Gartner Blog Network

Posts from Date:   2009-2

VMware Unveils vShield and Raises the Security Bar for all Virtualization Vendors

by Neil MacDonald  |  February 27, 2009

  As I have discussed from the beginning, the policy enforcement capabilities of information security technologies like firewalls, intrusion prevention systems, network access control and so on need to be virtualized in order to secure the next-generation adaptive data center. Network and trust separation in a virtual environment needs to be enforced based on logical […]

Read more »

SharePoint Security Best Practices

by Neil MacDonald  |  February 25, 2009

  I’m sure you’ve experienced the growth of SharePoint in your organizations firsthand (and those are only the deployments you know about!). SharePoint is a flexible product with a pretty powerful security architecture and it got even more powerful with the latest release. But with this flexibility comes complexity. In discussions with clients on securing […]

Read more »

Virtualization of Security Controls Enables Flexible Data Center Design

by Neil MacDonald  |  February 23, 2009

My colleague David Cappuccio recently provided his observations on tiered data center structures. As I read it, I was stuck by the similarities to what he was describing in IT operations to what I am seeing in information security. “Rather than build a tier 4 fully redundant data center that supports all mission critical systems, […]

Read more »

Hypervisor Attacks in the Real World

by Neil MacDonald  |  February 20, 2009

In a previous post, I discussed that many people I talk with about virtualization and security are skeptical that the threat against hypervisors and virtual machine monitors is real. They point to the lack of a publicly disclosed breach that was caused by an attack on the virtualization layer as evidence that such attacks are […]

Read more »

VMsafe: Cool for Virtualization Security, but no Panacea

by Neil MacDonald  |  February 18, 2009

VMsafe is essentially set of APIs at the level of the hypervisor/virtual machine monitor that VMware has opened up to developers (primarily of security tools). Since the virtual machine monitor arbitrates all access between the OSs that run on top of it and the shared hardware underneath (memory, CPU, disk and network), security vendors can […]

Read more »

Hypervisor Attacks and Hurricanes are Inevitable, but Breaches Don’t Have to Be.

by Neil MacDonald  |  February 17, 2009

In my research on virtualization security, I am frequently asked “Aren’t attacks on the virtualization layer just theoretical?” and “Do you know of any publicly disclosed hypervisor attack that resulted in damage or the loss of information?”. This is similar to standing on one of the levees around New Orleans prior to 2005 and asking […]

Read more »

Virtualization Security Is Transformational — If the Legacy Security Vendors Would Stop Fighting It

by Neil MacDonald  |  February 13, 2009

Hello and welcome to my blog. I will use this blog as a research tool to explore thoughts and observations on the future of information security and I encourage you to provide feedback as a part of that process. I’ll candidly share my thoughts and I hope you’ll share yours. This is my first posting, […]

Read more »