Episode 9
From AstroArch
Virtualization Security Round Table Podcast Episode 9 show notes
- VMsafe and Live from Virtualization Congress
Go to Talkshoe to download or listen to the podcast. Soon to be available also on iTunes.
We got the skinny on security talks at Virtualization Congress from Michael Berman. Chrisofer Hoff's went well as well as the panels. Most of virtualization congress appeared to be on Planning your environment.
Bill McGee at Trend Micro joined us to discuss VMsafe, specifically we found out how it was implemented:
- To use VMsafe, the vendor must create a driver for ESX which then can either do everything (fastpath) or communicates with a VM (slowpath) to do the work.
- There is no testing between multiple vendor drivers, so be sure to test yourself
- Communication between driver and VM is through a VMsafe protocol channel unrelated to VMCI, VIC, and any other known API channel
- Slowpath VMs used for VMsafe SHOULD be placed within a secure location of any virtual network. Security of this appliance is left up to you and the vendor.
- VMsafe can do full deep packet inspection of traffic as well as full memory inspection but this will impact performance
- Trend Micro's product actually uses the VMware DDK which means it could work on ESX 3.5.
- Trend Micro is working on larger aspects of virus scanning and some network management/firewall with the purchase of Third Brigade, thereby using more aspects of VMsafe.
Panelist BIOs
- Michael Berman is the CTO of Catbird, with over 20 years experience in system engineering, architecture, design and implementation of secure computing. Michael's experience includes implementation of C2 UNIX; Fortune 100 enterprise security; and expert support in the prosecution of computer crimes. He is a member of the Electronic Crimes Task Force and High-Tech Crime Investigation Association and a Certified Information Security Systems Professional (CISSP). Michael is a frequent speaker on the topic of virtualization and security.
- Chris Hoff is Unisys Corporation’s Systems & Technology division chief security architect. Hoff has over 15 years of experience in high-profile global roles in network and information security architecture, engineering, operations and management. Prior to Unisys, he served as Crossbeam Systems' chief security strategist, was the CISO for a $25 billion financial services company and was founder/CTO of a national security consultancy and led the security engineering team of one of the first global managed network security service providers. Hoff is a prolific blogger and sought after speaker at leading security conferences.
- Iben Rodriguez is an Infrastructure Consulting Professional with over 20 years experience working in complex IT environments. Iben has an extensive knowledge of VMware-specific environments having spent 2 years working for VMware in various roles. Iben has led and delivered very complex projects for Fortune 500 companies, including Switzerland based pharmaceutical companies, one of the world's largest online auction companies and a large city government in southern California. Iben is considered one of the foremost industry experts in VMware-based security and infrastructure design.
- Edward L. Haletky is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing ESX and the Virtual Environment, VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. Haletky owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development. Haletky is also a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions, prolific blogger, and is working on new books on Virtualization.
- Bill McGee is senior director of product development at Trend Micro and came to the company through its acquisition of Third Brigade, where he was founder and VP of Products and Technology. Under Bill's technology leadership, Third Brigade emerged to the forefront of the virtualization security market with comprehensive solutions addressing security and compliance requirements in virtualized dynamic datacenters and cloud computing environments. Prior to joining Third Brigade, Bill was Senior-Vice President of Product Development at Entrust for over six years and was part of the founding team which created Entrust as a spin-out from Nortel Networks. Bill managed growth of the product development team from a small group to over 300 people and their development of the award-winning Entrust product line. While a member of the cryptographic systems group at Nortel Networks, Bill did pioneering work applying public-key technologies to communication systems. Bill McGee has a B.A.Sc. (Electrical Engineering) from Queen's University and has completed the Stanford Graduate School of Business Executive Program for Growing Companies.
Comments
Talk:Episode 9Podcast audio improvements by Tim Pierson of DataSentry, Inc.
