SlideShare a Scribd company logo

Virtual Server Security Trends

ReadWrite
ReadWrite
Technology
1 of 3
Download to read offline
Industry Brief: Virtualization Trends Ensuring Security for Virtual Server Infrastructure The trend toward virtualization of IT infrastructure has been New PCI Virtualization Guidelines primarily focused on enterprise servers, especially in data Another factor driving secure virtualization is the increasing centers where the resulting efficiencies represent significant cost pressure from regulatory requirements to demonstrate effective savings for IT organizations. Because virtualization adds layers of protection of server infrastructures that house critical data technology, it also necessitates changes in security management. and applications. A good example of how security standards Virtualization introduces a new level of complexity for information are affecting virtualization efforts is a guidance paper recently security teams, which are responsible for hardening virtual published by the Payment Card Industry Security Standards systems while also supporting increased density and dynamic Council (PCI SSC).4 Authored by a PCI special interest group provisioning. consisting of more than 30 companies, including merchants, The importance of security in such environments cannot be vendors, and Qualified Security Assessors (QSAs), the paper overstated. Data protection on server infrastructure has been addresses the security implications of virtualization and maps a top IT priority for some time, because it is on servers that them against the 12 main requirements of the PCI Data Security significant data breaches are most likely to occur. In fact, Standard (PCI DSS), indicating what actions should constitute best 98 percent of compromised records are exposed on servers practice for each of the requirements.5 and online applications.¹ The PCI guidelines for the use of virtualization in cardholder data Even as virtualization adds infrastructure layers, information environments are based on the following four principles: security best practices remain conceptually the same. “In a. If virtualization technologies are used in a cardholder data general, organizations should have the same security controls environment, PCI DSS requirements apply to those virtualization in place for the virtualized operating systems as they have for technologies. the same operating systems running directly on hardware,” according to a recent report from the National Institute of b. Virtualization technology introduces new risks that may not be Standards and Technology (NIST).² The NIST report recommends relevant to other technologies, and that must be assessed when that organizations secure virtual systems “based on sound adopting virtualization in cardholder data environments. security practices, such as keeping software up-to-date with c. Implementations of virtual technologies can vary greatly, and security patches, using secure configuration baselines, and using entities will need to perform a thorough discovery to identify host-based firewalls, antivirus software, or other appropriate and document the unique characteristics of their particular mechanisms to detect and stop attacks.”³ virtualized implementation, including all interactions with In effect, Information Security must complete the same checklist payment transaction processes and payment card data. of protections for virtual systems as for physical infrastructure. d. There is no one-size-fits-all method or solution to configure In addition, consideration should also be given to adapting best virtualized environments to meet PCI DSS requirements. practices to any unique requirements potentially introduced by Specific controls and procedures will vary for each environment, the dynamic nature of the virtual server environment. according to how virtualization is used and implemented.6 NIST Secure Virtual System Checklist 1. Keep up-to-date with security patches 2. Use secure configuration baselines 1 2010 Verizon Breach Investigations Report. 3. se host-based firewalls, antivirus U 2 Karen Scarfone, Murugiah Souppaya, and Paul Hoffman, “Guide to Security for Full Virtualization Technologies,” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, software, or other mechanisms to January 2011, 4-1. 3 NIST, op. cit., ES-1. 4 PCI Security Standards Council, PCI DSS Virtualization Guidelines, June 2011. detect and stop attacks 5 Ron Condon, PCI virtualisation: With new guidelines, compliance may be harder, SearchSecurity.co.uk, 14 June 2011. 6 PCI Security Standards Council, op. cit. 1 Symantec Corporation
The new PCI guidelines hold several important implications for organizations that handle cardholder data. First, virtualization IT Virtual Server Security Challenges adds a dynamic dimension to the traditional best practices commonly used in physical infrastructures. Since there is no • Management of administration access “one-size-fits-all” approach, organizations will require adaptive • nbound and outbound I solutions that can accommodate different configurations of virtual communications infrastructure at various points along the adoption curve. The • Interactions between systems guidelines conclude with a recommendation that all virtualization components, even those considered to be out-of-scope, be • aintaining patch levels and M designed to meet PCI DSS security requirements, because configuration standards exposure of one virtual machine (VM) on a host system could lead to the compromise of other VMs on the same host. Although they do not change the standard, the new guidelines will help introduced by virtualization, policies and controls must be organizations ensure that the standard is enforced. modernized. In implementing such modernization, the following capabilities should be considered. Secure Virtualization and Private Monitor system behaviors. Virtual machines should be regularly Cloud Computing monitored to discover potential vulnerabilities. Are there services Cloud computing is a way to provide scalable, elastic IT on a particular VM that should not be running? Has a VM been capabilities as services using Internet technologies. The cloud moved such that it now has the ability to communicate with new computing model enables organizations to consume software, workloads subject to different policy requirements, like PCI audit? platform, and infrastructure resources as services and avoid Can removable media be attached to the VM through a USB port to the licensing, consulting, and administrative costs associated extract data or introduce malware? with on-premise implementations. While some organizations Control application and system services. It is necessary to adopt public cloud services available from cloud computing see which applications are running on VMs and ensure that vendors on a multi-tenancy basis, many opt to develop their own only appropriate apps are available on any given VM. Controls private cloud services in order to