Guest column - the security challenge of virtualization mania
Editor's Note: Gregory Ness is the vice president of marketing for Blue Lane Technologies, a winner of the 2007 InfoWorld Technology of the Year for security, Best of Interop 2007 in security and the AO 100 Top Private Company award for 2006 and 2007. Blue Lane is also a 2007 Best of VMworld Finalist in data protection. Ness is a former marketing executive at Juniper Networks, Redline Networks, IntruVert Networks and ShoreTel who has been blogging for Always On network since 2004.
While pundits engage in theoretical debates about whether virtualized infrastructures are more or less secure than their physical counterparts, Allwyn Sequeira has explored the critical differences between VMs and physical servers and what those differences could mean for a security team, data center infrastructure, and strategies and tactics.
Last August Sequeira spoke at the Next Generation Data Center conference on virtualization security, also called "virtsec" by those in the industry. Allwyn is Blue Lane's CTO and SVP Product Operations. His conference presentation is about 52 minutes long, and is probably the most comprehensive presentation on the topic that is publicly available. It includes slides and audio and a feature that allows you to skip forward.
Allwyn is probably the most prolific speaker of 2007 when it comes to virtsec, as he has made about a half dozen appearances this year at industry events including Interop and the Next Generation Data Center Summit. This topic has bubbled up in the trade press over the last six months because organizations are now virtualizing production environments and discovering new security implications and possibilities.
His presentation is 19 slides and covers:
VirtSec: Myths and Realities
Why Security is Relevant to Data Center Virtualization
The Data Center Security Challenge
Data Center Architecture before Virtualization
Data Center Architecture after Virtualization
What Changes with Virtualization
How Virtualization Impacts Server Security
Various Approaches to Address the Impacts
This post is one in a series about virtsec that started with my February 2007 Always on blog post about the impact of virtualization on the network security industry. The previous post talked about VM security -or the protection of guest VMs- and its strategic importance to the three major virtualization platform vendors (MSFT, VMW and CTXS).
You may also want to see my personal blog at: https://www.archimedius.net/