Secure Administration of Virtualization - A Checklist ofVRATECH
|
|
- Chrystal Sanders
- 3 years ago
- Views:
Transcription
1 Securing the Administration of Virtualization An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Market Research Report Prepared for RSA, The Security Division of EMC March 2010 IT MANAGEMENT RESEARCH,
2 Table of Contents Executive Summary...1 Secure Administration: Priority One for Virtualization Security...1 Managing Resource Consolidation...1 Controlling Risk Exposure...2 Point in Time Means Something Different...2 VM Images are Data, Too...2 The Impact of Administration...2 Meeting the Challenge...3 Start with Strategy...3 Plan: Architect Proper Configuration...3 Do: Administrative Security in Operations...4 Check: Monitoring Administrative Actions...5 Act: The Critical Importance of Response...6 Toward the Future...7 EMA Perspective...7 About RSA...8
3 Executive Summary Virtualization has been one of the most transformative information technologies to appear in many years. What many organizations still do not yet fully appreciate, however, is the transformative impact virtualization has on security as well. Virtualization enables the IT investment to yield maximum benefit with greater flexibility. It also introduces new risks, many without parallel in traditional IT. Unlike physical systems, multiple guest virtual machines (VMs) share a common host. VMs can be configured offline and deployed on demand, making for a far more dynamic environment. Virtualized functionality such as networking is abstracted from its physical topology. Securing these capabilities depends directly on administrative control. This, in turn, emphasizes the need for security in the administration of virtualization, and for processes and technologies to secure administration that are virtualization aware. Virtualization enables the IT investment to yield maximum benefit with greater flexibility. It also introduces new risks, many without parallel in traditional IT. In this report, Enterprise Management Associates (EMA) describes a systematic approach to securing the administration of virtualized systems, based on the ISO series Plan Do Check Act philosophy. While emerging aspects of endpoint virtualization are discussed, the primary focus is on the administration of virtualization in the data center, where the bulk of today s concerns may be found. Guidance on securing the administration of VMware one of the most prevalent names in virtualization and the use of the tools and technologies of EMC and its Security Division, RSA, are highlighted as primary examples. Readers should gain an enhanced awareness of the essential capabilities required for the secure administration of virtualization, with reference to technology-specific guidance such as VMware s Security Hardening publications offered for more detailed information. Secure Administration: Priority One for Virtualization Security Every generation of IT has its transformative technologies but few have had the impact of virtualization in the data center. The values it brings for resource consolidation, on-demand provisioning and offline maintenance enable IT to be far more flexible in meeting business demands. But these demands will not indeed, cannot be well met unless the risks that virtualization introduces can be understood and managed. Some of these risks have little or no parallel in the physical environment. Managing Resource Consolidation For example, virtualized guest systems sharing a common physical platform may have different levels of sensitivity in their operations, their network exposure, or in the information they handle. A guest VM exposed to a public network may run the risk of exposing sensitive data handled on another guest on the same host. In the past, such risky interactions were largely controlled through physical or logical isolation. Virtualization, however, makes it much easier to violate this isolation by consolidating functionality on
4 a shared host. Large retailers have failed an audit for compliance with the Payment Card Industry (PCI) Data Security Standard for just such failures. Controlling Risk Exposure Even simple changes in server configuration or network topology can expose vulnerabilities, such as an unpatched software defect or network access that can lead to system takeover. Virtualization, however, has the potential to greatly amplify this exposure, when a vulnerable VM configuration is replicated many times over in production. The ability to move and deploy virtual systems on demand may also increase risk. Organizations may assume they have a certain number of servers that must be managed, but on-demand virtualization may increase that number considerably if uncontrolled. This virtualization sprawl has several major implications: It increases the sheer volume of risk exposures (or attack surface ) if proper and consistent security measures are not applied across the whole virtual environment. It exposes the organization to software licensing violations. It potentially introduces regulatory compliance violations surrounding private data management, separation of systems and networks, adequate logging and asset and change control. Point in Time Means Something Different Unlike the physical environment, where change is immediate, changes to a VM are typically made offline, and do not take effect until the image is deployed in production. This could be some time after changes are defined in a master VM image or service configuration. If changes are made for security reasons, such latency could prolong risk exposure. Another point-in-time factor unique to virtualization is the ability to suspend a VM. Starting and stopping a service may be logged as a system-level event. Without visibility into virtualization infrastructure, however, VM suspension may go undetected by traditional monitoring methods. This increases the risk that suspended VMs may disrupt critical functionality, or go offline due to undetected security issues. VM Images are Data, Too A VM image is effectively a file or set of files which are stored as data. This data can be copied and later run in an uncontrolled environment, circumventing authorized protections. This increases the priority placed on control over access to storage systems that manage such data. The Impact of Administration Note the critical role played by administration and management in each of these examples. Administrative privilege enables the definition of VM images, the ability to retrieve VM images stored as data, control over their deployment, and management in production. This heightens the need to secure administrative privilege and actions. It also highlights the importance of controls that are virtualizationaware. Insight into virtual infrastructure is needed to detect such These factors heighten the need to secure administrative privilege and actions. They also highlight the importance of controls that are virtualization-aware
