•
•
•
•
In today's final VMware ESX security tip, I'll focus on one of the most important security considerations - documenting and monitoring configuration changes, especially security-related changes.
Find out why this is even more critical in a virtual environment than in a physical one.
Securing VMware ESX servers isn't enough when your securing a virtual environment. You need to make sure your Guest operating systems are secure as well. That's the focus of today's VMware Security Tip of the Day.
Patching isn't just for physical operating systems and applications. In today's podcast, I'll talk about patching in a virtual environment.
VMware ESX, VMware security; information security; Alex Bakman, Virtual Center
Today's tip focuses on the importance of Virtual Center for managing granular security access for your VMware environment.
You don't want to deploy VMware servers without it!
This week, I'll share the final five VMware Security Tips. I hope you've had a chance to listen to the first four I've posted over the past few weeks.
In today's tip, I'll talk about disabling all unnecessary services in the VMware ESX console.
Today, in my podcast, I'm exploring why disabling root access in VMware ESX servers is essential to meeting compliance audit requirements.
In today's VMware Security Tip of the Day, I'll explain the positive security benefits associated with maintaining VMware ESX's default security = high.
In today's VMware Security Tip of the Day, I'll address the importance of controlling network traffic to and from critical servers and how VMware makes physical segregation possible.
Download Podcast_VMwareTip2.mp3 (2138.0K)
View the first Security Tip of the Day podcast.
In today's VMware Security Tip of the Day, I'll address the architecture in the X86 environment, the primary vulnerability in VMware ESX, and how to address it.
People can argue all day about the pros and cons of VMware ESX security, but I want to give you 10 specific recommendations you can implement today. At VMWORLD 2006, I offered these 10 recommendations to improve ESX security in your shop.
You can download a PDF of my presentation materials here.
Hope these recommendations provide you with a more secure virtual environment.
Alex
People can argue all day about the pros and cons of VMware ESX security, but I want to give you 10 specific recommendations you can implement today. At VMWORLD 2006, I offered these 10 recommendations to improve ESX security in your shop.
You can download a PDF of my presentation materials here.
Hope these recommendations provide you with a more secure virtual environment.
Alex
With over 95% of IT Shops adopting virtualization technology in the Data Center, there is a growing debate going on about security and virtualized servers. Are they more secure or less secure? At VMWORLD 2006, I gave a presentation on this very topic. To answer the question, let's take a look at the underlying architecture of the ESX server.
First, kudos to the programmers and architects at VMWARE. They smartly designed the hyperviser kernel with the absolute minimum set of public interfaces. In fact, the only way to communicate to the hyperviser is via the network interface.
VMWARE does a good job of tightly controlling the network traffic using VLANs and VNICs. All virtual machines are isolated from each other by using hardware support in the chips.
So far, their architecture is no worse than in physical servers. More on virtualization and security tomorrow.
==================================================================================
For an interesting look at how virtualization is aiding IT in securing infrastructures, as well as how hackers are making use of virtualization, I urge you to check out Simpson Garfinkel's article from CSO magazine. It's a thought-provoking read.
With over 95% of IT Shops adopting virtualization technology in the Data Center, there is a growing debate going on about security and virtualized servers. Are they more secure or less secure? At VMWORLD 2006, I gave a presentation on this very topic. To answer the question, let's take a look at the underlying architecture of the ESX server.
First, kudos to the programmers and architects at VMWARE. They smartly designed the hyperviser kernel with the absolute minimum set of public interfaces. In fact, the only way to communicate to the hyperviser is via the network interface.
VMWARE does a good job of tightly controlling the network traffic using VLANs and VNICs. All virtual machines are isolated from each other by using hardware support in the chips.
So far, their architecture is no worse than in physical servers. More on virtualization and security tomorrow.
==================================================================================
For an interesting look at how virtualization is aiding IT in securing infrastructures, as well as how hackers are making use of virtualization, I urge you to check out Simpson Garfinkel's article from CSO magazine. It's a thought-provoking read.
Last update:
Thu Aug 28 18:25:35 2008
Alex Bakman
Andrew Wheeler
Ben Pryor
Better SCM
Brad Appleton
Brian Harry
Buck Hodges
Damon Poole
David Anderson
Eric Sink
Frank Schophuizen
Ian Olsen
James Manning
Joel from Canada
Kevin Parker
Longacre
Martin Woodward
Mike Clark
Mike Mason
MS Team Foundation
Plastic SCM
Rob Caron
Robert Cowham
Slava Imeshev
Version Control Blog
vincem