SlideShare uma empresa Scribd logo

Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware

Digicomp Academy AG
Digicomp Academy AG
Educação
1 de 38
Baixar para ler offline
1 1 0 . 0 3 . IBM Virtual Server Protection 2 0 1 1 Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware Peter Rossi, IBM Senior Security Specialist © 2009 IBM Corporation
Agenda ■ IBM Security Framework ■ Security Challenges in the Virtualized World –Vulnerability examples ■ IBM Virtual Server Protection for VMware 2 10.03.2011 © 2011 IBM Corporation
IBM Security Framework 3 10.03.2011 © 2011 IBM Corporation
IBM delivers a new approach to Security Management IBM's approach is to strategically IBM's approach is to strategically manage risk end-to end across all manage risk end-to end across all risk areas within an organization. risk areas within an organization. 4 10.03.2011 © 2011 IBM Corporation
IBM Security Framework Give the right users access to the right resources at the right time Protect sensitive business data Keep applications available and protected from malicious or fraudulent use. Optimize service availability by mitigating risks Provide actionable intelligence & improve physical infrastructure security 5 10.03.2011 © 2011 IBM Corporation
IBM Tivoli Security Focus Areas Trusting Managing Securing Protecting Identities Access Services Data IBM Payroll HCR U6 IBM Online banking E Customers, partners, RC FO EN L IC Y employees (known) PO IBM is #1 in this space Loan applications Retail sales Criminals, competitors, hackers (unknown) Inventory IBM is #1 in this space Manage those you know. Protect against those you don’t. COMPLIANCE IBM is #1 in this space Prove that you’re in control. 6 10.03.2011 © 2011 IBM Corporation
Security Challenges in the Virtualized World 7 10.03.2011 © 2011 IBM Corporation
Server and Network Convergence 8 10.03.2011 © 2011 IBM Corporation
Security Challenges with Virtualization: What is the Impact to Overall Security Posture? 9 10.03.2011 © 2011 IBM Corporation
Security Challenges with Virtualization: New Risks Traditional Threats Traditional threats can attack New threats to VM VMs just like real systems environments Virtual server sprawl —————————— Dynamic state —————————— Dynamic relocation Management Vulnerabilities —————————— Secure storage of VMs and the management data Resource sharing —————————— —————————— Requires new Single point of failure skill sets —————————— —————————— Loss of visibility Insider threat Stealth rootkits in hardware MORE COMPONENTS = MORE EXPOSURE 10 10.03.2011 © 2011 IBM Corporation
The Importance of Virtualization System Security ■ Businesses are increasingly relying on virtualization technology ■ In Q4 2009, 18.2% of servers shipped were virtualized1 – 20% increase over 15.2% shipped in Q4 2008 ■ Growing interest in cloud computing will fuel further demand ■ Vulnerability disclosures have grown as interest has grown 1Source: IDC 11 10.03.2011 © 2011 IBM Corporation
The Risk Imposed by Virtualization System Vulnerabilities ■ Disclosed vulnerabilities pose a significant security risk ■ 40% of all reported vulnerabilities have high severity – Tend to be easy to exploit, provide full control over attacked system ■ Exploits have been publically disclosed for 14% of vulnerabilities 12 10.03.2011 © 2011 IBM Corporation
Vendor Disclosures Include Some Surprising Results ■ Low percentages for Oracle, IBM, and Microsoft VMware: 80.9% RedHat: 6.9% Citrix: 5.8% Oracle: 1.8% IBM: 1.1% Microsoft: 0.9% 13 10.03.2011 © 2011 IBM Corporation
Virtualization System Vulnerability Classes ■ Vulnerabilities can be classified by what they affect Virtualiza o n Server Guest VM Users 5 System Administrators Virtualization System Admin Guest Guest VM VM VM Hypervisor 1 Hardware 2 3 4 6 Management Console Management Server 14 10.03.2011 © 2011 IBM Corporation
Virtualization System Vulnerability Classes ■ 1. Management console vulnerabilities –Affect the management console host –Can provide platform or information allowing attack of management server –Can occur in custom consoles or web applications ■ 2. Management server vulnerabilities –Potential to compromise virtualization system configuration –Can provide platform from which to attack administrative VM ■ 3. Administrative VM vulnerabilities –Compromises system configuration –In some systems (like Xen), equivalent to a hypervisor vulnerability in that all guest VMs may be compromised –Can provide platform from which to attack hypervisor and guest VMs 15 10.03.2011 © 2011 IBM Corporation
Virtualization System Vulnerability Classes ■ 4. Hypervisor vulnerabilities –Compromise all guest VMs –Cannot be exploited from guest VMs ■ 5. Guest VM vulnerabilities –Affect a single VM –Can provide platform from which to attack administrative VM, hypervisor, and other guest VMs ■ 6. Hypervisor escape vulnerabilities –A type of hypervisor vulnerability –Classified separately because of their importance –Allow a guest VM user to “escape” from own VM to attack other VMs or hypervisor –Violate assumption of isolation of guest VMs 16 10.03.2011 © 2011 IBM Corporation
Virtualization System Vulnerability Examples ■ Management console –CVE-2009-2277: A cross-site scripting vulnerability in a VMware web console allows remote attackers to steal cookie-based authentication credentials ■ Management server –CVE-2008-4281: VMware VirtualCenter management server can allow a local attacker to use directory traversal sequences to gain elevated privileges ■ Administrative VM –CVE-2008-2097: A buffer overflow in a VMWare management service running in the administrative VM could allow remote authenticated users to gain root privileges 17 10.03.2011 © 2011 IBM Corporation