5 factors as VM consolidation, movement and suspension, and the control of VM images as data. Without this visibility, administrative actions that pose risk may go undetected. Without virtualizationspecific controls, they may go unmanaged as well. Meeting the Challenge Securing the administration of virtualization must therefore be a top priority for securing virtualization itself. Organizations may not yet be aware, however, of how best to secure virtualization management and administrative privilege. This calls for a comprehensive consideration of the factors involved, in order to develop an effective plan of action. Start with Strategy In other words, this means taking a strategic approach, in line with the requirements of the business. One such approach is reflected in the ISO family of security management standards, frequently referenced for guidance of IT security management. In essence, the ISO standards recommend a systematic approach, which describes a logical sequence that helps organizations define, implement and monitor their objectives, with high emphasis on action. This approach is often summarized as: Plan Do Check Act The ISO standards represent a body of guidance that can be applied in the general case. Technologyspecific guidance should be referenced to secure the actual implementation. Organizations such as the Computer Security Institute (CSI) offer such guidance, while vendors often provide their own. VMware, for example, offers Security Hardening guidelines for VMware virtualization technologies 1. These materials provide useful information for securing the administration of virtualized environments. Plan: Architect Proper Configuration Safeguarding administrative control is implicit in fundamental security principles that apply in both virtual and physical environments. Securing the administration of virtualization thus begins with securing the physical environment, and extending those principles to virtualization. Limit exposures that could lead to unauthorized high-privilege access. Install customary security tools such as anti-malware, firewall and host intrusion prevention systems. Disable unnecessary or superfluous functions. Reserve system resources for Service Management processes patch, change, asset and configuration management. Secure configurations should be built into hardened templates, for assuring that when new systems are deployed, they are configured properly. This includes the configuration of the physical host, the hypervisor, and each guest VM. Network segmentation takes on an added dimension in virtualized environments, since guest VMs each have their own connections to physical and logical network topologies outside the virtualized host, as well as within the host itself. 1 (as of March 2010) This means taking a strategic approach, in line with the requirements of the business.
6 In most cases, network communications between guest VMs should be isolated. Technologies such as VMware vshield Zones can limit inter-vm traffic and resulting risk exposures, extending long-established network segmentation principles to the virtual world. Connection to specific physical interfaces can further assure this protective isolation and mitigate software configuration risks. Configuration of virtualization management systems is particularly important, since they directly control functionality. VMware vcenter, for example, provides centralized administration of VMware environments, and must be carefully deployed accordingly. Limit administrative access to the host where vcenter is running. vcenter itself should run under a separate administrative account specifically provisioned for that purpose Management and production networks should be isolated from each other, to limit the risk of unauthorized access to administrative functionality. When administrative access is authorized, the principle of least privilege should apply. Administrative access should be linked to individual accountability as much as possible. Access to shared administrative accounts such as root should be limited, while tools such as su should be restricted. Role-based access control (RBAC) offers a way to segregate administrative functions into individual roles that can be invoked by authorized users when needed. In the case of VMware vcenter, its Custom Roles capability offers a built-in way to define and segregate administrative privileges by roles. Environment monitoring is essential particularly to monitoring administrative access and actions, both authorized and unauthorized. Organizations should plan to deploy event management tools having insight into virtualization risks. This includes monitoring access to VM image storage resources. Here too, RBAC-based role segregation should help to assure that those with administrative access privileges do not also have the capability to tamper with evidence of administrative actions. Do: Administrative Security in Operations Once virtualization is deployed, the principles of limited exposure and least privilege should be continued in operations management. Exposure to administrative access risks can be mitigated by using the most secure or finely grained management tools when available. In the VMware environment, the ESX service console may enable overly broad capability with limited control. Better control can be achieved by the use of more finely grained tools that leverage vcenter functionality, such as PowerCLI and toolkits that use the vsphere API. Because these tools leverage vcenter, they enforce centralized privilege control and monitoring. They also provide role-based administrative access through vcenter Custom Roles. Once virtualization is deployed, the principles of limited exposure and least privilege should be continued in operations management.
