SlideShare a Scribd company logo

Sans Mc Afee Pandel Slides

Download as PPT, PDF
Ahmed Sallam
Ahmed Sallam
TechnologyNews & Politics
1 of 8
Avoiding Security Mistakes In Virtualized Environments Ahmed Sallam Senior Technologist, Software Architecture & Strategy Chief Software Architect © 2009 The SANS™ Institute - www.sans.org
How to Avoid ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],© 2009 The SANS™ Institute - www.sans.org
Scanning of offline Virtual Images Running VMs Offline Images Scans VMs stored locally Scans VMs stored centrally
Securing underneath the OS VMSafe example ,[object Object],[object Object]
Security underneath the OS The evolution ,[object Object]
Enterprise Virtual Firewall / NIPS © 2009 The SANS™ Institute - www.sans.org
In Summary ,[object Object],[object Object],[object Object],© 2009 The SANS™ Institute - www.sans.org
Thank You © 2009 The SANS™ Institute - www.sans.org

Recommended

Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
The Cyber Crime Guide for Small and Midsize Businesses
The Cyber Crime Guide for Small and Midsize BusinessesThe Cyber Crime Guide for Small and Midsize Businesses
The Cyber Crime Guide for Small and Midsize BusinessesNE-INC
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 

Recommended

Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
The Cyber Crime Guide for Small and Midsize Businesses
The Cyber Crime Guide for Small and Midsize BusinessesThe Cyber Crime Guide for Small and Midsize Businesses
The Cyber Crime Guide for Small and Midsize BusinessesNE-INC
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
Dangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction WorkDangers of Scaffolding in Construction Work
Dangers of Scaffolding in Construction Workwhitecardaustralia0
 
10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered security10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered securityJose Lopez
 
The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14Aventis Systems, Inc.
 
CCNA Security 03- network foundation protection
CCNA Security 03- network foundation protectionCCNA Security 03- network foundation protection
CCNA Security 03- network foundation protectionAhmed Habib
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology BriefingJake Leonard
 
Celebrity bodyguards
Celebrity bodyguardsCelebrity bodyguards
Celebrity bodyguardsstanvankush
 
Ict - Computer Security
Ict - Computer SecurityIct - Computer Security
Ict - Computer Securityaleeya91
 
Cybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCyber Watching
 
Acronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis
 
Campus Safety
Campus SafetyCampus Safety
Campus SafetyProtection 1
 
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...SITA
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 
Hosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 EditionHosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 EditionAhmed Sallam
 
The Experience of Information
The Experience of InformationThe Experience of Information
The Experience of InformationJess McMullin
 
Using Your Powers for Good - As A Career
Using Your Powers for Good - As A CareerUsing Your Powers for Good - As A Career
Using Your Powers for Good - As A CareerCyd Harrell
 
Taking it to the next level major gifts
Taking it to the next level major giftsTaking it to the next level major gifts
Taking it to the next level major giftsRotary International
 
General brain function: Action – Outcome Evaluation
General brain function: Action – Outcome EvaluationGeneral brain function: Action – Outcome Evaluation
General brain function: Action – Outcome EvaluationBjörn Brembs
 
Promoted Products
Promoted ProductsPromoted Products
Promoted ProductsTina Vega Costello
 
UCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ PandelUCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ PandelRuss Pandel
 
Separating the meat from the chaff
Separating the meat from the chaffSeparating the meat from the chaff
Separating the meat from the chaffKacie Trimble
 
The structure and function of the brain
The structure and function of the brainThe structure and function of the brain
The structure and function of the brainCrystal Delosa
 
Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based ApplicationsWebinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based ApplicationsAujas Networks Pvt. Ltd.
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 

More Related Content

What's hot

10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered security10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered securityJose Lopez
 
The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14Aventis Systems, Inc.
 
CCNA Security 03- network foundation protection
CCNA Security 03- network foundation protectionCCNA Security 03- network foundation protection
CCNA Security 03- network foundation protectionAhmed Habib
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology BriefingJake Leonard
 
Celebrity bodyguards
Celebrity bodyguardsCelebrity bodyguards
Celebrity bodyguardsstanvankush
 
Ict - Computer Security
Ict - Computer SecurityIct - Computer Security
Ict - Computer Securityaleeya91
 
Cybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCyber Watching
 
Acronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis
 
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...SITA
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaEdureka!
 

