Virtualize Securely - VM Introspection and Automated Security in Action

Johnnie Konstantas

Subscribe to Johnnie Konstantas: eMailAlertsEmail Alerts
Get Johnnie Konstantas: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Blog Feed Post

5 Bookmarks We Like For Cloud Security

A lot of the technology news for the week is coming out of EMCWorld, where chief executive Joe Tucci is heralding that the age of virtualization and cloud adoption is here. Now given that EMC owns VMware, the virtualization platform market leader, the comments may seem expected – but data from analyst firms and demand side surveys all point to the very same conclusion — tens of thousands of private clouds based on virtualization will be deployed imminently. Now in the simplest of terms, a private cloud is a wholly owned network where the organization or corporate metes out its resources in the same way that a service provider manages customers. The fact that the network or data center is controlled by one entity (a business, university, government agency, etc.) makes it “private”. The “cloud” part of private cloud comes in when considering the compute scale, resiliency and platform in use. Virtualization is the likely platform of choice for most enterprises’ cloud deployment. So while there are all types of clouds (public, hybrid, etc.) if you have been considering virtualizing your data center or any portion of it, you are rolling out a private cloud. And you’ll need to consider how to best secure the critical workloads running within. Information on these topics abounds so this post in no-way aims at providing you with an exhaustive list. Rather we wanted to share with you some of the sites we like for their insights, accuracy and utility.

Gartner — For getting the latest information on market trends, especially for cloud and virtualizaton security, we think Neil MacDonald’s blog is a must read. As a Gartner fellow with 25 years in IT, Neil’s quotes on the space are ubiquitous as are his insights on virtualization security innovations and their importance to customers.

Juniper — Juniper’s focus on the cloud ready data center, is bringing forward some great innovation and products for architecting your private cloud. Chances are good that you are revisiting your network designs and looking for natural places to aggregate functionality and cut costs. This is one market-leading alternative worth a look, and the design guides can at least get you started with some great RFI/RFP material.

VMware — This is an obvious destination for all things virtualization, but we urge you to also bookmark the security resource center which is replete with all sorts of recommendations and guidance. The latest ones to catch our eye are the recently released vSphere 4.0 hardening guide and the FAQ on the benefits of using VMsafe (new with vSphere).

PCI v2.0 — Whether you deal in credit card information or not, the PCI Data Security Standard is one of the most prescriptive and concise among compliance regulations such as SOX, HIPAA, GLBA, FISMA, etc. And while no regulations currently deal explicitly with virtualization and cloud security, the PCI Security Standards Council (SSC) is taking the lead on this front and their work is likely to be a reference point for other standards.

Virtualization Practice — this one might be a surprise, but the folks at this highly efficient small analyst firm do a great job of synthesizing news, helpful links, vendor insights and industry happenings in their packed site. It’s especially helpful if you’re doing research on a topic, say VM Introspection [download PDF], or an angle where you’re bound to find a blog post and some helpful outbound links.

Read the original blog entry...

More Stories By Johnnie Konstantas

Johnnie Konstantas heads Gigamon’s security solutions marketing and business development. With 20+ years in telecommunications, as well as data and cybersecurity, she has done a little bit of everything spanning engineering, product management and marketing for large firms and fledglings.

Most recently, she was the VP of Marketing at Dato, a company pioneering large-scale machine learning. She was also VP Marketing at Altor Networks (acquired by Juniper), an early leader in virtualization security and at Varonis Systems. Past roles have included product management and marketing for Check Point, Neoteris, NetScreen and RedSeal Systems.

Johnnie started her career at Motorola, designing and implementing large-scale cellular infrastructure. She holds a BS in Electrical Engineering from the University of Maryland.