7 Strong authentication can further secure access to administrative privilege. Some compliance mandates such as the PCI Data Security Standard may specifically require two-factor authentication for remote administrative access. One of the most popular examples of two-factor authentication is the one-time password technology of RSA SecurID, long used to secure administrative access in many organizations worldwide. Check: Monitoring Administrative Actions Building monitoring capability in the planning phase is essential but it must be used effectively in operations. In the 2009 Verizon Business data breach investigations report 2, 66% of victims had sufficient evidence available in log data to discover a breach, had they been more diligent in log analysis. The sheer volume of monitoring information IT generates compounds the issue for many. This mass of data is difficult to manage, if not impossible, without tools for prioritizing alerts that identify significant risks. Security information and event management (SIEM) systems are a primary tool for meeting these challenges. In order to be most effective in monitoring the administration of virtualization, however, they must have comprehensive visibility: Events in any environment: Monitoring should cover events not specific to virtualization, but which have an impact on the security of virtualization management. For example: Events should be correlated with IT change. The monitoring of IT change is a fundamental principle of IT management that reinforces change control and improves IT reliability. In security, change detection may reveal threat activity. Events should be correlated with administrative access. This can help identify unauthorized administrative access or a security attack that exploits administrative privilege. It also benefits more reliable IT management, by helping to identify root causes of performance or availability problems due to administrative actions. Access to storage resources that house VM images should be monitored, to protect against unauthorized deployment or analysis of virtual systems. Virtualization-specific events: Monitoring tools must also have visibility into administrative activity unique to virtualization. This is particularly critical when events have few or no parallels with the physical environment: Administrative actions that result in changes to VM state should be monitored. Stopping and starting a service on a physical server may be detected by conventional tools, but virtualization-specific issues such as VM suspension may not. VMs may also be moved from one physical host to another, which may violate policy. Monitoring must have visibility into virtualization infrastructure in these cases. In most cases, making changes to the configuration of a VM require taking it offline and remounting it, which may not be as intuitive as rebooting a physical server. When changes are defined in master VM images, monitoring must assure that they have been put into production in a timely way. This may be critical when patching actively exploited security vulnerabilities. 2 W. H. Baker et al, 2009 Data Breach Investigations Report, Verizon Business, April Monitoring tools must also have visibility into administrative activity unique to virtualization. This is particularly critical when events have few or no parallels with the physical environment.
8 Unauthorized attempts to copy or clone VMs should be detected, to assure that sensitive information or systems are not exposed outside the authorized, controlled environment. Virtualization sprawl should be monitored and contained, to assure that virtualization is managed appropriately, regulated environments are under proper control, and to reduce risk exposure from enlarging the attack surface. SIEM platforms such as RSA envision provide visibility into comprehensive activity throughout both physical and virtualized environments. The EMC and VMware families of configuration and change management tools such as VMware vcenter Server Configuration Manager provide virtualizationaware configuration and change insight which can be correlated with event monitoring. These are examples of technologies having the visibility into virtualization infrastructure necessary to assure that virtualization-specific issues are not overlooked. Act: The Critical Importance of Response It is one thing to monitor; it is another to act, as data breach investigations suggest. Even when event management systems correlate and identify high-priority issues, actions must be taken not only to enable response, but to prevent recurrence and better secure virtualization management going forward. It is one thing to monitor; it is another to act, as data breach investigations suggest. Here also, general principles exist that can be applied to any environment, as well as those that are specific to virtualization: Evaluate the completeness of response. When security vulnerabilities become known, the exposure must be found and confirmed in other environments. Configuration management systems can not only verify its presence when it appears, but can also directly remediate exposures through configuration change. Take a proactive approach. Beyond monitoring, checking must also include the regular evaluation of program effectiveness. This helps assure that virtualization is managed responsibly as technologies, use cases and business requirements change. Change events that consistently require exceptions to accepted management processes, for example, may call for a re-evaluation of those processes. Expand virtualization awareness. Recognize that virtualization can have a dramatic impact on existing management disciplines such as configuration management. The virtual environment is far more dynamic than the legacy world. VMs can move with a great deal of freedom among physical hosts. Changes can be made offline, which reduces the impact of change on production environments, but operations teams must assure that these changes are put into production as expected. Organizations will want to assure that their administrative tools have adequate visibility into virtualization infrastructure, to avoid being blindsided by these virtualization-specific issues. Link the virtual infrastructure to IT Service Management. Monitoring systems can create a service desk ticket in response to specific events. This helps the tracking of incidents to a satisfactory conclusion, which may include forensic analysis or other follow-up if required. Conversely, a service desk ticket can be used to authorize a specific change event, whose outcome satisfactory or otherwise is reflected in monitoring systems.
