Episode 1
From AstroArch
Virtualization Security Round Table Podcast 1 show notes
Go to Talkshoe to download or listen to the podcast. Available also on iTunes.
This was a lively discussion on Virtualization your DMZ which lead to all sorts of further comments from the security of VLANs, Data Comingling, and Cloud Computing. Overall the panelist stated yes you can Virtualize a DMZ but you need to apply good security practices such as the ones found within the Top Virtualization Security Links#ESX/ESXi section. Specifically the white paper DMZ Virtualization with VMware Infrastructure which was quoted from extensively. Good practices also include increased vigilance.
Then we moved onto the question from the chat on whether there was more education necessary needed for security experts. Some of else felt there was good movement in that direction, and others felt that there was a need for further education of Security Professionals in Virtualization and visa versa (okay the visa versa was not added but should have been!)
There was also a bit of discussion on VMsafe. Some people are waiting for it, while others are not. Hopefully those who wait are also implementing more traditional security mechanisms.
End comments were, yes there are tools to help, the next 12-24 months will be very interesting security wise, and more like the next 6 months and that VMsafe will once more change the landscape.
Iben Rodriguez joined us for the after podcast discussion where we discussed future topics for the podcast and set the date for the next episode: 29 January 2009, 2:30 EST.
Products discussed and some that were not are at Top Virtualization Security Links#Products as well as Third Brigade with their Third Brigade VM Protection.
Panelist BIOs
- Edmundo Costa is Catbird's COO & VP of Sales. He has built Catbird into its industry leadership position in comprehensive security for virtual and physical networks. Edmundo was previously a founding member of Tarantella's management team, a publicly-held middleware software company (NASDAQ: TTLA) focused on secure, remote access for Enterprises. Prior to Tarantella, Mr. Costa's held a number of sales and marketing positions, including Vice President of OEM Sales and U.S. Channel Sales at The Santa Cruz Operation (SCO), a publicly-traded software company and the pioneer in delivering UNIX operating system for the Intel platform. He received his MBA from Harvard Business School. He is a graduate of Cornell University with dual degrees in Industrial Engineering/Operations Research and Economics.
- Chris Hoff is Unisys Corporation’s Systems & Technology division chief security architect. Hoff has over 15 years of experience in high-profile global roles in network and information security architecture, engineering, operations and management. Prior to Unisys, he served as Crossbeam Systems' chief security strategist, was the CISO for a $25 billion financial services company and was founder/CTO of a national security consultancy and led the security engineering team of one of the first global managed network security service providers. Hoff is a prolific blogger and sought after speaker at leading security conferences.
- Iben Rodriguez is an Infrastructure Consulting Professional with over 20 years experience working in complex IT environments. Iben has an extensive knowledge of VMware-specific environments having spent 2 years working for VMware in various roles. Iben has led and delivered very complex projects for Fortune 500 companies, including Switzerland based pharmaceutical companies, one of the world's largest online auction companies and a large city government in southern California. Iben is considered one of the foremost industry experts in VMware-based security and infrastructure design.
- Edward L. Haletky is the author of VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. Haletky owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development. Haletky is also a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions, prolific blogger, and is working on new books on Virtualization.
Podcast audio improvements by Tim Pierson of DataSentry, Inc.
