Virtualization Security vendors are starting to seriously investigate the possibilities of the various introspection APIs available to the hypervisors. Introspection APIs allow security groups to now investigate the security of a virtual network, virtual machine, and other components from without. In other words, why rely on an agent within the VM to protect your network, virtual machine, or components. Instead, we can use these APIs to peer into these components from without the system to be tested.
TVP Category Archives
Security Health Checks
Security baselines and security health checks are an important part of any modern day infrastructure. These checks are done periodically throughout the year, usually ever quarter. In my opinion this is a good thing to check and make sure your security settings are following the guidelines that the company has set out to achieve. Here is where I do have a problem. When setting up the guidelines for the different technologies in your infrastructure it would make the most sense that the people establishing the guidelines need to fully understand the technology they are working with. After all, would you really want the midrange or mainframe group to write the policies and guidelines for the Microsoft Windows Servers in your environment?
VMware vSphere Security Guidance, just the Beginning
On the most recent Virtualization Security Podcast, the panel was joined by VMware’s Charu Chaubal to discuss the latest draft of the VMware vSphere hardening guide.
Virtualization Security for the SMB, Starting Point for All
The most recent Virtualization Security Podcast was on the subject of virtualization security for the SMB. Specifically cover the case where the customer wanting virtualization security could afford to purchase a hypervisor and perhaps one other security product. In the end the panelists came up with a list of suggestions for virtualization security for the SMB that are applicable to all levels of Virtualization. The panel looked at SMB security with an eye towards Availability, Integrity, and Confidentiality.
Virtualization Security Product Space Heating Up!
There are now more players in the virtualization security product space. While at RSA Conference 2010 I walked the show floor in search of these vendors to discover what they were doing. While some vendors do not address virtualization security, the vast majority are either looking to do so or actually have a virtualization security product.
Altor Networks wins RSA Innovation Sandbox
While at RSA Conference I visited the RSA Innovation Sandbox and noticed that three out of ten virtualization security vendors were finalists:
* Altor Networks
* Catbird Security
* HyTrust
Alto Networks won the Innovation Sandbox contest and all that goes with it. Congratulations to them, but Altor’s win is actually a win for all virtualization security players. It shows that virtualization security is extremely important to the data center as well as moving forward to the cloud.