This article highlights the coming hangover that is due to occur, now that CIO's are past the courting stage of virtualization and now look to embrace/deploy it. As someone who's worked in both security and operations and now is responsible for the automation strategy for our 5 data centers, virtualization is simply another platform I must consider, no differently than any other, when it comes to security and availability. The key, for me, is the consistency of deployments. How can I ensure that the virtual servers have been deployed *exactly* as they are defined, according to corporate standards? We deploy all of our virtual environments from the same data center automation platform that we use to deploy patches, application upgrades and operating systems. These deployments are all done according to a Standard Operating Procedure (SOP) which are the result of shared best practices across the organization. This consistency allows us to feel that much better about the security of our virtual environments, cause at this point, it's configuration that pose the biggest risk, not some heap overflow flaw in ESX.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Check out VM Lockdown
DigitalStakeout offers a solution which extends traditional security best-practices into VMware ESX.
VM-Lockdown is a full suite of security services which can cover both virtual and physical networks. IPS/IDS, Vulnerability Management, Windows Policy Compliance and Network Access Control.
Hypervisor Shield
- Watch and control the Privileged Network
- Implement and enforce hypervisor best practices
Guest VM Shield
- Control & Manage new VM OS guests
- Watch and control VM OS guest to guest traffic
- Implement and enforce Guest OS Data protection policy
VMpolicy Shield
- Validating and alerting on common controls
- Validate Guest OS configuration for AV, Access control, policy compliance and approved software (patch level and hot fixes).
- Validate Hypervisor Configuration
- Access control and policy compliance
Check out VM-Lockdown at www.digitalstakeout.com.
Post new comment