9 Toward the Future Finally, response must also include keeping a forward-looking eye on the pace of technology in this case, on the ongoing evolution of virtualization, its management, and its risks. Emerging technologies such as Virtual Desktop Infrastructure (VDI) emphasize the need for virtualization aware security management tools. RSA envision, for example, integrates with VMware View to provide information such as when a user has logged on or off, when systems have been disconnected, when peripherals such as USB devices have been plugged in, and so on. This not only rivals but exceeds the extent of capability available in many non-virtualized environments just one example of the many ways in which endpoint virtualization may have a positive impact on endpoint security management. Other innovations likely to have a positive impact on the security of virtualization and the management of administrative risks in virtual environments include the continued adoption of VMware s VMsafe technologies for enhancing visibility and control over virtualization security. EMA Perspective In order to capitalize on virtualization s promise, organizations must confidently manage its risks and nowhere is this more important than in safeguarding the administration of virtualization. With its strategic relationship with VMware, a market leader in virtualization technology, and backed by the capabilities of its RSA Security Division, EMC stands out among vendors serving the requirements of responsible virtualization management. With its strategic relationship with VMware, a market leader in virtualization technology, and backed by the capabilities of its RSA Security Division, EMC stands out among vendors serving the requirements of responsible virtualization management. Its unique ties to VMware give it equally unique insight into one of the most successful virtualization portfolios in the industry, including VMware s virtualization-aware management platforms. The RSA family of SIEM resources and strong authentication provide vital capabilities for visibility into high-privilege actions and strong controls on administrative access, while the EMC and VMware management portfolios together provide essential configuration management and other disciplines necessary to secure the control of virtualization including management of the entire lifecycle of secure storage for VM images to protect administrative capabilities saved in VM configuration. The alignment of these capabilities gives EMC, RSA and VMware a distinctive understanding of virtual relationships between hosts and guests, in virtualized systems, networks, databases and applications. Just as important is the fostering of common integration and collaboration objectives among these vendor groups that mutually support each other, which help identify factors such as specific points of integration that help accelerate adoption and deployment of security measures, which can help reduce total security costs for virtualization management. These factors combine to recommend the EMC and VMware families as a preferred provider of solutions for assuring secure and responsible management of virtualization, and its expansive promise.
10 About RSA RSA, The Security Division of EMC, is a premier provider of security solutions for business acceleration, helping the world s leading organizations succeed by solving their most complex and sensitive security challenges. RSA s information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used. RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit and
11 About Enterprise Management Associates, Inc. Founded in 1996, Enterprise Management Associates (EMA) is a leading industry analyst firm that specializes in going beyond the surface to provide deep insight across the full spectrum of IT management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help its clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise IT professionals and IT vendors at or follow EMA on Twitter. This report in whole or in part may not be duplicated, reproduced, stored in a retrieval system or retransmitted without prior written permission of Enterprise Management Associates, Inc. All opinions and estimates herein constitute our judgement as of this date and are subject to change without notice. Product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. EMA and Enterprise Management Associates are trademarks of Enterprise Management Associates, Inc. in the United States and other countries. EMA, ENTERPRISE MANAGEMENT ASSOCIATES, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc. Corporate Headquarters: 5777 Central Avenue, Suite 105 Boulder, CO Phone: Fax:
Building on a Foundation for Growth: Integrating DLP with Message Security Infrastructure
Building on a Foundation for Growth: Integrating DLP with Message Security Infrastructure An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for RSA, The Security Division of EMC April 2010
More informationSIEM and DLP Together: A More Intelligent Information Risk Management Strategy
SIEM and DLP Together: A More Intelligent Information Risk Management Strategy An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for RSA, The Security Division of EMC December 2009 IT MANAGEMENT
More informationBeyond the Hypervisor: Optimizing Virtualization Management
Beyond the Hypervisor: Optimizing Virtualization Management An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for ASG Software Solutions August 2009 IT MANAGEMENT RESEARCH, Table of Contents
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationPICO Compliance Audit - A Quick Guide to Virtualization
WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More informationStrategies to Mitigate Information Risk: Data Loss Prevention and Enterprise Rights Management
Strategies to Mitigate Information Risk: Data Loss Prevention and Enterprise Rights Management An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for RSA, The Security Division of EMC and
More informationVDI Security for Better Protection and Performance
VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments
More informationPCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP
solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility
More informationEnterprise Lifecycle Management in a Changing World: Best Practices for Resolving Emerging Challenges in Desktop and Server Management
Enterprise Lifecycle Management in a Changing World: Best Practices for Resolving Emerging Challenges in An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for FrontRange Solutions November
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationH Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments
H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service
More informationHP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU
HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion
More informationWhite paper. Four Best Practices for Secure Web Access
White paper Four Best Practices for Secure Web Access What can be done to protect web access? The Web has created a wealth of new opportunities enabling organizations to reduce costs, increase efficiency
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationEffective Systems Management for Healthcare
Effective Systems Management for Healthcare An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for SolarWinds January 2014 IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Table
More informationPreparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.
Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines
More informationSupporting Workforce Mobility: Best Practices in Enterprise Mobility Management
Best Practices in Enterprise Mobility Management An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for FrontRange October 2013 IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper Trend Micro, Incorporated» A detailed account of why Gartner recognizes Trend Micro as a leader in Virtualization and Cloud
More informationTrend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard
Partner Addendum Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard The findings and recommendations contained in this document are provided by VMware-certified
More informationRSA Security Solutions for Virtualization
RSA Security Solutions for Virtualization Grzegorz Mucha grzegorz.mucha@rsa.com Securing the Journey to the Cloud The RSA Solution for Virtualized Datacenters The RSA Solution for VMware View The RSA Solution
More informationHow to Achieve Operational Assurance in Your Private Cloud
How to Achieve Operational Assurance in Your Private Cloud As enterprises implement private cloud and next-generation data centers to achieve cost efficiencies and support business agility, operational
More informationBetter Virtualization Outcomes with Citrix Essentials for XenServer and NetApp Storage
Better Virtualization Outcomes with Citrix Essentials for XenServer and NetApp Storage An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Citrix and NetApp August 2009 IT MANAGEMENT RESEARCH,
More informationSecuring Remote Access in the Federal Government: Addressing the Needs for Telework and Continuity of Operations. RSA Solution Brief
RSA Solution Brief Securing Remote Access in the Federal Government: Addressing the Needs for Telework and Continuity of Operations RSA Solution Brief The Telework Improvements Act of 2009 that was introduced
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationTECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS
TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS BUSINESS BENEFITS Use of the Certified Partner seal and the Secured by RSA brand on product packaging and advertising Exposure in the Secured by RSA
More informationThe RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief
The RSA Solution for Cloud Security and Compliance A GRC foundation for VMware infrastructure security and compliance Solution Brief The RSA Solution for Cloud Security and Compliance enables end-user
More informationAvoiding the Top 5 Vulnerability Management Mistakes
WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationEffective End-to-End Cloud Security
Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of
More informationBringing Enterprise-class Network Performance and Security Management Together using NetFlow
Bringing Enterprise-class Network Performance and Security Management Together using NetFlow An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Lancope November 2009 IT MANAGEMENT RESEARCH,
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationKeith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com
1 Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com Agenda Cloud Computing VMware and Security Network Security Use Case Securing View Deployments Questions 2 IT consumption
More informationSichere Virtualisierung mit VMware
Sichere Virtualisierung mit VMware Stefan Bohnengel, VMware Harald Speckbrock, RSA Neuss, 12.11.2009 Building The Private Cloud private cloud Flexibility Control Choice your applications your information
More informationSecuring Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits
A Clear View of Challenges, Solutions and Business Benefits Introduction Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide
More informationSecuring Remote Vendor Access with Privileged Account Security
Securing Remote Vendor Access with Privileged Account Security Table of Contents Introduction to privileged remote third-party access 3 Do you know who your remote vendors are? 3 The risk: unmanaged credentials
More informationExtreme Networks Security Analytics G2 Risk Manager
DATA SHEET Extreme Networks Security Analytics G2 Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance HIGHLIGHTS Visualize current and potential
More informationTotal Cloud Protection
Total Cloud Protection Data Center and Cloud Security Security for Your Unique Cloud Infrastructure A Trend Micro White Paper August 2011 I. INTRODUCTION Many businesses are looking to the cloud for increased
More informationCSA Virtualisation Working Group Best Practices for Mitigating Risks in Virtualized Environments
CSA Virtualisation Working Group Best Practices for Mitigating Risks in Virtualized Environments Kelvin Ng Tao Yao Sing Heng Yiak Por Acknowledgeme nts Co-Chairs Kapil Raina, Zscaler Kelvin Ng, Nanyang
More informationDevising a Server Protection Strategy with Trend Micro
Devising a Server Protection Strategy with Trend Micro A Trend Micro White Paper» Trend Micro s portfolio of solutions meets and exceeds Gartner s recommendations on how to devise a server protection strategy.