reduce total cost of ownership should include monitoring, alerts, and preventing executables as while minimizing risks to data. Private cloud implementations appropriate. generally involve virtualization and, therefore, require modern, Reduce the scope of virtual system interactions. In cases adaptive approaches to security and compliance of virtual server where multiple VMs coexist on a single host, new VMs may gain infrastructures. availability to data or applications that should be off-limits. Central Cloud-based service enablement calls for granular control over the visibility across heterogeneous, hybrid environments is necessary hardening of virtual systems using appropriate policy profiling. to accurately oversee behaviors and activities. To ensure the ongoing integrity and availability of virtual servers, Protect file systems. Organizations should conduct policy-based policies should be designed to enforce the following constraints: monitoring of all file systems on VMs, including applications, • Limit cloud services to only those services required to support a directories, and registry keys. It is common practice for hackers to given system’s function change registry keys to cover their tracks. When that happens, the • Limit user accounts and privilege escalations protection systems should generate an alert and, if necessary, lock • Control rogue behaviors such as file and configuration changes down the file to prevent changes. • Constrain data mobility by monitoring data files Maintain OS integrity. Check to see if any changes have been • Mitigate vulnerabilities due to inconsistent patch management made to an OS that do not conform with configuration or patch standards. Real-time monitoring of VMs between patch windows Only by ensuring the security of private cloud infrastructure can can mitigate vulnerabilities and prevent malware from executing. organizations realize the benefits in terms of cost efficiency. Monitor and restrict privileged user access. Privileged users of business-critical applications on VMs should be monitored to Requirements for Virtualized ensure that their behavior and activities are within the scope of Server Security requisite permissions and do not in any way jeopardize security In extending protection to virtualized server infrastructures, IT or compliance posture. Security faces a number of challenges, including management of administrator access, inbound and outbound communications, interactions between systems, and maintaining patch levels and configuration standards. To adapt to the unique variables 2 Symantec Corporation
Security Solutions for Virtualized Servers Conclusion Like mobile and cloud computing strategies, virtualization is It is a well-established fact that server infrastructure represents rapidly becoming a standard dimension of enterprise IT initiatives. the number one target for cybercriminals and the most likely When it comes to security, it is important to make sure that location of data breaches. Virtualization adds new layers of solutions designed to protect data, people, and systems offer complexity to server infrastructure so that ensuring security the same capabilities for both virtual and physical servers. The and compliance requires more granular controls and the ability following Symantec products are successfully employed by to consistently enforce policies across both physical and virtual customers today across physical and virtual server environments. environments. Symantec can help seamlessly extend protection Symantec™ Critical System Protection. Critical System to virtualized servers by discovering, monitoring, and controlling Protection is a host-based intrusion detection and prevention behaviors and activities that may compromise the performance solution that allows organizations to protect business-critical and availability of virtual systems. With help from Symantec, you servers seamlessly across heterogeneous virtual and physical can confidently pursue the virtualization of your most business- environments while accelerating density goals and reducing critical IT infrastructure. cost. The centrally managed, policy-driven solution monitors file systems and prevents policy violations with minimum impact About Symantec on server workloads and system performance. The built-in ESX Symantec is a global leader in providing security, storage, Policy Pack protects the ESX console operating system and guest and systems management solutions to help consumers and operating systems and applications with layered controls to limit organizations secure and manage their information-driven networking of non-ESX programs and to block write access to ESX world. Headquartered in Mountain View, Calif., Symantec has configuration and data files. operations in 40 countries. More information is available at Symantec™ Control Compliance Suite. Control Compliance www.symantec.com. Suite addresses IT risk and compliance challenges by delivering greater visibility and control across virtual and physical server Visit our website infrastructure. Capabilities include regulatory and technical content that is automatically mapped to policies and updated as www.symantec.com/virtualization regulations change, as well as automated system discovery and To speak with a Product Specialist in the U.S. vulnerability assessments to identify noncompliant virtual and Call toll-free 1 (800) 745 6054 physical systems. To speak with a Product Specialist outside the U.S. Symantec™ Endpoint Protection. Endpoint Protection delivers For specific country offices and contact numbers, please visit unparalleled security and proven superior performance 7 in a single our website. system optimized for both physical and virtual environments. Symantec Endpoint Protection is powered by Symantec’s exclusive Symantec World Headquarters Insight™ detection technology. Insight catches rapidly mutating 350 Ellis St. malware threats that other approaches miss and reduces scan overhead by up to 70 percent in high-density environments.8 Mountain View, CA 94043 USA Symantec™ Security Information Manager. Security Information +1 (650) 527 8000 Manager enables organizations to establish central visibility to 1 (800) 721 3934 critical virtual server incidents. It offers broad log data collection www.symantec.com across physical and virtual servers , including a purpose-built collector for ESX environments. Comprehensive, real-time incident correlation, including content from the Symantec Global Intelligence Network, transforms data from physical and virtual environments worldwide into actionable intelligence. 7 PassMark Software, Enterprise Endpoint Protection Performance Benchmarks, February 2011. 8 Tolly Enterprises, Symantec Endpoint Protection 12.1 vs. McAfee and Trend Micro, Anti-virus Performance in VMware ESX Virtual Environments, June 2011. Copyright © 2011 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Insight are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 07/11 21202606

