Virtualize Securely - VM Introspection and Automated Security in Action

Johnnie Konstantas

Subscribe to Johnnie Konstantas: eMailAlertsEmail Alerts
Get Johnnie Konstantas: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Cloud Computing, Cloud Computing Newswire

Blog Feed Post

Burton Group’s Catalyst Conference Proves Aptly Named

Altor was honored to join this group of industry luminaries

These days when cloud security is mentioned, most of us now have come to expect that the topic of data center virtualization, one near and dear to Altor’s heart, is not far behind. 

The Burton Group’s annual conference has long been a vastly respected event for its ability to draw top industry minds true to its namesake and catalyze meaningful discussion on emerging technologies and trends. This year’s gathering in San Diego was no different, and while topics ranged from SOA to security, cloud computing and virtualization commandeered much attention in the packed four-day agenda.

These days when cloud security is mentioned, most of us now have come to expect that the topic of data center virtualization, one near and dear to Altor’s heart, is not far behind.  Especially since it is – after all near de-facto architecture – for most private clouds and some public ones too.

So naturally our eyes were closely trained on Thursday’s 4:45pm session that promised a “debate” on hypervisor security with the goliaths of security and virtualization weighing in.

Well, maybe they weren’t wielding swords, but for 70 minutes Altor’s CEO joined the CTOs of RSA, NetApp, Citrix and VMware, not to mention Microsoft’s Virtualization GM in a lively discussion.  The dialogue focused on whether architectures such as VMware’s VMsafe API program (which solutions like Altor’s can leverage to embed within the hypervisor) constitute security risk or provide greater protection for virtualized environments.

Anytime competitors are pitted against each other on stage, brisk disagreement is sure to ensue, but with technical heavies of this caliber it is a logic-based argument and technical expertise that pervades the discussion.

Underlying the premise of the staged debate was the following (gleaned from the Burton Group conference’s agenda):

“Significant differences of opinion exist in how security policy should be enforced within virtual infrastructure. Are traditional host- and network-based practices enough, when shifted to virtual appliances within the virtual infrastructure? Or are new introspection architectures such as VMware’s VMsafe the future?”

Altor was honored to join this group of industry luminaries and to add our experiences in leveraging the  VMware VMsafe API program to deliver an innovative virtual firewall and virtual network security suite.

I’ll cut to the chase, while there was no clear winner it may very well be that there is more agreement then there is disagreement about the merits of hypervisor-based security. All present agreed that virtualization and cloud computing are changing the very fabric of data center designs and architectures. Naturally, new ways of securing virtualized resources are being brought forward because legacy approaches impede the virtualized network’s capacity for self-service and resource scaling. In other words if you’re going to virtualize your data center you’re well to virtualize your security as well.

While some skepticism about kernel-based software exists, the fact is that the hypervisor is a specialized operating system – the APIs are only available to established security solution providers and the process to certify is completely monitored by key stakeholders, in this case, the virtualization system provider. In the plus column, the hypervisor based approach gives customers unprecedented visibility and control over their virtual network traffic with virtual firewall and compliance mechanisms that are far more granular and automated then what is possible with the non-hypervisor based approach.

Read the original blog entry...

More Stories By Johnnie Konstantas

Johnnie Konstantas heads Gigamon’s security solutions marketing and business development. With 20+ years in telecommunications, as well as data and cybersecurity, she has done a little bit of everything spanning engineering, product management and marketing for large firms and fledglings.

Most recently, she was the VP of Marketing at Dato, a company pioneering large-scale machine learning. She was also VP Marketing at Altor Networks (acquired by Juniper), an early leader in virtualization security and at Varonis Systems. Past roles have included product management and marketing for Check Point, Neoteris, NetScreen and RedSeal Systems.

Johnnie started her career at Motorola, designing and implementing large-scale cellular infrastructure. She holds a BS in Electrical Engineering from the University of Maryland.