What's hot (11)

10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered security10 critical elements of next generation of endpoint layered security
10 critical elements of next generation of endpoint layered security
 
The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14The Importance of Endpoint Protection - Featuring SEP 14
The Importance of Endpoint Protection - Featuring SEP 14
 
CCNA Security 03- network foundation protection
CCNA Security 03- network foundation protectionCCNA Security 03- network foundation protection
CCNA Security 03- network foundation protection
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology Briefing
 
Celebrity bodyguards
Celebrity bodyguardsCelebrity bodyguards
Celebrity bodyguards
 
Ict - Computer Security
Ict - Computer SecurityIct - Computer Security
Ict - Computer Security
 
Cybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEs
 
Acronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware Attack
 
Campus Safety
Campus SafetyCampus Safety
Campus Safety
 
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
Cybersecurity - Thomas Gourgeon, Head of International Operations, Orange Cyb...
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 

Viewers also liked

Hosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 EditionHosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 EditionAhmed Sallam
 
The Experience of Information
The Experience of InformationThe Experience of Information
The Experience of InformationJess McMullin
 
Using Your Powers for Good - As A Career
Using Your Powers for Good - As A CareerUsing Your Powers for Good - As A Career
Using Your Powers for Good - As A CareerCyd Harrell
 
Taking it to the next level major gifts
Taking it to the next level major giftsTaking it to the next level major gifts
Taking it to the next level major giftsRotary International
 
General brain function: Action – Outcome Evaluation
General brain function: Action – Outcome EvaluationGeneral brain function: Action – Outcome Evaluation
General brain function: Action – Outcome EvaluationBjörn Brembs
 
UCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ PandelUCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ PandelRuss Pandel
 
Separating the meat from the chaff
Separating the meat from the chaffSeparating the meat from the chaff
Separating the meat from the chaffKacie Trimble
 
The structure and function of the brain
The structure and function of the brainThe structure and function of the brain
The structure and function of the brainCrystal Delosa
 

Viewers also liked (9)

Hosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 EditionHosted desktops and server evolution technologies - 2014 Edition
Hosted desktops and server evolution technologies - 2014 Edition
 
The Experience of Information
The Experience of InformationThe Experience of Information
The Experience of Information
 
Using Your Powers for Good - As A Career
Using Your Powers for Good - As A CareerUsing Your Powers for Good - As A Career
Using Your Powers for Good - As A Career
 
Taking it to the next level major gifts
Taking it to the next level major giftsTaking it to the next level major gifts
Taking it to the next level major gifts
 
General brain function: Action – Outcome Evaluation
General brain function: Action – Outcome EvaluationGeneral brain function: Action – Outcome Evaluation
General brain function: Action – Outcome Evaluation
 
Promoted Products
Promoted ProductsPromoted Products
Promoted Products
 
UCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ PandelUCF Business Incubator Workshop Russ Pandel
UCF Business Incubator Workshop Russ Pandel
 
Separating the meat from the chaff
Separating the meat from the chaffSeparating the meat from the chaff
Separating the meat from the chaff
 
The structure and function of the brain
The structure and function of the brainThe structure and function of the brain
The structure and function of the brain
 

Similar to Sans Mc Afee Pandel Slides

Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based ApplicationsWebinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based ApplicationsAujas Networks Pvt. Ltd.
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitAmazon Web Services
 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Virtualization security
Virtualization securityVirtualization security
Virtualization securityAhmed Nour
 
Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudTjylen Veselyj
 
Enhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber RangeEnhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber Rangescoopnewsgroup
 
Chaos engineering for cloud native security
Chaos engineering for cloud native securityChaos engineering for cloud native security
Chaos engineering for cloud native securityKennedy
 
Ibm Mobile Device Security Datasheet V2.0
Ibm Mobile Device Security Datasheet V2.0Ibm Mobile Device Security Datasheet V2.0
Ibm Mobile Device Security Datasheet V2.0wendyking63
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-ensandeep1721
 
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Knowledge & Experience
 
Virutalization and the Future of Datacenter Security
Virutalization and the Future of Datacenter SecurityVirutalization and the Future of Datacenter Security
Virutalization and the Future of Datacenter Securityguestb09e16
 
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Akamai Technologies
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentationMangesh Gunjal
 
The World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueThe World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueCisco Canada
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Amazon Web Services
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver NarrTI Safe
 

Similar to Sans Mc Afee Pandel Slides (20)

Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based ApplicationsWebinar on Common Mistakes and Learnings in Securing Cloud Based Applications
Webinar on Common Mistakes and Learnings in Securing Cloud Based Applications
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS SummitCarry security with you to the cloud - DEM14-SR - New York AWS Summit
Carry security with you to the cloud - DEM14-SR - New York AWS Summit
 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
 
