Neil MacDonald

A member of the Gartner Blog Network

Archives for April, 2009

Security Shouldn’t Have to be Rationed

by Neil MacDonald  |  April 28, 2009  |  4 Comments

In my daily conversations with clients on virtualization security, one of the issues that we frequently discuss is whether or not they need virtualized security controls like firewalls and intrusion prevention systems to isolate and inspect traffic between virtual machines. One line of reasoning goes like this: If the workloads in the VMs have similar […]


Category: Virtualization Security     Tags: , ,

RSA and Virtualization Security

by Neil MacDonald  |  April 23, 2009  |  2 Comments

When I called this “virtualization security” week, I wasn’t kidding. There were at least a dozen different session on the topic this week at the RSA conference in San Francisco. I’ve been researching the issue for several years, so it is exciting to see ideas and recommendations I have been giving in research, inquires and […]


Category: Virtualization Security     Tags: , ,

VMware Launches vSphere (and Security Makes the Keynote)

by Neil MacDonald  |  April 22, 2009  |  4 Comments

On Tuesday April 22, VMware formally launched the next major release of its virtualization platform. The code has been released to manufacturing and will become generally available during this quarter. The atmosphere was upbeat, the buzz phrase “cloud” was generously sprinkled throughout the presentations and, most importantly, the importance of security as a core capability […]


Category: Virtualization Security     Tags: , , , , ,

It’s Virtualization Security Week!

by Neil MacDonald  |  April 21, 2009  |  1 Comment

I am out in the San Francisco area for a number of virtualization security-related events this week. I’ve been frequently blogging on this topic since my first post. Today, VMware formally launches vSphere 4. The launch is being simulcast here. Hopefully, VMware will provide specific details on three areas of interest that I have. First, […]

1 Comment »

Category: Virtualization Security     Tags: , , ,

Security No-brainer #3: Root of Trust Measurements for Hypervisors

by Neil MacDonald  |  April 18, 2009  |  1 Comment

During the course of my blogging activities, this is the third time I’ve talked about something the security industry should do that I believe is so obvious that I called it a “no-brainer”. The first was in reference to a global, industry-wide effort to create a shareable, standards-based application whitelist database built directly from feeds […]

1 Comment »

Category: Next-generation Data Center Virtualization Security     Tags: , , ,

Attackers are Moving up the Stack. So Should We.

by Neil MacDonald  |  April 15, 2009  |  1 Comment

I had an interesting discussion with a client this week. They were trying to understand how several recent outbreaks of malware had gotten past their existing defenses. In reviewing their architecture, it became clear that while they had an established process for patching Windows and Office, they hadn’t yet extended the process up the stack […]

1 Comment »

Category: Application Security Beyond Anti-Virus     Tags:

Whitelisting, Meet Virtualization. Virtualization, Meet Whitelisting.

by Neil MacDonald  |  April 10, 2009  |  10 Comments

As I have discussed, x86 hardware virtualization creates a new IT platform that must be securely maintained (e.g. patch, configuration and vulnerability management) like any other IT platform we are responsible for. This layer is extremely sensitive as a compromise of this layer puts all of the hosted VMs at risk. I’ve also discussed the […]


Category: Beyond Anti-Virus Virtualization Security     Tags: , ,

We Need a Global Industry-wide Application Whitelist

by Neil MacDonald  |  April 3, 2009  |  9 Comments

My previous post on whitelisting has generated a lot of comments. Buried in the comment stream, I made this statement: I look forward to the time (hopefully soon) when an industry consortium or worldwide standards effort brings together legitimate ISVs to create a shareable whitelist for all to use. Whitelisting is foundational to any information […]


Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , ,