As VM automation becomes more and more predominant in cloud environments, the issue of abstraction becomes more important. Consider if you will, an infrastructure in which the creation and management of VMs is fully automated. Now put all those applications and information and VMs in one big cloud that is all self-sufficient and constantly moving around due to load balancing and other automated processes. Then, add in cloud applications, plugins, security and anything else that could possibly run in that environment. Then, connect it all up so that every part of the infrastructure is inter-dependent and connects through a broker. And for fun’s sake, let’s assume there is a memory leak on one of the servers and your start losing VMs. Continue reading
One of the more recent topics around cloud and security to garner media attention is around the risks associated with inadequate patching policies as they relate to virtual machines. I know most people are thinking “Endpoint? Really? Isn’t that a simple thing to take care of in any environment?”, but the reality is that there are still nuances that are part of virtual and cloud environments that add a layer of complexity that a lot of IT professionals might not think of simply because they haven’t had to think in such terms yet. In particular, the notion of endpoint tagging as it relates to virtual snapshots or moving VMs is one of those instances. Continue reading
It’s been awhile since I’ve written about security, but last week I came across a really great (but frightening) example of how security is affected with virtual environments. An organization who was running a virtual environment suddenly lost access to their entire infrastructure. It wasn’t a result of a badly configured virtual environment, it was arguably one of the first examples that I have come across of an attack against a virtual environment. I don’t know if it was intentional, but it’s a very interesting story of just how the threat landscape is adapting.
Essentially what happened was that the Windows server their virtual environment was running on had suffered a malware infection. The worst thing was that it was a known exploit, but hadn’t been patched. What the exploit did was cause the server to hit the network stack with enough traffic to cause a DDoS attack against the management console. This brought not just everything down, but rendered the environment unavailable.
Can you imagine if this type of vulnerability happens in production environment, such as in a financial or e-commerce organization? Aside from the financial ramifications of not being available to customers, but if you couldn’t recover any of your data? This type of attack could theoretically cause irreparable damage to a company.
I know the whole concept of securing virtual environments is a new thing. I work with several research groups within the Cloud Security Alliance so I am aware of just how little information there is out there as it relates to best practices. But when a real-world example of how these types of attacks are starting to affect virtual environments, it makes it clear just how important these conversations are.
Now I am not sure what happened to the organization who was the unfortunate victim of the attack. I hope that the fact that they figured out it was a network issue means that once the vulnerability is patched the VMs can be restarted. But I doubt that this is a rare and isolated example, which means that it is officially time for security and infrastructure folks to step up their game.
The other day I was asked about application whitelisting as a way to deal with endpoint issues in virtual and cloud environments. I never really thought about it in this space, as usually application whitelisting was a technique used to control rogue users who like to install anything and everything on their desktops and laptops. So how does this practice affect virtual and cloud environments, and more importantly, does it make sense? Continue reading
I recently met with a Canadian cloud innovator, DataGardens, to provide some input on how their solutions would benefit different market segments, and be used for different key continuity and security functions. If you haven’t heard of DataGardens (I have to admit, I wasn’t familiar with them either) or their flagship solution, DataGardens WAVE, you might want to take a look at them again. Especially if you have need for virtualization or cloud business continuity services. Continue reading
I stumbled upon a post via Twitter the other day from Scott Lowe of Tech Republic on IDV (yes, I thought at first I was getting a mild case of dyslexia, but no, it is IDV) and the difference between VDI and IDV. IDV stands for Intelligent Desktop Virtualization and although it essentially delivers the same idea as Virtual Desktop Infrastructure (VDI) it’s actually not just more efficient, it’s really quite brilliant. Continue reading
I received a few emails looking for more information on how to start mapping their virtual and cloud environments to different compliance standards without starting to invest in security solutions. A free check-up if you will. Since this falls right in line with what I am hoping to get virtualization folks to start thinking about, you can think of this as a modification of Technology Tuesday, let’s call it Woohoo! Wednesday. The key is that it is indeed worthy of that exclamation mark because this compliance tool is not only free, but if you’re running a VMware environment, you probably have it already, you just don’t know it. Continue reading