Virtualization System Vulnerability Examples ■ Guest VM –CVE-2009-2267: A bug in the handling of page fault exceptions in VMware ESX Server could allow a guest VM user to gain kernel mode execution privileges in the guest VM ■ Hypervisor –CVE-2010-2070: By modifying the processor status register, a local attacker can cause the Xen kernel to crash ■ Hypervisor escape –CVE-2009-1244: An error in the virtual machine display function on VMware ESX Server allows an attacker in a guest VM to execute arbitrary code in the hypervisor 18 10.03.2011 © 2011 IBM Corporation
Production Virtualization System Vulnerabilities By Class Hypervisor (1.3%) Indeterminate (6.3%) Mgmt Server (6.3%) Hypervisor Guest VM (15.0%) escape (37.5%) Mgmt console (16.3%) Admin VM (17.5%) 19 10.03.2011 © 2011 IBM Corporation
Gartner’s Perspective on Secure Virtualization “IBM has the first commercial implementation of a rootkit detection/prevention offering that works from outside of the virtual machine it is protecting...” -Neil MacDonald, Gartner Neil MacDonald, Gartner 20 10.03.2011 © 2011 IBM Corporation
IBM Virtual Server Protection for VMware 21 10.03.2011 © 2011 IBM Corporation
Virtualization Security Solutions Existing solutions Threat protection Integrated virtual certified for protection of delivered in a virtual form- environment-aware threat virtual workloads factor protection ■ Firewall § Firewall § Firewall ■ Intrusion Prevention § Intrusion Prevention § Intrusion Prevention ■ System auditing § Virtual network segment § Virtual host protection and ■ File integrity monitoring protection/policy network policy enforcement ■ Anti-malware enforcement § Network access control ■ Security configuration Mgmt § Virtual infrastructure monitoring 22 10.03.2011 © 2011 IBM Corporation
Integrated Security ■ Non-intrusive o No reconfiguration of the virtual network SiteProtector o No presence in the guest OS Management ■ Less management overhead o One Security Virtual Machine (SVM) per physical server Management SVM VM VM o 1:many protection-to-VM ratio Policy Applications Response Applications Applications ■ Automated Engines o Privileged presence gives SVM holistic view of OS Hardened OS OS the virtual network OS o Protection automatically applied as VM comes Kernel Kernel Kernel Kernel online VMsafe ■ Lower overhead o Eliminates redundant processing tasks Hypervisor ■ Protection for any guest OS Hardware 23 10.03.2011 IBM Confidential © 2011 IBM Corporation
IBM Confien al d IBM Virtual Server Protection for VMware Integrated threat protection for VMware vSphere 4 Helps customers to be more secure, compliant and cost-effective by delivering integrated and optimized security for virtual data centers. SiteProtector Management Benefits ■ Vulnerability-centric, protocol-aware analysis and protection ■ Abstraction from underlying network configuration ■ Automated protection for new VMs ■ Network-level workload segmentation ■ Privileged-level protection of OS kernel structures 24 10.03.2011 © 2011 IBM Corporation
Our Protocol Analysis Module is the engine behind our products Intrusion prevention just got smarter with extensible protection backed by the power of X-Force Client-Side Application Web Application Threat Detection & Virtual Patch Data Security Application Control Protection Protection Prevention What It Does: What It Does: What It Does: What It Does: What It Does: What It Does: Shields vulnerabilities Protects end users Protects web applications Detects and prevents Monitors and identifies Manages control of from exploitation against attacks targeting against sophisticated entire classes of threats unencrypted personally unauthorized applications independent of a applications used application-level attacks as opposed to a specific identifiable information and risks within defined software patch, and everyday such as such as SQL Injection, exploit or vulnerability. (PII) and other segments of the network, enables a responsible Microsoft Office, Adobe XSS (Cross-site confidential information such as ActiveX patch management PDF, Multimedia files and scripting), PHP file- Why Important: for data awareness. Also fingerprinting, Peer To process that can be Web browsers. includes, CSRF (Cross- Eliminates need of provides capability to Peer, Instant Messaging, adhered to without fear of site request forgery). constant signature explore data flow through and tunneling. a breach Why Important: updates. Protection the network to help At the end of 2009, Why Important: includes the proprietary determine if any potential Why Important: Why Important: vulnerabilities, which Expands security Shellcode Heuristics risks exist. Enforces network At the end of affect personal capabilities to meet both (SCH) technology, which application and service 2009, 52% of all computers, represent the compliance requirements has an unbeatable track Why Important: access based on vulnerabilities disclosed second-largest category and threat evolution. record of protecting Flexible and scalable corporate policy and during the year had no of vulnerability against zero day customized data search governance. vendor-supplied patches disclosures and vulnerabilities. criteria; serves as a available to remedy the represent about a fifth of complement to data vulnerability. all vulnerability security strategy. disclosures. 25 10.03.2011 © 2011 IBM Corporation
IBM Confien al d Automated Discovery/vNAC Features SiteProtector ■ Virtual network access Management control (VNAC) ■ Automated discovery SVM is notified The SVM reports to ■ Virtual Infrastructure as soon as a VM SiteProtector that a new comes online auditing integration VM is online and initiates a discovery scan. Benefits ■ Rogue VM protection ■ Virtual Infrastructure monitoring ■ Virtual network awareness ■ Quarantine or limit network access until VM security posture has been validated SVM limits network communications (quarantine group) until the VM is placed in a non-quarantine group 26 10.03.2011 © 2011 IBM Corporation
