Neil MacDonald

I’ve been researching the intersection between virtualization and security for several years. Like security and cloud computing, virtualization and security is also following a maturity curve. The first several years were discussions with clients on how to deploy virtualization securely. Over the past 2 years, I’ve had an increasing number of calls on the virtualization [...]

Comments Off

Category: Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMsafe, VMware, vShield, vSphere

Share

I’m attending Symantec’s worldwide analyst conference in New York City today (24 May 2011). Symantec’s CEO, Enrique Salem, kicked off the morning with a discussion of Symantec’s role in the changing world of IT and information security. Enrique called out five megatrends that are challenging our preconceptions about the role of IT and information security: [...]

Comments Off

Category: Cloud Cloud Security Information Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: Cloud Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Security-Summit-NA, Virtualization Security

Share

This sounds exactly like what I wrote here and here. However, this quote isn’t mine. This quote comes from Deborah Plunkett who head the US National Security Agency’s Information Assurance Directorate. Deborah is quoted in this article on Reuters: “The most sophisticated adversaries are going to go unnoticed on our networks. We have to build [...]

Comments Off

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Security     Tags: Adaptive Security Infrastucture, Cloud Security, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Virtualization Security

Share

I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a change in licensing related to Forefront. Some history — in 2010, Microsoft reorganized the Server and Tools Business Unit placing the Forefront Endpoint [...]

Comments Off

Category: Cloud Cloud Security Endpoint Protection Platform Microsoft Microsoft Security Next-generation Data Center Virtualization Virtualization Security     Tags: Cloud Security, Endpoint Protection Platform, Hyper-V, Microsoft, Microsoft Security, Next-generation Data Center, Virtualization, Virtualization Security, Windows

Share

Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. [...]

Comments Off

Category: Virtualization Security     Tags:

Share

The cloud isn’t one thing, so securing the Cloud won’t be one thing either. The industry has settled on a layered framework for understanding, comparing and selecting cloud-based services. Gartner’s model has these high-level layers (with subcategories in each layer): Infrastructure as a Service (compute, storage, etc) Platform as a Service (middleware-like services such as [...]

3 Comments »

Category: Cloud Cloud Security Virtualization Virtualization Security     Tags: Cloud Security, Defense-in-Depth, Next-generation Data Center, Virtual Appliances, Virtualization Security

Share

I’m here at the RSA conference in San Francisco this week and attended the keynote yesterday afternoon given by Tom Gillis of Cisco. Although full details of the new SecureX architecture weren’t given, context-awareness was the lead message. I’ve been talking about the need for context-aware and adaptive security for quite a while. In this [...]

Comments Off

Category: Cloud Security Next-generation Security Infrastructure Virtualization Security     Tags: Adaptive Security Infrastucture, Next-generation Security Infrastructure, Virtualization Security

Share

Last week, the US National Institute of Standards and Technology (NIST) published its final virtualization security guidelines. There are already guidelines available from the Center for Internet Security, VMware, Microsoft, and Citrix as well as guidelines from the Defense Information Security Agency in the form of STIGs. NIST adds to this collective knowledge and expands [...]

Comments Off

Category: Virtualization Virtualization Security     Tags: Best Practices, Hyper-V, Hypervisor Security, Virtualization, Virtualization Security, VMware

Share

In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred. Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and [...]

5 Comments »

Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: Best Practices, Cloud Security, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMware

Share

I’ve commented before that complete protection is a combination of prevention and detection and that we’ve been far too focused on the prevention side of the equation trying to prevent all malware and infections. We simply cannot stop all of the bad guys. Period. You will be and already have been breached. One of the [...]

Comments Off

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Security     Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Defense-in-Depth, Next-generation Security Infrastructure, Reducing Complexity, Virtualization Security

Share