect & Restore Best Practices last updated: August 2013 Overview Paragon Software s Protect & Restore (PPR) offers a unified system and data protection
More informationVirtualisation. A newsletter for IT Professionals. Issue 2. I. Background of Virtualisation. Hardware
Virtualisation A newsletter for IT Professionals Issue 2 UEducation Sector Updates I. Background of Virtualisation Virtualisation is the separation of resource or request for a service from the underlying
More informationNew Security Perspective for Virtualized Platforms
, July 3-5, 2013, London, U.K. New Security Perspective for Virtualized Platforms Abdelmajid Lakbabi, Said El hajji, Ghizlane Orhanou, Kaouthar Chetioui Abstract Recently, an important transition in IT
More informationSecuring the Cloud. A Review of Cloud Computing, Security Implications and Best Practices W H I T E P A P E R
W H I T E P A P E R Securing the Cloud A Review of Cloud Computing, Security Implications and Best Practices VMware, Inc. 314 Porter Drive Palo Alto CA 94304 USA Tel 60-47-000 Fax 60-47-001 www.vmware.com
More informationSecure Virtualization in the Federal Government
White Paper Secure Virtualization in the Federal Government Achieve efficiency while managing risk Table of Contents Ready, Fire, Aim? 3 McAfee Solutions for Virtualization 4 Securing virtual servers in
More informationInternational Journal of Scientific & Engineering Research, Volume 5, Issue 1, January-2014 ISSN 2229-5518 1299
1299 TITLE Virtualization security in Data Centres & cloud Prof Sarita Dhawale. Ashoka Center for Business & Computer Studies,Nashik Head of Department of Computer Science University of Pune, Maharashtra.
More informationVMware vsphere: Install, Configure, Manage [V5.0]
VMware vsphere: Install, Configure, Manage [V5.0] Gain hands-on experience using VMware ESXi 5.0 and vcenter Server 5.0. In this hands-on, VMware -authorized course based on ESXi 5.0 and vcenter Server
More informationThe Architecture of VMware ESXi WHITE PAPER
The Architecture of VMware ESXi WHITE PAPER Table of Contents Introduction... 3 Components of ESXi... 3 VMkernel... 4 File System... 4 Users and Groups... 4 User Worlds... 4 Direct Console User Interface...
More informationDesktop Virtualization. The back-end
Desktop Virtualization The back-end Will desktop virtualization really fit every user? Cost? Scalability? User Experience? Beyond VDI with FlexCast Mobile users Guest workers Office workers Remote workers
More informationVmware VSphere 6.0 Private Cloud Administration
To register or for more information call our office (208) 898-9036 or email register@leapfoxlearning.com Vmware VSphere 6.0 Private Cloud Administration Class Duration 5 Days Introduction This fast paced,
More informationLearn the Essentials of Virtualization Security
Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationMeasuring Hypervisor Footprints: Assessing Risk
Measuring Hypervisor Footprints: Assessing Risk Edward L. Haletky The Virtualization Practice, LLC Author of: VMware vsphere TM and Virtual Infrastructure Security: Securing the Virtual Environment Assessing,
More informationFOR SERVERS 2.2: FEATURE matrix
RED hat ENTERPRISE VIRTUALIZATION FOR SERVERS 2.2: FEATURE matrix Red hat enterprise virtualization for servers Server virtualization offers tremendous benefits for enterprise IT organizations server consolidation,
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationInformation Security Policy
Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current
More informationBasics of Virtualisation
Basics of Virtualisation Volker Büge Institut für Experimentelle Kernphysik Universität Karlsruhe Die Kooperation von The x86 Architecture Why do we need virtualisation? x86 based operating systems are
More information