Recommended

IT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityIT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityBooz Allen Hamilton
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
 
Solutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceSolutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceTrend Micro
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guideYury Chemerkin
 
PCI DSS & Virtualization
PCI DSS & Virtualization PCI DSS & Virtualization
PCI DSS & VirtualizationTobyRobinson13
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest TexasTrend Micro
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
 

Recommended

IT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityIT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityBooz Allen Hamilton
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
 
Solutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceSolutions for PCI DSS Compliance
Solutions for PCI DSS ComplianceTrend Micro
 
Security in the cloud planning guide
Security in the cloud planning guideSecurity in the cloud planning guide
Security in the cloud planning guideYury Chemerkin
 
PCI DSS & Virtualization
PCI DSS & Virtualization PCI DSS & Virtualization
PCI DSS & VirtualizationTobyRobinson13
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest TexasTrend Micro
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution OverviewCisco Service Provider
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security GovernanceBooz Allen Hamilton
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Whitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingWhitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingRaghuraman Ramamurthy
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET Journal
 
VSD Infotech
VSD InfotechVSD Infotech
VSD InfotechVSD infotech
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefingguestb099f64c
 
Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2Zimory
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Bi cloud saa_s
Bi cloud saa_sBi cloud saa_s
Bi cloud saa_sYustinus Malawau
 
csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...Ruo Ando
 
CSEC630 individaul assign
CSEC630 individaul assignCSEC630 individaul assign
CSEC630 individaul assignRonald Jackson, Jr
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
2_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_01132_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_0113Jim Romeo
 
Trends in Cloud Computing
Trends in Cloud ComputingTrends in Cloud Computing
Trends in Cloud Computingawais mushtaq
 
Cisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco Service Provider
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
The Datacenter Of The Future
The Datacenter Of The FutureThe Datacenter Of The Future
The Datacenter Of The FutureCTRLS
 

More Related Content

What's hot

Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Whitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingWhitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingRaghuraman Ramamurthy
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET Journal
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefingguestb099f64c
 
Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2Zimory
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...Ruo Ando
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
2_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_01132_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_0113Jim Romeo
 
Trends in Cloud Computing
Trends in Cloud ComputingTrends in Cloud Computing
Trends in Cloud Computingawais mushtaq
 
Cisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco Service Provider
 

What's hot (20)

Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security Governance
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0
 
Whitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingWhitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcing
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital ForensicIRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
 
VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
 
Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2Zimory White Paper: Security in the Cloud pt 2/2
Zimory White Paper: Security in the Cloud pt 2/2
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance Info
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
Bi cloud saa_s
Bi cloud saa_sBi cloud saa_s
Bi cloud saa_s
 
csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...csec66 a user mode implementation of filtering rule management plane on virtu...
csec66 a user mode implementation of filtering rule management plane on virtu...
 