Security Footprint Reduction CPU-intensive “Lighter” agent used processing removed where guest OS from the guest OS and context is required ■ Security isolated in Security consolidated in SVM Virtual Machine ■ Less presence in guest OS equals: o improved stability o more CPU/memory available for workloads o decreased attack surface ■ Customer-defined thresholds for security resource usage ■ Over time, guest OS presence will be reduce to the absolute minimum 27 10.03.2011 © 2011 IBM Corporation
Mobility (VMotion) SiteProtector Management ■ Maintain security posture Abstraction from underlying irrespective of the physical server physical servers provides on which the VM resides dynamic security adapted for mobility 28 10.03.2011 © 2011 IBM Corporation
Introspection-Based Rootkit Detection ■ Threat – Malware that embeds itself in the operating system to avoid detection ■ Functionality – Rootkit detection engine that uses memory introspection to identify modifications to key guest OS kernel data structures (SSDT & IDT) by malware 29 10.03.2011 © 2011 IBM Corporation
Virtual Infrastructure Auditing ■ Threat – Virtual machine state change or migration that mixes trust zones ■ Functionality – Hooks into VMware management auditing to report events interesting from a security perspective 30 10.03.2011 © 2011 IBM Corporation
VMsafe Network Packet Inspection API Security Virtual Machine SlowPath Agent ■ vNetwork Data Path Agent DVFilter Library (FastPath Agent) VM VM – Installs as a kernel module and directly intercepts VMM VMM VMM packets in the virtual network packet stream ■ vNetwork Control Path Agent FastPath Agent (SlowPath Agent) FastPath – Resides in a security virtual Agent introspection appliance and can be used VMkernel for further thorough processing vswitch01 VMkernel Hardware Interface VMX parameters for SVM: ESX Server ethernet2.networkName = "ibm- vmwarenetwork-appliance" Physical Hardware VMX parameters for VM: ethernet0.filter0.name = "ibm-iss-vmkmod" VM network traffic ethernet0.filter0.onFailure = "failOpen" VMsafe introspection 31 10.03.2011 © 2011 IBM Corporation
VMsafe CPU & Memory API Security Virtual ■ Can inspect memory Machine locations and CPU registers VMsafe ■ Hypervisor Extension Library VM VM implemented as VMX/VMM V V M M modules s s VMM a VMM a VMM ■ VMsafe API Library on SVM f f e e ■ Capabilities – Detect current application state in the protected VMs CPU – Sense system VMkernel introspection configuration state from the control registers VMX parameters for SVM: VMkernel Hardware Interface ESX Server ethernet1.networkName = "ibm- vmwareintrospect-appliance" Physical VMX parameters for VM: Hardware vmsafe.enable = "true" vmsafe.agentAddress = "169.254.55.2" VM Memory/CPU calls VMsafe Vmsafe VMX/VMM extension vmsafe.agentPort = "49999" vmsafe.failOpen = "TRUE" VMsafe introspection 32 10.03.2011 © 2011 IBM Corporation
IBM Virtual Server Protection for VMware helps to meet compliance best practices 1. Configuration and change management processes should be extended to encompass the virtual infrastructure – Automatic discovery and protection as a VM comes online – Dashboard visibility into the virtual host OS and the virtual network to identify vulnerabilities. – IBM Virtual Patch® technology protects vulnerabilities on virtual servers regardless of patch strategy 2. Maintain separate administrative access control although server, network and security infrastructure is now consolidated – Virtual network access control • Quarantines or limits network access from a virtual server until VM security posture has been confirmed – Virtual Infrastructure auditing 3. Provide virtual machine and virtual network security segmentation – Network-level workload isolation 4. Maintain virtual audit logging – Virtual Infrastructure monitoring and reporting *Source: RSA Security Brief: Security Compliance in a Virtual World http://www.rsa.com/solutions/technology/secure/wp/10393_VIRT_BRF_0809.pdf 33 10.03.2011 © 2011 IBM Corporation
IBM Virtual Server Security for VMware helps customers to be more secure, compliant and cost-effective Integrated threat protection for the VMware vSphere 4 platform Helps meet regulatory compliance mandates by Protects and tracks providing security and access of critical data reporting functionality housed on virtual machines customized for the virtual infrastructure How we help your business Increases virtual Created for and server uptime and integrated with the availability with virtual virtual platform rootkit detection Increases ROI with dynamic VM security and discovery 34 10.03.2011 © 2011 IBM Corporation
For more information on IBM Virtualization Security Solutions White paper Virtualizations Security Solutions Web page (click the graphic) (click the graphic) http://www-935.ibm.com/services/us/iss/html/virtualization-security-solutions.html ftp://ftp.software.ibm.com/common/ssi/sa/wh/n/sew03016usen/SEW03016USEN.PDF Links work in slide show mode. 35 10.03.2011 © 2011 IBM Corporation
Question? Thank you! 36 10.03.2011 © 2011 IBM Corporation
Trademarks and notes ■ IBM Corporation 2010 ■ IBM, the IBM logo, ibm.com, AIX, IBM Internet Security Systems, Proventia, Real Secure, SiteProtector, X-Force and Virtual Patch are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), these symbols indicate US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml ■ VMware, the VMware "boxes" logo and design, Virtual SMP and VMotion are registered trademarks or trademarks (the "Marks") of VMware, Inc. in the United States and/or other jurisdictions. ■ References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. ■ The customer is responsible for ensuring compliance with legal requirements. It is the customer’s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the reader may have to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation. 37 10.03.2011 © 2011 IBM Corporation
38 10.03.2011 © 2011 IBM Corporation

