TVP Tag Archives

Virtualization Forensics: How different is it?

Since coming out with VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment, I have continued to consider aspects of Digital Forensics and how current methodologies would be impacted by the cloud. My use case for this is 40,000 VMs with 512 Servers and roughly 1000 tenants. What I would consider a medium size fully functioning cloud built upon virtualization technology where the environment is agile. The cloud would furthermore contain roughly 64TBs of disk across multiple storage technologies and 48TBs of memory. Now if you do not think this exists today, you were not at VMworld 2009, where such a monster was the datacenter for the entire show and existed just as you came down the escalators to the keynote session.

40,000 Firewalls! Help Please!?

While at VMworld I was suddenly hit with a blast of heat generated by the 40,000 VMs running within the VMworld Datacenter of 150 Cisco UCS blades or so. This got me thinking about how would VMsafe fit into this environment and therefore about real virtualization security within the massive virtual machine possible within a multi-tenant cloud environment. If you use VMsafe within this environment there would be at least 40,000 VMsafe firewalls. If it was expanded to the full load of virtual NICs possible per VM there could be upwards of 400,000 virtual firewalls possible! At this point my head started to spin! I asked this same question on the Virtualization Security Podcast, which I host, and the panel was equally impressed with the numbers. So what is the solution?

KVM in RHEL 5.4 – Red Hat leaps out of the virtual shadows.

The Linux Kernel Virtual Machine (KVM) has been available for some time in, for example, Ubuntu 8.0.4 LTS (Released April 2008). KVM is widely used and stable and it is high time that Red Hat who acquired KVM when they purchased Qumranet in September 2008, started to move their customers onto it – at least to remove the uncertainty in the customer base.