CSEC630 individaul assign
CSEC630 individaul assignCSEC630 individaul assign
CSEC630 individaul assign
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
2_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_01132_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_0113
 
Trends in Cloud Computing
Trends in Cloud ComputingTrends in Cloud Computing
Trends in Cloud Computing
 
Cisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design GuideCisco VMDC Cloud Security 1.0 Design Guide
Cisco VMDC Cloud Security 1.0 Design Guide
 

Similar to Virtual Server Security Trends

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
The Datacenter Of The Future
The Datacenter Of The FutureThe Datacenter Of The Future
The Datacenter Of The FutureCTRLS
 
Security Authorization: An Approach for Community Cloud Computing Environments
Security Authorization: An Approach for Community Cloud Computing EnvironmentsSecurity Authorization: An Approach for Community Cloud Computing Environments
Security Authorization: An Approach for Community Cloud Computing EnvironmentsBooz Allen Hamilton
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threatswhite paper
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemSchneider Electric
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised ComputingIOSR Journals
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Booz Allen Hamilton
 
The ABC of Private Clouds
The ABC of Private CloudsThe ABC of Private Clouds
The ABC of Private CloudsCTRLS
 
Automation white paper-nextgendc
Automation white paper-nextgendcAutomation white paper-nextgendc
Automation white paper-nextgendcMike Kuhn
 
Isaca 2011 trends in virtual security v1.0
Isaca 2011 trends in virtual security v1.0Isaca 2011 trends in virtual security v1.0
Isaca 2011 trends in virtual security v1.0kimwisniewski
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsYusuf Hadiwinata Sutandar
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Virtual security is no less real
Virtual security is no less realVirtual security is no less real
Virtual security is no less realguest24ab95c
 
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceUsing Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceCisco Service Provider
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Erik Ginalick
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized EnvironmentsSeccuris Inc.
 
Risk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsRisk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsSiddharth Coontoor
 

Similar to Virtual Server Security Trends (20)

PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
The Datacenter Of The Future
The Datacenter Of The FutureThe Datacenter Of The Future
The Datacenter Of The Future
 
Security Authorization: An Approach for Community Cloud Computing Environments
Security Authorization: An Approach for Community Cloud Computing EnvironmentsSecurity Authorization: An Approach for Community Cloud Computing Environments
Security Authorization: An Approach for Community Cloud Computing Environments
 
Protecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest ThreatsProtecting Dynamic Datacenters From the Latest Threats
Protecting Dynamic Datacenters From the Latest Threats
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
Apani PCI-DSS Compliance
Apani PCI-DSS ComplianceApani PCI-DSS Compliance
Apani PCI-DSS Compliance
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
 
Security in a Virtualised Computing
Security in a Virtualised ComputingSecurity in a Virtualised Computing
Security in a Virtualised Computing
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...
 
The ABC of Private Clouds
The ABC of Private CloudsThe ABC of Private Clouds
The ABC of Private Clouds
 
Automation white paper-nextgendc
Automation white paper-nextgendcAutomation white paper-nextgendc
Automation white paper-nextgendc
 
Isaca 2011 trends in virtual security v1.0
Isaca 2011 trends in virtual security v1.0Isaca 2011 trends in virtual security v1.0
Isaca 2011 trends in virtual security v1.0
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital Forensics
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Virtual security is no less real
Virtual security is no less realVirtual security is no less real
Virtual security is no less real
 
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI complianceUsing Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI compliance
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized Environments
 
Risk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsRisk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized Environments
 

More from ReadWrite

Networks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkNetworks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkReadWrite
 
IoT Standards: The Next Generation
IoT Standards: The Next GenerationIoT Standards: The Next Generation
IoT Standards: The Next GenerationReadWrite
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For SmartiesReadWrite
 
Dude, Where's My Product?
Dude, Where's My Product?Dude, Where's My Product?
Dude, Where's My Product?ReadWrite
 
Senator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickSenator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickReadWrite
 
Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?ReadWrite
 
Our Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsOur Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsReadWrite
 
White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...ReadWrite
 
White paper what is a peo-
White paper what is a peo-White paper what is a peo-
White paper what is a peo-ReadWrite
 