Recomendados

Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsMonitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsIBM India Smarter Computing
 
Ibm security virtual server protection
Ibm security virtual server protectionIbm security virtual server protection
Ibm security virtual server protectionE-Government Center Moldova
 
Desktopvirtualisatie met VMware View, de laatste ontwikkelingen
Desktopvirtualisatie met VMware View, de laatste ontwikkelingenDesktopvirtualisatie met VMware View, de laatste ontwikkelingen
Desktopvirtualisatie met VMware View, de laatste ontwikkelingenUNIT4 IT Solutions
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointHyTrust
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
E Vm Virtualization
E Vm VirtualizationE Vm Virtualization
E Vm VirtualizationArturo Saavedra
 
VMware View 4
VMware View 4VMware View 4
VMware View 4netlogix
 

Recomendados

Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsMonitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsIBM India Smarter Computing
 
Ibm security virtual server protection
Ibm security virtual server protectionIbm security virtual server protection
Ibm security virtual server protectionE-Government Center Moldova
 
Desktopvirtualisatie met VMware View, de laatste ontwikkelingen
Desktopvirtualisatie met VMware View, de laatste ontwikkelingenDesktopvirtualisatie met VMware View, de laatste ontwikkelingen
Desktopvirtualisatie met VMware View, de laatste ontwikkelingenUNIT4 IT Solutions
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointHyTrust
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
E Vm Virtualization
E Vm VirtualizationE Vm Virtualization
E Vm VirtualizationArturo Saavedra
 
VMware View 4
VMware View 4VMware View 4
VMware View 4netlogix
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...AIP Foundation
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Avirot Mitamura
 
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMUndgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMIBM Danmark
 
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy BurtonVMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy BurtonEMCTechMktg
 
LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...IBM
 
Stream 1 - Cloud Computing
Stream 1 - Cloud ComputingStream 1 - Cloud Computing
Stream 1 - Cloud ComputingIBM Business Insight
 
Telesemana ce nominum:mef
Telesemana ce nominum:mefTelesemana ce nominum:mef
Telesemana ce nominum:mefRafael Junquera
 
Enabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to ITEnabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to ITCA Nimsoft
 
VDI Monitoring
VDI MonitoringVDI Monitoring
VDI Monitoringkrajav
 
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...Lumension
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudChris Pepin
 
VMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised securityVMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised securityArrow ECS UK
 
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...Xenesys
 
Build Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business ApplicationBuild Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business Applicationbgalusha
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2David Stephens
 
Empower Employee to Work Anyplace, Amytime
Empower Employee to Work Anyplace, AmytimeEmpower Employee to Work Anyplace, Amytime
Empower Employee to Work Anyplace, AmytimeAdvanced Logic Industries
 
Smarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated SystemSmarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated SystemIBM Danmark
 
Jan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the WinJan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the WinDroidcon Berlin
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
What an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud ProviderWhat an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud ProviderNovell
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresThomas Gross
 

Mais conteúdo relacionado

Mais procurados

IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...AIP Foundation
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Avirot Mitamura
 
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMUndgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMIBM Danmark
 
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy BurtonVMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy BurtonEMCTechMktg
 
LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...IBM
 
Telesemana ce nominum:mef
Telesemana ce nominum:mefTelesemana ce nominum:mef
Telesemana ce nominum:mefRafael Junquera
 
Enabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to ITEnabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to ITCA Nimsoft
 
VDI Monitoring
VDI MonitoringVDI Monitoring
VDI Monitoringkrajav
 
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...Lumension
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudChris Pepin
 
VMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised securityVMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised securityArrow ECS UK
 
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...Xenesys
 
Build Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business ApplicationBuild Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business Applicationbgalusha
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2David Stephens
 
Smarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated SystemSmarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated SystemIBM Danmark
 
Jan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the WinJan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the WinDroidcon Berlin
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceUNIT4 IT Solutions
 
What an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud ProviderWhat an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud ProviderNovell
 

Mais procurados (20)

IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10
 
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMUndgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
 
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy BurtonVMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
VMworld 2012 - Spotlight Session - EMC Transforms IT - Jeremy Burton
 
LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...LotusLive Engage Security whitepaper: Why is security a competitive different...
LotusLive Engage Security whitepaper: Why is security a competitive different...
 
Stream 1 - Cloud Computing
Stream 1 - Cloud ComputingStream 1 - Cloud Computing
Stream 1 - Cloud Computing
 
Telesemana ce nominum:mef
Telesemana ce nominum:mefTelesemana ce nominum:mef
Telesemana ce nominum:mef
 
Enabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to ITEnabling Your Service Desk to be the Front Face to IT
Enabling Your Service Desk to be the Front Face to IT
 
VDI Monitoring
VDI MonitoringVDI Monitoring
VDI Monitoring
 
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
Dousing the Flame: How This Tom Clancy-Esque Attack Worked and What Should ...
 
IBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM CloudIBM Smart Business Desktop on the IBM Cloud
IBM Smart Business Desktop on the IBM Cloud
 
VMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised securityVMware and Trend Micro, partnering to revolutionise virtualised security
VMware and Trend Micro, partnering to revolutionise virtualised security
 
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
Evento Xenesys - Virtualizzare gli applicativi core e proteggere i dati azien...
 
Build Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business ApplicationBuild Scanning into Your Web Based Business Application
Build Scanning into Your Web Based Business Application
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2
 
Empower Employee to Work Anyplace, Amytime
Empower Employee to Work Anyplace, AmytimeEmpower Employee to Work Anyplace, Amytime
Empower Employee to Work Anyplace, Amytime
 
Smarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated SystemSmarter Computing: Expert Integrated System
Smarter Computing: Expert Integrated System
 
Jan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the WinJan Peuker, Raoul Neu: Enterprise Android for the Win
Jan Peuker, Raoul Neu: Enterprise Android for the Win
 
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performanceDeepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
Deepsecurity & VDI beveiliging, maximale beveiliging en optimale performance
 
What an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud ProviderWhat an Enterprise Should Look for in a Cloud Provider
What an Enterprise Should Look for in a Cloud Provider
 

Semelhante a Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware

IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresThomas Gross
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS UK
 
Security in a Virtualised Environment
Security in a Virtualised EnvironmentSecurity in a Virtualised Environment
Security in a Virtualised EnvironmentPeter Wood
 
Ibm virtualization techday v2.0 final
Ibm virtualization techday v2.0 finalIbm virtualization techday v2.0 final
Ibm virtualization techday v2.0 finalAbhed
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003bjhutt
 
Cloud Computing and VCE
Cloud Computing and VCECloud Computing and VCE
Cloud Computing and VCECenk Ersoy
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
T1 05 emc forum track introductions manoj chugh final
T1 05 emc forum track introductions manoj chugh finalT1 05 emc forum track introductions manoj chugh final
T1 05 emc forum track introductions manoj chugh finalEMC Forum India
 
EMC Forum Track Introductions
EMC Forum Track IntroductionsEMC Forum Track Introductions
EMC Forum Track IntroductionsEMC Forum India
 
Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003bjhutt
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Antivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosAntivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosNextel S.A.
 