Virtualization security
Virtualization securityVirtualization security
Virtualization security
 
Virtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the CloudVirtual Machine Introspection - Future of the Cloud
Virtual Machine Introspection - Future of the Cloud
 
Enhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber RangeEnhancing your Cyber Skills through a Cyber Range
Enhancing your Cyber Skills through a Cyber Range
 
Chaos engineering for cloud native security
Chaos engineering for cloud native securityChaos engineering for cloud native security
Chaos engineering for cloud native security
 
Ibm Mobile Device Security Datasheet V2.0
Ibm Mobile Device Security Datasheet V2.0Ibm Mobile Device Security Datasheet V2.0
Ibm Mobile Device Security Datasheet V2.0
 
Brochure network security-en
Brochure network security-enBrochure network security-en
Brochure network security-en
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
 
Virutalization and the Future of Datacenter Security
Virutalization and the Future of Datacenter SecurityVirutalization and the Future of Datacenter Security
Virutalization and the Future of Datacenter Security
 
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
Site Shield Product Brief - Origin defense by cloaking web infrastructure and...
 
Cloud security
Cloud securityCloud security
Cloud security
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentation
 
The World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueThe World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the Rescue
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 

More from Ahmed Sallam

RSA SF Conference talk-2009-ht2-401 sallam
RSA SF Conference talk-2009-ht2-401 sallamRSA SF Conference talk-2009-ht2-401 sallam
RSA SF Conference talk-2009-ht2-401 sallamAhmed Sallam
 
Intel vmcs-shadowing-paper
Intel vmcs-shadowing-paperIntel vmcs-shadowing-paper
Intel vmcs-shadowing-paperAhmed Sallam
 
Hosted Desktop and Evolution of Hardware Server Technologies-2015 Edition
Hosted Desktop and Evolution of Hardware Server Technologies-2015 EditionHosted Desktop and Evolution of Hardware Server Technologies-2015 Edition
Hosted Desktop and Evolution of Hardware Server Technologies-2015 EditionAhmed Sallam
 
Hosted desktop and evolution of hardware server technologies - 2015 edition
Hosted desktop and evolution of hardware server technologies - 2015 editionHosted desktop and evolution of hardware server technologies - 2015 edition
Hosted desktop and evolution of hardware server technologies - 2015 editionAhmed Sallam
 
The new era of mega trends securtity
The new era of mega trends securtityThe new era of mega trends securtity
The new era of mega trends securtityAhmed Sallam
 
Ahmed sallam technical_journey_1992_1999
Ahmed sallam technical_journey_1992_1999Ahmed sallam technical_journey_1992_1999
Ahmed sallam technical_journey_1992_1999Ahmed Sallam
 
Arm tech con 2014 slides - sallam-public
Arm tech con 2014 slides - sallam-publicArm tech con 2014 slides - sallam-public
Arm tech con 2014 slides - sallam-publicAhmed Sallam
 
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...Ahmed Sallam
 
VMWorld 2009 Presentation
VMWorld 2009 PresentationVMWorld 2009 Presentation
VMWorld 2009 PresentationAhmed Sallam
 

More from Ahmed Sallam (9)

RSA SF Conference talk-2009-ht2-401 sallam
RSA SF Conference talk-2009-ht2-401 sallamRSA SF Conference talk-2009-ht2-401 sallam
RSA SF Conference talk-2009-ht2-401 sallam
 
Intel vmcs-shadowing-paper
Intel vmcs-shadowing-paperIntel vmcs-shadowing-paper
Intel vmcs-shadowing-paper
 
Hosted Desktop and Evolution of Hardware Server Technologies-2015 Edition
Hosted Desktop and Evolution of Hardware Server Technologies-2015 EditionHosted Desktop and Evolution of Hardware Server Technologies-2015 Edition
Hosted Desktop and Evolution of Hardware Server Technologies-2015 Edition
 
Hosted desktop and evolution of hardware server technologies - 2015 edition
Hosted desktop and evolution of hardware server technologies - 2015 editionHosted desktop and evolution of hardware server technologies - 2015 edition
Hosted desktop and evolution of hardware server technologies - 2015 edition
 
The new era of mega trends securtity
The new era of mega trends securtityThe new era of mega trends securtity
The new era of mega trends securtity
 
Ahmed sallam technical_journey_1992_1999
Ahmed sallam technical_journey_1992_1999Ahmed sallam technical_journey_1992_1999
Ahmed sallam technical_journey_1992_1999
 
Arm tech con 2014 slides - sallam-public
Arm tech con 2014 slides - sallam-publicArm tech con 2014 slides - sallam-public
Arm tech con 2014 slides - sallam-public
 
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...
An Analysis And Solution For The Problem Of Hidden Orphan Processes On Window...
 
