Ellen - This is a great article. The team at Egenera has been working on managing hypervisors for over 3 years.
Re: Virtual security virtually missing.
We believe the biggest obstacle to hypervisors being used in production will not be performance or stability but WILL be management of virtual complexity (security, asset control, patching, change control). Check out Egenera's PAN Manager if you get a chance. We can manage Xen, VMWARE, Solaris Zones, and Virtuozzo virtual machines plus the underlying hardware, network, and SAN via PAN.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Whats missing is VM to VM security controls
Great article indeed and it was a pleasure talking with Ellen when she interviewed a number of us for this story.
One comment I'd like to make publicly is that the main issue I see is the lack of security controls between virtual machines. Yes, there are other problems such as the possibility to hijack another VM by jumping from one memory space to another but what about securing the virtual network?
Physical or Virtual we will always have a need to lock down and isolate communication between devices be it physical or virtual.
What is really missing from the solutions that are currently trying to address the security problems are VM to VM isolation. Most products that are Virtual Security products can still only see Virtual to Physical LAN communication and many will argue that this job is already being done by physical Firewalls and IPS devices.
John Peterson
Security Veteran
Blog: http://www.vmwaresecurity.com
Post new comment