ITIL Virtualization - ITSM Academy Webinar
ITIL Virtualization - ITSM Academy WebinarITIL Virtualization - ITSM Academy Webinar
ITIL Virtualization - ITSM Academy WebinarITSM Academy, Inc.
 
分会场八云及虚拟环境安全防护
分会场八云及虚拟环境安全防护分会场八云及虚拟环境安全防护
分会场八云及虚拟环境安全防护ITband
 
POWER VM with IBM i and live partition mobility
POWER VM with IBM i and live partition mobilityPOWER VM with IBM i and live partition mobility
POWER VM with IBM i and live partition mobilityCOMMON Europe
 

Semelhante a Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware (20)

IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized Infrastructures
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBMArrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
 
Security in a Virtualised Environment
Security in a Virtualised EnvironmentSecurity in a Virtualised Environment
Security in a Virtualised Environment
 
Ibm virtualization techday v2.0 final
Ibm virtualization techday v2.0 finalIbm virtualization techday v2.0 final
Ibm virtualization techday v2.0 final
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
 
Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003
 
Cloud Computing and VCE
Cloud Computing and VCECloud Computing and VCE
Cloud Computing and VCE
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
IBM Worklight-Overview
IBM Worklight-OverviewIBM Worklight-Overview
IBM Worklight-Overview
 
T1 05 emc forum track introductions manoj chugh final
T1 05 emc forum track introductions manoj chugh finalT1 05 emc forum track introductions manoj chugh final
T1 05 emc forum track introductions manoj chugh final
 
EMC Forum Track Introductions
EMC Forum Track IntroductionsEMC Forum Track Introductions
EMC Forum Track Introductions
 
Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003Virtual Insight Linked In Wi 2003
Virtual Insight Linked In Wi 2003
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
 
Antivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizadosAntivirus específicos para entornos virtualizados
Antivirus específicos para entornos virtualizados
 
Keeping IT Real Webinar
Keeping IT Real WebinarKeeping IT Real Webinar
Keeping IT Real Webinar
 
ITIL Virtualization - ITSM Academy Webinar
ITIL Virtualization - ITSM Academy WebinarITIL Virtualization - ITSM Academy Webinar
ITIL Virtualization - ITSM Academy Webinar
 
分会场八云及虚拟环境安全防护
分会场八云及虚拟环境安全防护分会场八云及虚拟环境安全防护
分会场八云及虚拟环境安全防护
 
POWER VM with IBM i and live partition mobility
POWER VM with IBM i and live partition mobilityPOWER VM with IBM i and live partition mobility
POWER VM with IBM i and live partition mobility
 

Mais de Digicomp Academy AG

Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Digicomp Academy AG
 
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Digicomp Academy AG
 
Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018Digicomp Academy AG
 
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutRoger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutDigicomp Academy AG
 
Roger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handoutRoger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handoutDigicomp Academy AG
 
Xing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit xXing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit xDigicomp Academy AG
 
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Digicomp Academy AG
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinDigicomp Academy AG
 
Agiles Management - Wie geht das?
Agiles Management - Wie geht das?Agiles Management - Wie geht das?
Agiles Management - Wie geht das?Digicomp Academy AG
 
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattGewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattDigicomp Academy AG
 
Querdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING ExpertendialogQuerdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING ExpertendialogDigicomp Academy AG
 
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickelnXing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickelnDigicomp Academy AG
 
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingSwiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingDigicomp Academy AG
 
UX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital BusinessUX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital BusinessDigicomp Academy AG
 
Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich Digicomp Academy AG
 
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)CommerceXing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)CommerceDigicomp Academy AG
 
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudZahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudDigicomp Academy AG
 
General data protection regulation-slides
General data protection regulation-slidesGeneral data protection regulation-slides
General data protection regulation-slidesDigicomp Academy AG
 

Mais de Digicomp Academy AG (20)

Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
Becoming Agile von Christian Botta – Personal Swiss Vortrag 2019
 
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
Swiss IPv6 Council – Case Study - Deployment von IPv6 in einer Container Plat...
 
Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018Innovation durch kollaboration gennex 2018
Innovation durch kollaboration gennex 2018
 
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handoutRoger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
Roger basler meetup_digitale-geschaeftsmodelle-entwickeln_handout
 
Roger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handoutRoger basler meetup_21082018_work-smarter-not-harder_handout
Roger basler meetup_21082018_work-smarter-not-harder_handout
 
Xing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit xXing expertendialog zu nudge unit x
Xing expertendialog zu nudge unit x
 
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
Responsive Organisation auf Basis der Holacracy – nur ein Hype oder die Zukunft?
 
IPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe KleinIPv6 Security Talk mit Joe Klein
IPv6 Security Talk mit Joe Klein
 
Agiles Management - Wie geht das?
Agiles Management - Wie geht das?Agiles Management - Wie geht das?
Agiles Management - Wie geht das?
 
