Entries Tagged as 'Hypervisor Security'
by Neil MacDonald | December 9, 2011 | 1 Comment
I’m just back from Gartner’s US 2011 Data Center Summit held this week in Las Vegas. In my previous post, I talked about information security vendor’s concerns on the potential impact of the Eurozone crisis on information security spending. Here, I want to outline the top security-related issues and concerns that I discussed with attendees [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Cloud Security, GartnerDC, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization Security, vShield
by Neil MacDonald | February 10, 2011 | Comments Off
Last week, the US National Institute of Standards and Technology (NIST) published its final virtualization security guidelines. There are already guidelines available from the Center for Internet Security, VMware, Microsoft, and Citrix as well as guidelines from the Defense Information Security Agency in the form of STIGs. NIST adds to this collective knowledge and expands [...]
Category: Virtualization Virtualization Security Tags: Best Practices, Hyper-V, Hypervisor Security, Virtualization, Virtualization Security, VMware
by Neil MacDonald | January 26, 2011 | 5 Comments
In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred. Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and [...]
Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Best Practices, Cloud Security, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMware
by Neil MacDonald | December 1, 2010 | 4 Comments
As organizations virtualize their data centers, information security has had to evolve to support this. The same will be true as data centers evolve to private clouds – security must evolve to support the needs of private cloud infrastructure. For most organizations, virtualization will provide the foundation and the stepping stone for the evolution to [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Cloud Security, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization, Virtualization Security, VMware
by Neil MacDonald | March 14, 2010 | 1 Comment
Stuck at the airport after two consecutive JetBlue flight cancellations (and hoping the third isn’t cancelled as well), I ran across this recent article on a publicly documented and confirmed hypervisor attack – this time on the hypervisor used in the Sony PS3 (in this cases using a hardware-based timing attack). A different exploit (not [...]
Category: Next-generation Data Center Virtualization Security Tags: Hypervisor Security, Virtualization Security
by Neil MacDonald | February 11, 2010 | 6 Comments
In my post yesterday on MS10-015, I discussed a troublesome kernel-level vulnerability that affects most versions of Windows. Most of you will remember that Hyper-V’s parent partition is based on a slimmed down version of Windows called “Server Core”. Hmmm, could it be that the parent partition is affected? Yup, it’s affected. Don’t let the [...]
Category: Microsoft Security Virtualization Security Tags: Hyper-V, Hypervisor Security, Microsoft, Microsoft Security, Virtualization Security
by Neil MacDonald | April 22, 2009 | 4 Comments
On Tuesday April 22, VMware formally launched the next major release of its virtualization platform. The code has been released to manufacturing and will become generally available during this quarter. The atmosphere was upbeat, the buzz phrase “cloud” was generously sprinkled throughout the presentations and, most importantly, the importance of security as a core capability [...]
Category: Virtualization Security Tags: Hypervisor Security, Virtualization Security, VMsafe, VMware, vShield, vSphere
by Neil MacDonald | April 18, 2009 | 1 Comment
During the course of my blogging activities, this is the third time I’ve talked about something the security industry should do that I believe is so obvious that I called it a “no-brainer”. The first was in reference to a global, industry-wide effort to create a shareable, standards-based application whitelist database built directly from feeds [...]
Category: Next-generation Data Center Virtualization Security Tags: Hypervisor Security, Security No-Brainer, Virtualization Security, vSphere
by Neil MacDonald | March 2, 2009 | Comments Off
Last week, Microsoft released its beta guidelines for securing Hyper-V. Prescriptive guidance is an important first step for securely deploying any virtualization solution. As many of you know, Hyper-V is based on a virtual machine monitor that runs in a “parent” partition based on Windows Server 2008’s Server Core. Although Microsoft’s hypervisor itself is thin, [...]
Category: Virtualization Security Tags: Best Practices, Hyper-V, Hypervisor Security, Virtualization Security, VMware
by Neil MacDonald | February 20, 2009 | 2 Comments
In a previous post, I discussed that many people I talk with about virtualization and security are skeptical that the threat against hypervisors and virtual machine monitors is real. They point to the lack of a publicly disclosed breach that was caused by an attack on the virtualization layer as evidence that such attacks are [...]
Category: Virtualization Security Tags: Hypervisor Security, Microsoft