More informationAgentless Security for VMware Virtual Data Centers and Cloud
Agentless Security for VMware Virtual Data Centers and Cloud Trend Micro Deep Security VMware Global Technology Alliance Partner Trend Micro, Incorporated» This white paper reviews the challenges of applying
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationFIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES
FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES The implications for privacy and security in the emergence of HIEs The emergence of health information exchanges (HIE) is widely
More informationMaking Data Security The Foundation Of Your Virtualization Infrastructure
Making Data Security The Foundation Of Your Virtualization Infrastructure by Dave Shackleford hytrust.com Cloud Under Control P: P: 650.681.8100 Securing data has never been an easy task. Its challenges
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to
More informationHow RSA has helped EMC to secure its Virtual Infrastructure
How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano
More informationTrend Micro Deep Security
Trend Micro Deep Security VMware Global Technology Alliance Partner Changing the Game with Agentless Security for the Virtual Data Center A 2012 Trend Micro White Paper I. INTRODUCTION From its early experimental
More informationRSA Solutions for VMware and Vblock. Dominique Dessy Senior Technical Consultant
RSA Solutions for VMware and Vblock Dominique Dessy Senior Technical Consultant Agenda What is a Vblock? RSA s Approach to Securing Vblock Typical use cases Vblock A New Way of Delivering IT to Business
More informationSecurity Solution Architecture for VDI
Solution Architecture for VDI A reference implementation of VMware BENEFITS Validated solution architecture provides unprecedented end-to-end security dashboard for virtual desktop infrastructure (VDI)
More informationHelp Desk Demands in the Mid-Market: Pragmatic Requirements and Solutions
Help Desk Demands in the Mid-Market: Pragmatic Requirements and Solutions An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for ScriptLogic June 2010 IT & DATA MANAGEMENT RESEARCH, Table
More informationAutomating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0
WHITE PAPER Automating Cloud Security Control and Compliance Enforcement for 3.0 How Enables Security and Compliance with the PCI Data Security Standard in a Private Cloud EXECUTIVE SUMMARY All merchants,
More informationRSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief
RSA Solution Brief RSA Managing Data Loss the Lifecycle of Prevention Encryption Suite Keys with Uncover your risk, establish control. RSA Key Manager RSA Solution Brief 1 Executive Summary RSA Data Loss
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More informationWhite paper. Creating an Effective Security Operations Function
White paper Creating an Effective Security Operations Function Awareness of security issues is fundamental to an effective policy. When we think of a security operations center (SOC), we often have an
More informationCompliance and Security Information Management for PCI DSS Requirement 10 and Beyond
RSA Solution Brief Compliance and Security Information Management for PCI DSS Requirement 10 and Beyond Through Requirement 10, PCI DSS specifically requires that merchants, banks and payment processors
More informationEMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES
EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES Aligning information with business and operational objectives ESSENTIALS Leverage EMC Consulting as your trusted advisor to move your and compliance
More informationVirtual Compliance In The VMware Automated Data Center
Virtual Compliance In The VMware Automated Data Center July 2011 LogLogic, Inc Worldwide Headquarters 110 Rose Orchard Way, Ste. 200 San Jose, CA 95134 United States US Toll Free: 888 347 3883 Tel: +1
More informationTenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
More informationVMware Integrated Partner Solutions for Networking and Security
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More information2010 State of Virtualization Security Survey
2010 State of Virtualization Security Survey Current opinions, experiences and trends on the strategies and solutions for securing virtual environments 8815 Centre Park Drive Published: April, 2010 Columbia
More informationEndpoint Virtualization Explained:
: Methods, Benefits, Challenges, and Recommendations for Desktop Virtualization and Application Virtualization An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Symantec April 2009 IT
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationWHITE PAPER. The Protection and Operational Benefits of Agentless Security in Virtual Environments SPON. Published March 2012 SPONSORED BY
WHITE PAPER The Protection and Operational Benefits of Agentless Security in Virtual Environments An Osterman Research White Paper Published March 2012 SPONSORED BY sponsored by! SPON sponsored by Osterman
More informationFor more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa.