White paper options for handling your hr function[1]
White paper options for handling your hr function[1]White paper options for handling your hr function[1]
White paper options for handling your hr function[1]ReadWrite
 
Tri net wp_buildsuccess
Tri net wp_buildsuccessTri net wp_buildsuccess
Tri net wp_buildsuccessReadWrite
 
Tri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planTri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planReadWrite
 
Tri net eguide_hiring_2012
Tri net eguide_hiring_2012Tri net eguide_hiring_2012
Tri net eguide_hiring_2012ReadWrite
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessReadWrite
 
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...ReadWrite
 
The Real-Time Web and its Future
The Real-Time Web and its FutureThe Real-Time Web and its Future
The Real-Time Web and its FutureReadWrite
 
Guide to Online Community Management
Guide to Online Community ManagementGuide to Online Community Management
Guide to Online Community ManagementReadWrite
 
V mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceV mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceReadWrite
 
Wp 7108 - 50000 seat vmware view deployment
Wp 7108 - 50000 seat vmware view deploymentWp 7108 - 50000 seat vmware view deployment
Wp 7108 - 50000 seat vmware view deploymentReadWrite
 

More from ReadWrite (20)

Networks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkNetworks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To Drink
 
IoT Standards: The Next Generation
IoT Standards: The Next GenerationIoT Standards: The Next Generation
IoT Standards: The Next Generation
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For Smarties
 
Dude, Where's My Product?
Dude, Where's My Product?Dude, Where's My Product?
Dude, Where's My Product?
 
Senator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickSenator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis Kalanick
 
Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?
 
Our Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsOur Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIs
 
White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...
 
White paper what is a peo-
White paper what is a peo-White paper what is a peo-
White paper what is a peo-
 
White paper options for handling your hr function[1]
White paper options for handling your hr function[1]White paper options for handling your hr function[1]
White paper options for handling your hr function[1]
 
Tri net wp_buildsuccess
Tri net wp_buildsuccessTri net wp_buildsuccess
Tri net wp_buildsuccess
 
Tri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planTri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_plan
 
Tri net eguide_hiring_2012
Tri net eguide_hiring_2012Tri net eguide_hiring_2012
Tri net eguide_hiring_2012
 
Peo study
Peo studyPeo study
Peo study
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small business
 
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
 
The Real-Time Web and its Future
The Real-Time Web and its FutureThe Real-Time Web and its Future
The Real-Time Web and its Future
 
Guide to Online Community Management
Guide to Online Community ManagementGuide to Online Community Management
Guide to Online Community Management
 
V mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceV mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidence
 
Wp 7108 - 50000 seat vmware view deployment
Wp 7108 - 50000 seat vmware view deploymentWp 7108 - 50000 seat vmware view deployment
Wp 7108 - 50000 seat vmware view deployment
 

