On the last Virtualization Security podcast our guest was Robert Rounsavall, CEO of Trapezoid. Trapezoid is looking into how to alleviate supply chain security issues. In essence the security of the hardware. At many a presentation I have asked “do you trust the hardware and many times the answer is that they do another time is they do not. This depends entirely on your thoughts with respect to hardware security. But what can you do about hardware security? What is the worst that can happen if the hardware is infiltrated?
TVP Strategy Archives
Edward L. Haletky, aka Texiwill, is an analyst, author, architect, technologist, and out-of-the-box thinker. As an analyst, Edward looks at all things IoT, big data, cloud, security, and DevOps. As an author, he has written about virtualization and security. As an architect, Edward creates peer-reviewed reference architectures for hybrid cloud, cloud-native applications, and many other aspects of the modern business. As a technologist, Edward creates code prototypes for parts of those architectures. Edward is solving today’s problems in an implementable fashion.
Gaining Visibility into The Cloud: Migration and Security
On many a Virtualization Security Podcast I tend to mention that we need greater visibility into the cloud to judge whether Cloud Service Provider security measures are good enough. But why should we bother? I am not saying we should not be concerned about a cloud’s security but that we should as tenants be concerned with clouds meeting our security, compliance, and data protection policies and requirements. Will a cloud service provider ever be able to meet a specific organizations requirements as well as the cloud service providers policies and compliance?
Cisco Nexus 1000v: Free unless you want Security
While not particularly new news, the next version of the Cisco Nexus 1000v will be free, unless you want the security features. This is an interesting shift from Cisco with respect to VMware vCloud Director, the Nicira purchase, furthering UCS, and Cisco within non-UCS data centers. However, given other announcements, with respect to OpenStack, perhaps this is more a play to level the playing field between cloud architectures? But what I find most interesting, is that the changes to the Nexus 1000v also align with the changes we see in the vCloud Suites from VMware.
Licensing your Private Cloud
Both Microsoft and VMware have revamped their product suites and therefore their licensing once more and how you buy will dictate how you license (as always). It has taken a bit of time for all the information to percolate through to each corporate site and all the issues to be addressed. As we did before, let us look at licensing. We will look at first the old model of Hyper-V vs VMware vSphere vs Citrix Xen vs RedHat KVM. Then in a follow-on article we will look at the new cloud suite models.
New Breed of Replication Receiver Clouds
There is an ever increasing number of data protection providers creating replication receiver clouds as they team up with cloud service providers. This could herald the end of on premise tape use for some enterprises, leaving tape to be used primarily by cloud providers. There are major benefits for Quantum, Zerto, Veeam, and others to form replication receiver clouds, but these clouds are not just or storage anymore. They could be purely for storage, but this is not a big win for the cloud service providers. So why would cloud service providers be interested in being a storage endpoint for data protection? Why are they concerned with backup and offering it as a service?
Defense in Depth: Bromium vSentry for End User Computing
On the 8/9 Virtualization Security podcast we continued our discussions on defense in depth with a look at end user computing devices, specifically laptops and end point desktops, with Simon Crosby, CTO of Bromium. While we did also discuss phones and tablets we were focused more on the technology preview that now is Bromium vSentry. Bromium vSentry looks to protect laptops (and others) from unknown and 0-day attacks in a unique hardware assisted way. There is now a new tool in our defense-in-depth toolbox that meets an ever growing need. But what is the need and what is the tool?