Global Partner Management Notice Subject: Visa Data Security Alert Malicious Software and Internet Protocol Addresses Dated: April 10, 2009 Announcement: The protection of account information is a responsibility
More informationDrawbacks to Traditional Approaches When Securing Cloud Environments
WHITE PAPER Drawbacks to Traditional Approaches When Securing Cloud Environments Drawbacks to Traditional Approaches When Securing Cloud Environments Exec Summary Exec Summary Securing the VMware vsphere
More informationDesktop Automation: Effective Desktop Operations & Management with Cloud Orchestration
Desktop Automation: Effective Desktop Operations & Management with Cloud Orchestration An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Citrix August 2014 IT & DATA MANAGEMENT RESEARCH,
More informationAttaining HIPAA Compliance with Retina Vulnerability Assessment Technology
l Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology Overview The final privacy rules for securing electronic health care became effective April 14th, 2003. These regulations require
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationNetwork Segmentation in Virtualized Environments B E S T P R A C T I C E S
Network Segmentation in Virtualized Environments B E S T P R A C T I C E S ware BEST PRAC TICES Table of Contents Introduction... 3 Three Typical Virtualized Trust Zone Configurations... 4 Partially Collapsed
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationSecurity Virtual Infrastructure - Cloud
Security Virtual Infrastructure - Cloud Your Name Ramkumar Mohan Head IT & CISO Orbis Financial Corporation Ltd Agenda Cloud Brief Introduction State of Cloud Cloud Challenges Private Cloud Journey to
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationOptimizing Cloud for Service Delivery
Optimizing Cloud for Service Delivery Report Highlights An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Survey-based Research Report Written by Dennis Drogseth, Vice President of Research February 2012 Sponsored
More informationEMA Radar for Private Cloud Platforms: Q1 2013
EMA Radar for Private Cloud Platforms: Q1 2013 By Torsten Volk ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Radar Report March 2013 BMC Software EMA Radar for Private Cloud Platforms: Q1 2013 (IaaS, PaaS, SaaS)
More informationSecurity Compliance in a Virtual World
RSA Security Brief Security Compliance in a Virtual World Best Practices to Build a Solid Foundation Authors Bret Hartman, Chief Technology Officer, RSA, the Security Division of EMC Dr. Stephen Herrod,
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationFISMA / NIST 800-53 REVISION 3 COMPLIANCE
Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security
More informationWhen Desktops Go Virtual
When Desktops Go Virtual Virtualization Security. Addressing security challenges in your virtual desktop infrastructure A Trend Micro White Paper February 2011 I. VIRTUAL DESKTOP INFRASTRUCTURE Server
More informationCloud and Data Center Security
solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic
More informationRSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief
RSA SecurID Authentication in Action: Securing Privileged User Access RSA SecurID solutions not only protect enterprises against access by outsiders, but also secure resources from internal threats The
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationA Look at the New Converged Data Center
Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable
More informationReal-Time Security for Active Directory
Real-Time Security for Active Directory Contents The Need to Monitor and Control Change... 3 Reducing Risk and Standardizing Controls... 3 Integrating Change Monitoring... 4 Policy Compliance... 4 The
More informationConsolidating IT Infrastructure Management: Unifying Data Center Hardware and Software Administration
Consolidating IT Infrastructure Management: Unifying Data Center Hardware and Software Administration An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Emerson Network Power October 2014
More informationBuilding Energy Security Framework
Building Energy Security Framework Philosophy, Design, and Implementation Building Energy manages multiple subsets of customer data. Customers have strict requirements for regulatory compliance, privacy
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns
More informationPCI Data Security Standards (DSS)
ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants
More informationVirtualization Security Checklist
Virtualization Security Checklist This virtualization security checklist is intended for use with enterprise full virtualization environments (as opposed to paravirtualization, application or operating
More information