Recently uploaded

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

Virtual Server Security Trends

  • 1. Industry Brief: Virtualization Trends Ensuring Security for Virtual Server Infrastructure The trend toward virtualization of IT infrastructure has been New PCI Virtualization Guidelines primarily focused on enterprise servers, especially in data Another factor driving secure virtualization is the increasing centers where the resulting efficiencies represent significant cost pressure from regulatory requirements to demonstrate effective savings for IT organizations. Because virtualization adds layers of protection of server infrastructures that house critical data technology, it also necessitates changes in security management. and applications. A good example of how security standards Virtualization introduces a new level of complexity for information are affecting virtualization efforts is a guidance paper recently security teams, which are responsible for hardening virtual published by the Payment Card Industry Security Standards systems while also supporting increased density and dynamic Council (PCI SSC).4 Authored by a PCI special interest group provisioning. consisting of more than 30 companies, including merchants, The importance of security in such environments cannot be vendors, and Qualified Security Assessors (QSAs), the paper overstated. Data protection on server infrastructure has been addresses the security implications of virtualization and maps a top IT priority for some time, because it is on servers that them against the 12 main requirements of the PCI Data Security significant data breaches are most likely to occur. In fact, Standard (PCI DSS), indicating what actions should constitute best 98 percent of compromised records are exposed on servers practice for each of the requirements.5 and online applications.¹ The PCI guidelines for the use of virtualization in cardholder data Even as virtualization adds infrastructure layers, information environments are based on the following four principles: security best practices remain conceptually the same. “In a. If virtualization technologies are used in a cardholder data general, organizations should have the same security controls environment, PCI DSS requirements apply to those virtualization in place for the virtualized operating systems as they have for technologies. the same operating systems running directly on hardware,” according to a recent report from the National Institute of b. Virtualization technology introduces new risks that may not be Standards and Technology (NIST).² The NIST report recommends relevant to other technologies, and that must be assessed when that organizations secure virtual systems “based on sound adopting virtualization in cardholder data environments. security practices, such as keeping software up-to-date with c. Implementations of virtual technologies can vary greatly, and security patches, using secure configuration baselines, and using entities will need to perform a thorough discovery to identify host-based firewalls, antivirus software, or other appropriate and document the unique characteristics of their particular mechanisms to detect and stop attacks.”³ virtualized implementation, including all interactions with In effect, Information Security must complete the same checklist payment transaction processes and payment card data. of protections for virtual systems as for physical infrastructure. d. There is no one-size-fits-all method or solution to configure In addition, consideration should also be given to adapting best virtualized environments to meet PCI DSS requirements. practices to any unique requirements potentially introduced by Specific controls and procedures will vary for each environment, the dynamic nature of the virtual server environment. according to how virtualization is used and implemented.6 NIST Secure Virtual System Checklist 1. Keep up-to-date with security patches 2. Use secure configuration baselines 1 2010 Verizon Breach Investigations Report. 3. se host-based firewalls, antivirus U 2 Karen Scarfone, Murugiah Souppaya, and Paul Hoffman, “Guide to Security for Full Virtualization Technologies,” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, software, or other mechanisms to January 2011, 4-1. 3 NIST, op. cit., ES-1. 4 PCI Security Standards Council, PCI DSS Virtualization Guidelines, June 2011. detect and stop attacks 5 Ron Condon, PCI virtualisation: With new guidelines, compliance may be harder, SearchSecurity.co.uk, 14 June 2011. 6 PCI Security Standards Council, op. cit. 1 Symantec Corporation
  • 2. The new PCI guidelines hold several important implications for organizations that handle cardholder data. First, virtualization IT Virtual Server Security Challenges adds a dynamic dimension to the traditional best practices commonly used in physical infrastructures. Since there is no • Management of administration access “one-size-fits-all” approach, organizations will require adaptive • nbound and outbound I solutions that can accommodate different configurations of virtual communications infrastructure at various points along the adoption curve. The • Interactions between systems guidelines conclude with a recommendation that all virtualization components, even those considered to be out-of-scope, be • aintaining patch levels and M designed to meet PCI DSS security requirements, because configuration standards exposure of one virtual machine (VM) on a host system could lead to the compromise of other VMs on the same host. Although they do not change the standard, the new guidelines will help introduced by virtualization, policies and controls must be organizations ensure that the standard is enforced. modernized. In implementing such modernization, the following capabilities should be considered. Secure Virtualization and Private Monitor system behaviors. Virtual machines should be regularly Cloud Computing monitored to discover potential vulnerabilities. Are there services Cloud computing is a way to provide scalable, elastic IT on a particular VM that should not be running? Has a VM been capabilities as services using Internet technologies. The cloud moved such that it now has the ability to communicate with new computing model enables organizations to consume software, workloads subject to different policy requirements, like PCI audit? platform, and infrastructure resources as services and avoid Can removable media be attached to the VM through a USB port to the licensing, consulting, and administrative costs associated extract data or introduce malware? with on-premise implementations. While some organizations Control application and system services. It is necessary to adopt public cloud services available from cloud computing see which applications are running on VMs and ensure that vendors on a multi-tenancy basis, many opt to develop their own only appropriate apps are available on any given VM. Controls private cloud services in order to reduce