This week I have been paying close attention to the developments of Hurricane Irene. In the beginning, Hurricane Irene looked like she was going visit Florida on her journey to the north. Even though it looked like Florida was going to get hit by this storm, it was still early and there was time for the storm to change course. It was also time to go out and make sure my Hurricane Supply Kit at least had the basics like batteries and flashlights as well as filling up the gas tanks of the cars. I have different levels of preparedness which depends on how close the storm is and the projected path. Just like I have steps in place to be prepared for the storm, most companies that I have worked for in Florida have a storm plan in place and like myself, do not sound the real alarm until the storm is 48 – 72 hours away from a hit but start to prepare for the alarm in case it is needed.
TVP Category Archives
5 Starting Steps to Protect Your Virtual and Cloud Environments
More and more is coming out about the attack from a MacDonald’s that left an organization crippled for a bit of time. The final tally was that the recently fired employee was able to delete 15 VMs before either being caught or he gave up. On twitter, it was commented that the administrator must not have been a powershell programmer because in the time it takes to delete 15 VMs by hand, a powershell script could have removed 100s. Or perhaps the ‘Bad Actor’ was trying to not be discovered. In either case, this has prompted discussions across the twitter-sphere, blog-sphere, and within organizations about how to secure from such attacks.
Virtualization & Cloud Backup News & New Players
At the NE VMUG, while walking the floor I saw a new virtualization backup player, perhaps the first generic Replication Receiver Cloud: TwinStrata. And information gained while not at the NE VMUG. There is also a new virtualization backup player just for Hyper-V: Altaro. As well as a new release of Quest vRangerPro. The Virtualization Backup market is a very dynamic market with new ideas, technologies, and concepts being put into the market at every turn. In many ways, the market leaders are not the bigger companies but the smaller and fast growing companies. In the past, it was about features associated with pure backup, but now it is about features and fast disaster recovery and recovery testing.
Replication Receiver Clouds: Protecting your Data
Security in the cloud and the virtual environment is ‘all about the data’ and not specifically about any other subsystem. It is about the data. As such the data has something it knows (the contents of the data), something it is (its signature), and something it has (its digital rights) and since it has these three elements, the data has all it has identity. However, protecting the data requires us to put things between the data and the real world such as firewalls, and complex role based access controls, as well as methods to replicate the data to other locations in a non-intrusive mechanism. The goal to such replication could be to ensure multiple sites have the same data (such as a hot-site) or to have the data available in another locations in case of disaster.
Virtualized Replication: vSphere APIs Expand
As a delegate for Tech Field Day 6 in Boston, I was introduced to SRM Replication as well as ZeRTO a third party replication tool. They seem to be as different as night and day but are they? Both work within the vSphere environment to replicate virtual disks regardless of storage type, and apparently hook into the same location within VMware’s API stack. This shows a maturity of VMware’s API stack that until now has been unknown and secret. In this one area, Microsoft Hyper-V is beating VMware vSphere: The availability of well known APIs that are easy for Third Parties to use. I now see a change in VMware’s behavior, can they continue this growth?
Security of Performance and Management tools within the Virtual Environment
The problem is that not everything is as black and white as security folks desire. If we implement performance and other management tools, we often need to expose part of our all important virtualization management network to others. But how do we do this safely, securely, with minimal impact to usability? Why do we need to this is also another question. You just have to take one look at the Virtualization ASsessment TOolkit (Vasto) to realize the importance of this security requirement. But the question still exists, how do you implement other necessary tools within your virtual environment without impacting usability?