Neil MacDonald

A member of the Gartner Blog Network

Archives for February, 2009


VMware Unveils vShield and Raises the Security Bar for all Virtualization Vendors

by Neil MacDonald  |  February 27, 2009  |  Comments Off

  As I have discussed from the beginning, the policy enforcement capabilities of information security technologies like firewalls, intrusion prevention systems, network access control and so on need to be virtualized in order to secure the next-generation adaptive data center. Network and trust separation in a virtual environment needs to be enforced based on logical [...]

Comments Off

Category: Virtualization Security     Tags: , ,

SharePoint Security Best Practices

by Neil MacDonald  |  February 25, 2009  |  14 Comments

  I’m sure you’ve experienced the growth of SharePoint in your organizations firsthand (and those are only the deployments you know about!). SharePoint is a flexible product with a pretty powerful security architecture and it got even more powerful with the latest release. But with this flexibility comes complexity. In discussions with clients on securing [...]

14 Comments »

Category: SharePoint Security     Tags: , ,

Virtualization of Security Controls Enables Flexible Data Center Design

by Neil MacDonald  |  February 23, 2009  |  8 Comments

My colleague David Cappuccio recently provided his observations on tiered data center structures. As I read it, I was stuck by the similarities to what he was describing in IT operations to what I am seeing in information security. “Rather than build a tier 4 fully redundant data center that supports all mission critical systems, [...]

8 Comments »

Category: Next-generation Data Center Virtualization Security     Tags:

Hypervisor Attacks in the Real World

by Neil MacDonald  |  February 20, 2009  |  2 Comments

In a previous post, I discussed that many people I talk with about virtualization and security are skeptical that the threat against hypervisors and virtual machine monitors is real. They point to the lack of a publicly disclosed breach that was caused by an attack on the virtualization layer as evidence that such attacks are [...]

2 Comments »

Category: Virtualization Security     Tags: ,

VMsafe: Cool for Virtualization Security, but no Panacea

by Neil MacDonald  |  February 18, 2009  |  9 Comments

VMsafe is essentially set of APIs at the level of the hypervisor/virtual machine monitor that VMware has opened up to developers (primarily of security tools). Since the virtual machine monitor arbitrates all access between the OSs that run on top of it and the shared hardware underneath (memory, CPU, disk and network), security vendors can [...]

9 Comments »

Category: Virtualization Security     Tags: , , ,

Hypervisor Attacks and Hurricanes are Inevitable, but Breaches Don’t Have to Be.

by Neil MacDonald  |  February 17, 2009  |  2 Comments

In my research on virtualization security, I am frequently asked “Aren’t attacks on the virtualization layer just theoretical?” and “Do you know of any publicly disclosed hypervisor attack that resulted in damage or the loss of information?”. This is similar to standing on one of the levees around New Orleans prior to 2005 and asking [...]

2 Comments »

Category: Virtualization Security     Tags: , ,

Virtualization Security Is Transformational — If the Legacy Security Vendors Would Stop Fighting It

by Neil MacDonald  |  February 13, 2009  |  8 Comments

Hello and welcome to my blog. I will use this blog as a research tool to explore thoughts and observations on the future of information security and I encourage you to provide feedback as a part of that process. I’ll candidly share my thoughts and I hope you’ll share yours. This is my first posting, [...]

8 Comments »

Category: Virtualization Security     Tags: ,