total cost of ownership should include monitoring, alerts, and preventing executables as while minimizing risks to data. Private cloud implementations appropriate. generally involve virtualization and, therefore, require modern, Reduce the scope of virtual system interactions. In cases adaptive approaches to security and compliance of virtual server where multiple VMs coexist on a single host, new VMs may gain infrastructures. availability to data or applications that should be off-limits. Central Cloud-based service enablement calls for granular control over the visibility across heterogeneous, hybrid environments is necessary hardening of virtual systems using appropriate policy profiling. to accurately oversee behaviors and activities. To ensure the ongoing integrity and availability of virtual servers, Protect file systems. Organizations should conduct policy-based policies should be designed to enforce the following constraints: monitoring of all file systems on VMs, including applications, • Limit cloud services to only those services required to support a directories, and registry keys. It is common practice for hackers to given system’s function change registry keys to cover their tracks. When that happens, the • Limit user accounts and privilege escalations protection systems should generate an alert and, if necessary, lock • Control rogue behaviors such as file and configuration changes down the file to prevent changes. • Constrain data mobility by monitoring data files Maintain OS integrity. Check to see if any changes have been • Mitigate vulnerabilities due to inconsistent patch management made to an OS that do not conform with configuration or patch standards. Real-time monitoring of VMs between patch windows Only by ensuring the security of private cloud infrastructure can can mitigate vulnerabilities and prevent malware from executing. organizations realize the benefits in terms of cost efficiency. Monitor and restrict privileged user access. Privileged users of business-critical applications on VMs should be monitored to Requirements for Virtualized ensure that their behavior and activities are within the scope of Server Security requisite permissions and do not in any way jeopardize security In extending protection to virtualized server infrastructures, IT or compliance posture. Security faces a number of challenges, including management of administrator access, inbound and outbound communications, interactions between systems, and maintaining patch levels and configuration standards. To adapt to the unique variables 2 Symantec Corporation
  • 3. Security Solutions for Virtualized Servers Conclusion Like mobile and cloud computing strategies, virtualization is It is a well-established fact that server infrastructure represents rapidly becoming a standard dimension of enterprise IT initiatives. the number one target for cybercriminals and the most likely When it comes to security, it is important to make sure that location of data breaches. Virtualization adds new layers of solutions designed to protect data, people, and systems offer complexity to server infrastructure so that ensuring security the same capabilities for both virtual and physical servers. The and compliance requires more granular controls and the ability following Symantec products are successfully employed by to consistently enforce policies across both physical and virtual customers today across physical and virtual server environments. environments. Symantec can help seamlessly extend protection Symantec™ Critical System Protection. Critical System to virtualized servers by discovering, monitoring, and controlling Protection is a host-based intrusion detection and prevention behaviors and activities that may compromise the performance solution that allows organizations to protect business-critical and availability of virtual systems. With help from Symantec, you servers seamlessly across heterogeneous virtual and physical can confidently pursue the virtualization of your most business- environments while accelerating density goals and reducing critical IT infrastructure. cost. The centrally managed, policy-driven solution monitors file systems and prevents policy violations with minimum impact About Symantec on server workloads and system performance. The built-in ESX Symantec is a global leader in providing security, storage, Policy Pack protects the ESX console operating system and guest and systems management solutions to help consumers and operating systems and applications with layered controls to limit organizations secure and manage their information-driven networking of non-ESX programs and to block write access to ESX world. Headquartered in Mountain View, Calif., Symantec has configuration and data files. operations in 40 countries. More information is available at Symantec™ Control Compliance Suite. Control Compliance www.symantec.com. Suite addresses IT risk and compliance challenges by delivering greater visibility and control across virtual and physical server Visit our website infrastructure. Capabilities include regulatory and technical content that is automatically mapped to policies and updated as www.symantec.com/virtualization regulations change, as well as automated system discovery and To speak with a Product Specialist in the U.S. vulnerability assessments to identify noncompliant virtual and Call toll-free 1 (800) 745 6054 physical systems. To speak with a Product Specialist outside the U.S. Symantec™ Endpoint Protection. Endpoint Protection delivers For specific country offices and contact numbers, please visit unparalleled security and proven superior performance 7 in a single our website. system optimized for both physical and virtual environments. Symantec Endpoint Protection is powered by Symantec’s exclusive Symantec World Headquarters Insight™ detection technology. Insight catches rapidly mutating 350 Ellis St. malware threats that other approaches miss and reduces scan overhead by up to 70 percent in high-density environments.8 Mountain View, CA 94043 USA Symantec™ Security Information Manager. Security Information +1 (650) 527 8000 Manager enables organizations to establish central visibility to 1 (800) 721 3934 critical virtual server incidents. It offers broad log data collection www.symantec.com across physical and virtual servers , including a purpose-built collector for ESX environments. Comprehensive, real-time incident correlation, including content from the Symantec Global Intelligence Network, transforms data from physical and virtual environments worldwide into actionable intelligence. 7 PassMark Software, Enterprise Endpoint Protection Performance Benchmarks, February 2011. 8 Tolly Enterprises, Symantec Endpoint Protection 12.1 vs. McAfee and Trend Micro, Anti-virus Performance in VMware ESX Virtual Environments, June 2011. Copyright © 2011 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, and Insight are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 07/11 21202606