Smarten up your virtual security posture

Securing virtualised environments


Virtualisation is now widely acknowledged as an important development in enterprise computing with forecasts of rapid growth for both server and storage virtualisation.

It is also widely acknowledged that managing a virtualised environment is more difficult than managing a traditional one.

"The increased complexity which comes from introducing virtualised environments to the enterprise has consequences in system management. The extra layers of technology make it more difficult to ensure proper control and this has implications for security and compliance," says Dennis Moreau, chief technology officer at system management tool builder Configuresoft.

He goes on to point to security vulnerabilities which are specific to virtualised environments and says system managers need ways to detect and deal with them: "We all know that virtual environments are not perfect. VMWare ESX, for example, has had 10 to 12 new vulnerabilities each year for the past three years. You need to know they exist and you need to know what you can do about them."

Moreau says Configuresoft Intelligence for Virtualisation, his company's latest product release, uses business intelligence and decision support techniques to give system managers a clear view of their virtualised environments. It uses a Virtual Security Posture Dashboard to give snapshots of an organisation's security and compliance status so potential problems can be identified quickly and appropriate action taken to solve them.

Configuresoft's monitoring software tracks between 60,000 and 80,000 configuration settings in a typical virtualised environment. Moreau notes that the monitoring methods also take account of system performance: "You can't make security changes without considering the impact on system performance so we can show the effects of changes in security settings and managers can choose the options they want." ®


Other stories you might like

  • Will Lenovo ever think beyond hardware?
    Then again, why develop your own software à la HPE GreenLake when you can use someone else's?

    Analysis Lenovo fancies its TruScale anything-as-a-service (XaaS) platform as a more flexible competitor to HPE GreenLake or Dell Apex. Unlike its rivals, Lenovo doesn't believe it needs to mimic all aspects of the cloud to be successful.

    While subscription services are nothing new for Lenovo, the company only recently consolidated its offerings into a unified XaaS service called TruScale.

    On the surface TruScale ticks most of the XaaS boxes — cloud-like consumption model, subscription pricing — and it works just like you'd expect. Sign up for a certain amount of compute capacity and a short time later a rack full of pre-plumbed compute, storage, and network boxes are delivered to your place of choosing, whether that's a private datacenter, colo, or edge location.

    Continue reading
  • Intel is running rings around AMD and Arm at the edge
    What will it take to loosen the x86 giant's edge stranglehold?

    Analysis Supermicro launched a wave of edge appliances using Intel's newly refreshed Xeon-D processors last week. The launch itself was nothing to write home about, but a thought occurred: with all the hype surrounding the outer reaches of computing that we call the edge, you'd think there would be more competition from chipmakers in this arena.

    So where are all the AMD and Arm-based edge appliances?

    A glance through the catalogs of the major OEMs – Dell, HPE, Lenovo, Inspur, Supermicro – returned plenty of results for AMD servers, but few, if any, validated for edge deployments. In fact, Supermicro was the only one of the five vendors that even offered an AMD-based edge appliance – which used an ageing Epyc processor. Hardly a great showing from AMD. Meanwhile, just one appliance from Inspur used an Arm-based chip from Nvidia.

    Continue reading
  • NASA's Psyche mission: 2022 launch is off after software arrives late
    Launch window slides into 2023 or 2024 for asteroid-probing project

    Sadly for NASA's mission to take samples from the asteroid Psyche, software problems mean the spacecraft is going to miss its 2022 launch window.

    The US space agency made the announcement on Friday: "Due to the late delivery of the spacecraft's flight software and testing equipment, NASA does not have sufficient time to complete the testing needed ahead of its remaining launch period this year, which ends on October 11."

    While it appears the software and testbeds are now working, there just isn't enough time to get everything done before a SpaceX Falcon Heavy sends the spacecraft to study a metallic-rich asteroid of the same name.

    Continue reading

Biting the hand that feeds IT © 1998–2022