There has been quite a bit of discussion between myself, Tim Pierson, and other with respect to SSL man-in-the-middle attack possibilities within the virtual environment. But what are the chances that such an attack will happen, or that someone would know how to perform the attack? What does the attack depend upon?
TVP Tag Archives
Intrusion Protection and Detection within the Virtual Environment
Intrusion Protection Systems (IPS) differ quite a bit from Intrusion Detection Systems (IDS). An IPS is designed to modify some form of security setting when an intrusion is detected, thereby preventing the intrusion from being successful. An IDS on the other hand is just the detection component used by an IPS. Like all security tools used within a virtual environment there are four major ways to implement such devices. We will discuss later some best practices for managing a security tool. We will look at what is currently shipping over products hinted at for the future such as the OpenVSwitch, Xen Instropection API.
Open Source XenServer? ESXi to Follow?
Citrix has recently joined the Linux Foundation, and there is a report (which they seem to have endorsed) that they plan to open source XenServer. That’s not Xen, it’s XenServer – not the kernel, the product, the thing you stick on your server instead of ESXi, or sometimes vSphere.
It is entirely possible that Citrix’s lawyers have noticed that XenServer was so infected with GPL code that it was already Open Source anyway.
Are Hypervisor Vendors welcoming ISVs?
There is a great debate on which hypervisor vendor works with ISVs and which do not. You have a number of ISVs working with VMware that are just now starting to work with Hyper-V. A number of ISVs that are struggling to catch up in the virtualization space. Hypervisor Vendors that are directly competing with ISVs as well as welcoming ISVs. This story is not about any of this, but about how easy is it to launch a new product for each of the hypervisors available with or without help from the hypervisor vendor. In essence, is there enough documentation, community, and code out there to be interpreted as welcoming ISVs.
The Hypervisor Wars, a 2000-year old story
In the fog of the datacenter virtualization war, it is difficult to see clearly who will end up on top, and yet the outcome is almost certainly determined, and the victorious generals are even now moving on to fight new battles. Here at the Virtualization Practice we too would like to think we can see through the fog to work out who has won, so here are our thoughts, take account of them as you wish. They concern, primarily, the big four protagonists: Microsoft/Hyper-V, Citrix /Xen, VMware/vSphere and Red Hat/KVM.
VirtualBox OSE 3.0 – Still a viable Open Source option?
In trying to re-use some old server hardware I re-vsisted VirtualBox/Ubuntu, a viable and completely free Open Source option for non-virtualization-enabled hardware. It is a neat solution, simple and well-supported, but the open source version of VirtualBox is nobbled to make it extremely awkward to use, in a different way to VMware’s nobbling of the non-Open Source (but also free) ESXi.
Now is the time, for Oracle/Sun to put all the features of VirtualBox into the Open Source version, and let it live on, perhaps not for use on Linux servers, but as free virtualization platform for other operating systems on Windows. If Apple ever loosens up the licencing on MacOS, it could turn 15 million PCs into Macs – overnight.