VMWorld 2009 Presentation
VMWorld 2009 PresentationVMWorld 2009 Presentation
VMWorld 2009 Presentation
 

Recently uploaded

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 

Sans Mc Afee Pandel Slides

  • 1. Avoiding Security Mistakes In Virtualized Environments Ahmed Sallam Senior Technologist, Software Architecture & Strategy Chief Software Architect © 2009 The SANS™ Institute - www.sans.org
  • 2.
  • 3. Scanning of offline Virtual Images Running VMs Offline Images Scans VMs stored locally Scans VMs stored centrally
  • 4.
  • 5.
  • 6. Enterprise Virtual Firewall / NIPS © 2009 The SANS™ Institute - www.sans.org
  • 7.
  • 8. Thank You © 2009 The SANS™ Institute - www.sans.org

Editor's Notes

  1. Holistic Approach Don’t take a hit and miss approach to Virtualization Security. Consider Vendor Partners that bring solutions to the table vs. point products to help you tame these complex environments vs. you having to manage the diverse technology. Baked In Implement Security Best Practices when designing your environment, like. A Secure Design Approach Separate and Isolate Management Networks Plan for VM mobility Partition trust zones Combine trust zones using virtual network segmentation and virtual network management best practices Combine trust zones using portable VM protection there are 3 rd -party tools that can help with this A Secure Deployment approach Harden VMware Infrastructure according to their guidelines There are other 3 rd -party: STIG, CIS, Xtravirt Security Risk Assessment template, etc. Always secure virtual machines like you would physical servers Anti-virus, Patching, Host-based intrusion detection/prevention and Use Templates and Cloning to enforce conformity of virtual machines Hidden Costs Planning for training of personnel should be taken into consideration, also software security products (agents or appliances) if needed as a result of your up front design work. Don’t forget to work with your vendor over pricing models for software if they will need to be changed.
  2. Top Market Challenges Virtual machine (VM) sprawl: Enterprise applications are easier to provision and deploy in virtual environments when compared to physical servers. In many cases, it takes as little as 15 minutes to bring up an application (Source: Gartner). Ease of deployment leads to VMs even for small workloads, further exacerbating the sprawl. Proliferation of VM creates a periodic need for virtualized applications to be brought offline for patching, configuration, testing and backup. Archived VMs stay offline for extended periods of time, some for as long as 7years to meet regulatory requirements (e.g. Financial apps/transactions have to be saved for 7years) Operating systems and applications within an archived VM remain un-patched while Microsoft continues to introduce new security patches monthly. Same applies to other application vendors. Offline VMs pose a serious risk upon activation since their security profile is out-of-date. VirusScan Enterprise for Offline Virtual Images is the solution. Integrated support for offline VMs Ensures security on offline VMs is up-to-date Identify malware Remove malware Automate security updates Manageable by ePO our global management console VSE for OVI - Flexible Deployment Scenarios Scans VMs stored locally Scans VMs stored centrally
  3. Traditional Solution Pros Maximum utilization of ESX/Hardware platform No security restrictions on data paths within ESX, “policies applied in the network”   Cons Vulnerability in virtualization layer can break separation All traffic between VMs is passed over the network Firewall is blind to VM internal network, only sees traffic sent to it, potential for inter-VM traffic that is uninspected Virtual switch/network based separation of server traffic Cost savings limited to server consolidation, firewall may be under-utilized or over-utilized McAfee Virtual F/W It’s really a firewall for the “virtual world”, it can assist with Correcting security oversights in your virtualization efforts by: Enabling inter-VM access control policies Delivering IPS inspection of traffic within the virtual network Delivering fully integrated McAfee Anti-virus, SSL decryption, and McAfee SmartFilter URL filtering utilizing our Trusted Source Technology It can Improve audit capabilities, facilitate separation and control, so it really is a full function device for the virtual environment.
  4. Tighter integration of security capabilities initiatives like VMSafe will Protect the VM by inspection of virtual components (CPU, Memory, Network and Storage). Providing complete integration and awareness of VMotion, Storage VMotion, HA, etc. This in turn will provide an unprecedented level of security for the application and the data inside the VM. Security virtualization challenge really has to do with people and processes Adapting processes that are used in securing physical assets, for configuration management, patch management, or change management generally, are evermore important in this new environment. Education on unique virtualization security issues and capabilities. We have to ensure that not only security, but audit, operations, and others are educated on these topics, so they can properly interface with the security group when they will.