Neil MacDonald

1) In this post, I discussed how Macs are indeed vulnerable and provided data showing exactly this. I observed:
The vulnerabilities are there, including users that can be tricked into doing things they shouldn’t. Mac attacks happen and will become more prevalent as the OS continues to gain adoption.
And then I see this article saying making [...]

[Read more →]

A proxy-based model for externalizing and enforcing security policy is the right approach and becoming more, not less, relevant.
To be clear, I’m not just talking about network traffic proxies. I mean everywhere up and down the IT stack. For example, when web users talked to web applications, we use load controllers, web access management gateways [...]

[Read more →]

As I listened to the keynotes Tuesday and Wednesday at VMworld, a couple of things stood out. It is refreshing to hear the CEO and CTO of a platform vendor talk about the importance of security in both of their respective keynotes. Make no mistake, VMware will be a factor in shaping the future of [...]

[Read more →]

As security controls are virtualized (e.g. firewalls, IPS, web application firewalls and so on), one of the more significant concerns is performance and throughput.
I remember a demonstration about a year ago where an IPS running in a VM virtual appliance easily consumed 2 out of 8 cores in a multicore system. A 25% overhead for [...]

[Read more →]

Piqued your interest? Bear with me. In a previous post, I promised to revisit the issue of “Fast-path” and “Slow-path” in the VMware vSphere platform.
With vShpere, VMware has released the first commercial implementation of its VMsafe set of APIs. As I have discussed, VMsafe is cool, but not a panacea. VMsafe provides developers two alternatives [...]

[Read more →]

I’ve been absent for a few weeks from my regular blogging activities performing research and building the final presentations for next week’s Gartner Information Security Summit in Washington DC.
This is Gartner’s single largest event focused exclusively on all aspects of information security. All of the information security analysts will be there discussing topics as diverse [...]

[Read more →]

In my daily conversations with clients on virtualization security, one of the issues that we frequently discuss is whether or not they need virtualized security controls like firewalls and intrusion prevention systems to isolate and inspect traffic between virtual machines.
One line of reasoning goes like this: If the workloads in the VMs have similar trust [...]

[Read more →]

When I called this “virtualization security” week, I wasn’t kidding. There were at least a dozen different session on the topic this week at the RSA conference in San Francisco. I’ve been researching the issue for several years, so it is exciting to see ideas and recommendations I have been giving in research, inquires and [...]

[Read more →]

On Tuesday April 22, VMware formally launched the next major release of its virtualization platform. The code has been released to manufacturing and will become generally available during this quarter. The atmosphere was upbeat, the buzz phrase “cloud” was generously sprinkled throughout the presentations and, most importantly, the importance of security as a core capability [...]

[Read more →]

I am out in the San Francisco area for a number of virtualization security-related events this week. I’ve been frequently blogging on this topic since my first post.
Today, VMware formally launches vSphere 4. The launch is being simulcast here. Hopefully, VMware will provide specific details on three areas of interest that I have. First, I [...]

[Read more →]