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi OdermattGewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
Gewinnen Sie Menschen und Ziele - Referat von Andi Odermatt
 
Querdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING ExpertendialogQuerdenken mit Kreativitätsmethoden – XING Expertendialog
Querdenken mit Kreativitätsmethoden – XING Expertendialog
 
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickelnXing LearningZ: Digitale Geschäftsmodelle entwickeln
Xing LearningZ: Digitale Geschäftsmodelle entwickeln
 
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only BuildingSwiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
Swiss IPv6 Council: The Cisco-Journey to an IPv6-only Building
 
UX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital BusinessUX – Schlüssel zum Erfolg im Digital Business
UX – Schlüssel zum Erfolg im Digital Business
 
Minenfeld IPv6
Minenfeld IPv6Minenfeld IPv6
Minenfeld IPv6
 
Was ist design thinking
Was ist design thinkingWas ist design thinking
Was ist design thinking
 
Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich Die IPv6 Journey der ETH Zürich
Die IPv6 Journey der ETH Zürich
 
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)CommerceXing LearningZ: Die 10 + 1 Trends im (E-)Commerce
Xing LearningZ: Die 10 + 1 Trends im (E-)Commerce
 
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloudZahlen Battle: klassische werbung vs.online-werbung-somexcloud
Zahlen Battle: klassische werbung vs.online-werbung-somexcloud
 
General data protection regulation-slides
General data protection regulation-slidesGeneral data protection regulation-slides
General data protection regulation-slides
 

Último

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxnelietumpap1
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxChelloAnnAsuncion2
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 

Último (20)

Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Q4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptxQ4 English4 Week3 PPT Melcnmg-based.pptx
Q4 English4 Week3 PPT Melcnmg-based.pptx
 
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptxGrade 9 Q4-MELC1-Active and Passive Voice.pptx
Grade 9 Q4-MELC1-Active and Passive Voice.pptx
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 

Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware

  • 1. 1 1 0 . 0 3 . IBM Virtual Server Protection 2 0 1 1 Security Challenges in the Virtualized World IBM Virtual Server Protection for VMware Peter Rossi, IBM Senior Security Specialist © 2009 IBM Corporation
  • 2. Agenda ■ IBM Security Framework ■ Security Challenges in the Virtualized World –Vulnerability examples ■ IBM Virtual Server Protection for VMware 2 10.03.2011 © 2011 IBM Corporation
  • 3. IBM Security Framework 3 10.03.2011 © 2011 IBM Corporation
  • 4. IBM delivers a new approach to Security Management IBM's approach is to strategically IBM's approach is to strategically manage risk end-to end across all manage risk end-to end across all risk areas within an organization. risk areas within an organization. 4 10.03.2011 © 2011 IBM Corporation
  • 5. IBM Security Framework Give the right users access to the right resources at the right time Protect sensitive business data Keep applications available and protected from malicious or fraudulent use. Optimize service availability by mitigating risks Provide actionable intelligence & improve physical infrastructure security 5 10.03.2011 © 2011 IBM Corporation
  • 6. IBM Tivoli Security Focus Areas Trusting Managing Securing Protecting Identities Access Services Data IBM Payroll HCR U6 IBM Online banking E Customers, partners, RC FO EN L IC Y employees (known) PO IBM is #1 in this space Loan applications Retail sales Criminals, competitors, hackers (unknown) Inventory IBM is #1 in this space Manage those you know. Protect against those you don’t. COMPLIANCE IBM is #1 in this space Prove that you’re in control. 6 10.03.2011 © 2011 IBM Corporation
  • 7. Security Challenges in the Virtualized World 7 10.03.2011 © 2011 IBM Corporation
  • 8. Server and Network Convergence 8 10.03.2011 © 2011 IBM Corporation
  • 9. Security Challenges with Virtualization: What is the Impact to Overall Security Posture? 9 10.03.2011 © 2011 IBM Corporation
  • 10. Security Challenges with Virtualization: New Risks Traditional Threats Traditional threats can attack New threats to VM VMs just like real systems environments Virtual server sprawl —————————— Dynamic state —————————— Dynamic relocation Management Vulnerabilities —————————— Secure storage of VMs and the management data Resource sharing —————————— —————————— Requires new Single point of failure skill sets —————————— —————————— Loss of visibility Insider threat Stealth rootkits in hardware MORE COMPONENTS = MORE EXPOSURE 10 10.03.2011 © 2011 IBM Corporation
  • 11. The Importance of Virtualization System Security ■ Businesses are increasingly relying on virtualization technology ■ In Q4 2009, 18.2% of servers shipped were virtualized1 – 20% increase over 15.2% shipped in Q4 2008 ■ Growing interest in cloud computing will fuel further demand ■ Vulnerability disclosures have grown as interest has grown 1Source: IDC 11 10.03.2011 © 2011 IBM Corporation
  • 12. The Risk Imposed by Virtualization System Vulnerabilities ■ Disclosed vulnerabilities pose a significant security risk ■ 40% of all reported vulnerabilities have high severity – Tend to be easy to exploit, provide full control over attacked system ■ Exploits have been publically disclosed for 14% of vulnerabilities 12 10.03.2011 © 2011 IBM Corporation
  • 13. Vendor Disclosures Include Some Surprising Results ■ Low percentages for Oracle, IBM, and Microsoft VMware: 80.9% RedHat: 6.9% Citrix: 5.8% Oracle: 1.8% IBM: 1.1% Microsoft: 0.9% 13 10.03.2011 © 2011 IBM Corporation
  • 14. Virtualization System Vulnerability Classes ■ Vulnerabilities can be classified by what they affect Virtualiza o n Server Guest VM Users 5 System Administrators Virtualization System Admin Guest Guest VM VM VM Hypervisor 1 Hardware 2 3 4 6 Management Console Management Server 14 10.03.2011 © 2011 IBM Corporation
  • 15. Virtualization System Vulnerability Classes ■ 1. Management console vulnerabilities –Affect the management console host –Can provide platform or information allowing attack of management server –Can occur in custom consoles or web applications ■ 2. Management server vulnerabilities –Potential to compromise virtualization system configuration –Can provide platform from which to attack administrative VM ■ 3. Administrative VM vulnerabilities –Compromises system configuration –In some systems (like Xen), equivalent to a hypervisor vulnerability in that all guest VMs may be compromised –Can provide platform from which to attack hypervisor and guest VMs 15 10.03.2011 © 2011 IBM Corporation
  • 16. Virtualization System Vulnerability Classes ■ 4. Hypervisor vulnerabilities –Compromise all guest VMs –Cannot be exploited from guest VMs ■ 5. Guest VM vulnerabilities –Affect a single VM –Can provide platform from which to attack administrative VM, hypervisor, and other guest VMs ■ 6. Hypervisor escape vulnerabilities –A type of hypervisor vulnerability –Classified separately because of their importance –Allow a guest VM user to “escape” from own VM to attack other VMs or hypervisor –Violate assumption of isolation of guest VMs 16 10.03.2011 © 2011 IBM Corporation
  • 17. Virtualization System Vulnerability Examples ■ Management console –CVE-2009-2277: A cross-site scripting vulnerability in a VMware web console allows remote attackers to steal cookie-based authentication credentials ■ Management server –CVE-2008-4281: VMware VirtualCenter management server can allow a local attacker to use directory traversal sequences to gain elevated privileges ■ Administrative VM –CVE-2008-2097: A buffer overflow in a VMWare management service running in the administrative VM could allow remote authenticated users to gain root privileges 17 10.03.2011 © 2011 IBM Corporation
  • 18. Virtualization System Vulnerability Examples ■ Guest VM –CVE-2009-2267: A bug in the handling of page fault exceptions in VMware ESX Server could allow a guest VM user to gain kernel mode execution privileges in the guest VM ■ Hypervisor –CVE-2010-2070: By modifying the processor status register, a local attacker can cause the Xen kernel to crash ■ Hypervisor escape –CVE-2009-1244: An error in the virtual machine display function on VMware ESX Server allows an attacker in a guest VM to execute arbitrary code in the hypervisor 18 10.03.2011 © 2011 IBM Corporation
  • 19. Production Virtualization System Vulnerabilities By Class Hypervisor (1.3%) Indeterminate (6.3%) Mgmt Server (6.3%) Hypervisor Guest VM (15.0%) escape (37.5%) Mgmt console (16.3%) Admin VM (17.5%) 19 10.03.2011 © 2011 IBM Corporation
  • 20. Gartner’s Perspective on Secure Virtualization “IBM has the first commercial implementation of a rootkit detection/prevention offering that works from outside of the virtual machine it is protecting...” -Neil MacDonald, Gartner Neil MacDonald, Gartner 20 10.03.2011 © 2011 IBM Corporation
  • 21. IBM Virtual Server Protection for VMware 21 10.03.2011 © 2011 IBM Corporation
  • 22. Virtualization Security Solutions Existing solutions Threat protection Integrated virtual certified for protection of delivered in a virtual form- environment-aware threat virtual workloads factor protection ■ Firewall § Firewall § Firewall ■ Intrusion Prevention § Intrusion Prevention § Intrusion Prevention ■ System auditing § Virtual network segment § Virtual host protection and ■ File integrity monitoring protection/policy network policy enforcement ■ Anti-malware enforcement § Network access control ■ Security configuration Mgmt § Virtual infrastructure monitoring 22 10.03.2011 © 2011 IBM Corporation
  • 23. Integrated Security ■ Non-intrusive o No reconfiguration of the virtual network SiteProtector o No presence in the guest OS Management ■ Less management overhead o One Security Virtual Machine (SVM) per physical server Management SVM VM VM o 1:many protection-to-VM ratio Policy Applications Response Applications Applications ■ Automated Engines o Privileged presence gives SVM holistic view of OS Hardened OS OS the virtual network OS o Protection automatically applied as VM comes Kernel Kernel Kernel Kernel online VMsafe ■ Lower overhead o Eliminates redundant processing tasks Hypervisor ■ Protection for any guest OS Hardware 23 10.03.2011 IBM Confidential © 2011 IBM Corporation
