There has been some interesting conversations recently at both BriForum and in the blogosphere about VDI and Security, the premise being that VDI is not more secure than other ways of running Microsoft Windows. I want to address that comment head on and unequivocally state that VDI has quite a few security benefits. Now, let me state up front that VDI does not make the Windows OS more secure, nor is it a panacea for every possible security threat in today’s world of interconnected systems. However, it is well known that security is best addressed with multiple layers of protection with multiple defenses and VDI is one such technology. In particular it improves security by enabling better isolation and controls over the environment in...
Posts Tagged ‘ security ’
RSA 2012 – towards a new security architecture
The annual RSA conference kicks off today, and our team at VMware is fired up about ongoing developments in the security space. To provide some perspective on VMware’s approach, our CTO Steve Herrod is keynoting today at the Cloud Security Alliance summit . I’d like to give you a glimpse of the commentary he has planned. Today, IT is in a state of great change that has deep implications for the security community. We can see that data and applications are being accessed in a variety of new ways – SaaS applications are firmly entrenched, mobile applications are a demanding participant in any IT architecture; and simultaneously, existing applications are being housed in virtual containers. Effective support and control of...
2010 security news in review
A Happy New Year 2011 to you all! It is interesting to start the New Year reflecting on what went down in the security world in 2010 – here’s a compilation of some of the noteworthy events in 2010: January: EMC/RSA acquires Governance, Risk & Compliance (GRC) company Archer Technologies. April: Symantec purchases encryption company PGP Corp. for $300 million and Guardian Edge for $70 million. May: Symantec purchases VeriSign’s Identity & Authentication Business, including its Secure Socket Layer Certificate Services, for $1.28 billion May: Sophos sells the majority of its business to private equity investment firm APAX Partners for $830 million June: SonicWall agreed to be acquired ...
An emerging “View” of security and compliance
While server virtualization has gone mainstream, and set the table for private cloud infrastructure, another distinct and significant trend is poised to follow in its footsteps – Virtual Desktop Infrastructure (VDI), also referred to as Hosted Virtual Desktops (HVD) by Gartner. VDI or HVD refers to the use of desktop VMs hosted in the data center (much like virtual servers), that users remotely connect into. Recently VMware released View 4.5, which has significantly reduced the entry barrier for product adoption, gaining several kudos in the process. For example: One feature in particular, that security professionals ought to pay attention to, is the “Local Mode” feature in View 4.5. Local Model essentially enables disconnected desktop operation, making it...
HPC User Forum Meeting
I just got back from the 37th IDC HPC User Forum meeting in Seattle where I had been invited to participate on an HPC Cloud panel. The meeting was, as usual, a good event that brought together users and vendors for presentations and informal discussions on a variety of topics. For me, there were a few particularly interesting presentations, which I’ll cover in separate posts. I’ll cover the Cloud panel in this post. Our HPC Cloud panel, which was well organized by Sharan Kalwani from KAUST , focused on three issues: security, data transfer, and performance. I briefly summarize my comments on each topic. Having just returned from VMworld 2010 in San Francisco and being a newcomer...
Security is a major theme at VMworld 2010.
Allwyn Sequeira, VP Security & Network Solutions, VMware I’m just winding down from a whirlwind trip through VMworld 2010 – days filled with sessions and meetings, and nights filled with celebratory events! Nice to see that the show continues to be very technology focused, with participants from around the world eager to learn and share the advances being made on so many fronts. Security was a major theme this year, driven by three major forces: Enterprises are well down the path of virtualization, and as more critical assets get virtualized, security and compliance come to the fore. With so much interest in the benefits of cloud computing and infrastructure as a service, secure multi-tenancy is a top of mind issue. The security...
Quick preview of security sessions at VMworld 2010
VMworld 2010 is almost upon us. We have a lot to talk about on the security front, as we begin the process of “building in” security into virtualization and cloud infrastructures, and embark on the journey to secure private and hybrid clouds. The keynotes from Paul and Steve are always insightful – this year, in addition, there is a bit to talk about in the area of security, so do tune in! I have a couple of sessions: SE8389 – Architectural Overview of Virtualization Security for the Private Cloud SE8520 – Panel Discussion – Private Cloud – Virtualization Security and Compliance, Meeting PCI Standards I will be hosting three familiar experts in the virtualization and cloud security space: Bret Hartman,...
Securing Enterprise Assets as Virtualization and Cloud Computing take hold.
The massive transformation of IT, driven by virtualization and cloud computing initiatives, is compelling a re-think of the way enterprises protect their critical assets. The most critical resources are typically the applications and their data, and their systems that support them i.e. servers, storage and databases. Good security design employs a defense in depth approach to protect these resources from unauthorized user access and attacks. Our belief is that “all-virtual” architectures open the door for discontinuous innovation resulting in better security than was earlier possible, leveraging virtualization attributes such as introspection, instant insertion/layering, distributable enforcement, and policies that migrate with the workload. Ultimately, virtualization’s greatest benefit is un-tethering processing from the hardware, leaving the door open to migrate workloads and their dependencies to the...
