Session abstract:
“You are on cloud 9. You are ready to go lights-on in your new virtual data center. But wait: virtualization changes everything when it comes to security. Some gaps are obvious, such as the elimination of separation of duties, or the lack of visibility into the virtual network. Some issues are more subtle, such as temporal attacks against crypto. This talk will describe what gaps are introduced in the move from physical to virtual specifically where security is concerned, and prescribe specific steps to ensure security and compliance for production deployments.
Specific topics to be covered include:
• Recommend strategies for updating in-house security and compliance best-practices guides to incorporate and protect virtual infrastructure.
• An analysis of the new virtualization threat surface and what new policies should be introduced to prevent, detect and control risks and violations.
• Configuration of the virtual network for security and visibility, even over Vmotion and over VMware port groups.
• Enforcement of separation of duties, least privilege and change management in the virtual data center (currently not part of most virtualization platforms).
• Examination of the risks of VM Sprawl and establishment of programs and policies for managing this risk.
• How you can guarantee your cloud implementation is even more secure than your pre-cloud analogue.”
Michael Berman is CTO of Catbird Networks, a provider of security virtualization solutions to cloud computing operators.