  • 24. IBM Confien al d IBM Virtual Server Protection for VMware Integrated threat protection for VMware vSphere 4 Helps customers to be more secure, compliant and cost-effective by delivering integrated and optimized security for virtual data centers. SiteProtector Management Benefits ■ Vulnerability-centric, protocol-aware analysis and protection ■ Abstraction from underlying network configuration ■ Automated protection for new VMs ■ Network-level workload segmentation ■ Privileged-level protection of OS kernel structures 24 10.03.2011 © 2011 IBM Corporation
  • 25. Our Protocol Analysis Module is the engine behind our products Intrusion prevention just got smarter with extensible protection backed by the power of X-Force Client-Side Application Web Application Threat Detection & Virtual Patch Data Security Application Control Protection Protection Prevention What It Does: What It Does: What It Does: What It Does: What It Does: What It Does: Shields vulnerabilities Protects end users Protects web applications Detects and prevents Monitors and identifies Manages control of from exploitation against attacks targeting against sophisticated entire classes of threats unencrypted personally unauthorized applications independent of a applications used application-level attacks as opposed to a specific identifiable information and risks within defined software patch, and everyday such as such as SQL Injection, exploit or vulnerability. (PII) and other segments of the network, enables a responsible Microsoft Office, Adobe XSS (Cross-site confidential information such as ActiveX patch management PDF, Multimedia files and scripting), PHP file- Why Important: for data awareness. Also fingerprinting, Peer To process that can be Web browsers. includes, CSRF (Cross- Eliminates need of provides capability to Peer, Instant Messaging, adhered to without fear of site request forgery). constant signature explore data flow through and tunneling. a breach Why Important: updates. Protection the network to help At the end of 2009, Why Important: includes the proprietary determine if any potential Why Important: Why Important: vulnerabilities, which Expands security Shellcode Heuristics risks exist. Enforces network At the end of affect personal capabilities to meet both (SCH) technology, which application and service 2009, 52% of all computers, represent the compliance requirements has an unbeatable track Why Important: access based on vulnerabilities disclosed second-largest category and threat evolution. record of protecting Flexible and scalable corporate policy and during the year had no of vulnerability against zero day customized data search governance. vendor-supplied patches disclosures and vulnerabilities. criteria; serves as a available to remedy the represent about a fifth of complement to data vulnerability. all vulnerability security strategy. disclosures. 25 10.03.2011 © 2011 IBM Corporation
  • 26. IBM Confien al d Automated Discovery/vNAC Features SiteProtector ■ Virtual network access Management control (VNAC) ■ Automated discovery SVM is notified The SVM reports to ■ Virtual Infrastructure as soon as a VM SiteProtector that a new comes online auditing integration VM is online and initiates a discovery scan. Benefits ■ Rogue VM protection ■ Virtual Infrastructure monitoring ■ Virtual network awareness ■ Quarantine or limit network access until VM security posture has been validated SVM limits network communications (quarantine group) until the VM is placed in a non-quarantine group 26 10.03.2011 © 2011 IBM Corporation
  • 27. Security Footprint Reduction CPU-intensive “Lighter” agent used processing removed where guest OS from the guest OS and context is required ■ Security isolated in Security consolidated in SVM Virtual Machine ■ Less presence in guest OS equals: o improved stability o more CPU/memory available for workloads o decreased attack surface ■ Customer-defined thresholds for security resource usage ■ Over time, guest OS presence will be reduce to the absolute minimum 27 10.03.2011 © 2011 IBM Corporation
  • 28. Mobility (VMotion) SiteProtector Management ■ Maintain security posture Abstraction from underlying irrespective of the physical server physical servers provides on which the VM resides dynamic security adapted for mobility 28 10.03.2011 © 2011 IBM Corporation
  • 29. Introspection-Based Rootkit Detection ■ Threat – Malware that embeds itself in the operating system to avoid detection ■ Functionality – Rootkit detection engine that uses memory introspection to identify modifications to key guest OS kernel data structures (SSDT & IDT) by malware 29 10.03.2011 © 2011 IBM Corporation
  • 30. Virtual Infrastructure Auditing ■ Threat – Virtual machine state change or migration that mixes trust zones ■ Functionality – Hooks into VMware management auditing to report events interesting from a security perspective 30 10.03.2011 © 2011 IBM Corporation
  • 31. VMsafe Network Packet Inspection API Security Virtual Machine SlowPath Agent ■ vNetwork Data Path Agent DVFilter Library (FastPath Agent) VM VM – Installs as a kernel module and directly intercepts VMM VMM VMM packets in the virtual network packet stream ■ vNetwork Control Path Agent FastPath Agent (SlowPath Agent) FastPath – Resides in a security virtual Agent introspection appliance and can be used VMkernel for further thorough processing vswitch01 VMkernel Hardware Interface VMX parameters for SVM: ESX Server ethernet2.networkName = "ibm- vmwarenetwork-appliance" Physical Hardware VMX parameters for VM: ethernet0.filter0.name = "ibm-iss-vmkmod" VM network traffic ethernet0.filter0.onFailure = "failOpen" VMsafe introspection 31 10.03.2011 © 2011 IBM Corporation
  • 32. VMsafe CPU & Memory API Security Virtual ■ Can inspect memory Machine locations and CPU registers VMsafe ■ Hypervisor Extension Library VM VM implemented as VMX/VMM V V M M modules s s VMM a VMM a VMM ■ VMsafe API Library on SVM f f e e ■ Capabilities – Detect current application state in the protected VMs CPU – Sense system VMkernel introspection configuration state from the control registers VMX parameters for SVM: VMkernel Hardware Interface ESX Server ethernet1.networkName = "ibm- vmwareintrospect-appliance" Physical VMX parameters for VM: Hardware vmsafe.enable = "true" vmsafe.agentAddress = "169.254.55.2" VM Memory/CPU calls VMsafe Vmsafe VMX/VMM extension vmsafe.agentPort = "49999" vmsafe.failOpen = "TRUE" VMsafe introspection 32 10.03.2011 © 2011 IBM Corporation
  • 33. IBM Virtual Server Protection for VMware helps to meet compliance best practices 1. Configuration and change management processes should be extended to encompass the virtual infrastructure – Automatic discovery and protection as a VM comes online – Dashboard visibility into the virtual host OS and the virtual network to identify vulnerabilities. – IBM Virtual Patch® technology protects vulnerabilities on virtual servers regardless of patch strategy 2. Maintain separate administrative access control although server, network and security infrastructure is now consolidated – Virtual network access control • Quarantines or limits network access from a virtual server until VM security posture has been confirmed – Virtual Infrastructure auditing 3. Provide virtual machine and virtual network security segmentation – Network-level workload isolation 4. Maintain virtual audit logging – Virtual Infrastructure monitoring and reporting *Source: RSA Security Brief: Security Compliance in a Virtual World http://www.rsa.com/solutions/technology/secure/wp/10393_VIRT_BRF_0809.pdf 33 10.03.2011 © 2011 IBM Corporation
  • 34. IBM Virtual Server Security for VMware helps customers to be more secure, compliant and cost-effective Integrated threat protection for the VMware vSphere 4 platform Helps meet regulatory compliance mandates by Protects and tracks providing security and access of critical data reporting functionality housed on virtual machines customized for the virtual infrastructure How we help your business Increases virtual Created for and server uptime and integrated with the availability with virtual virtual platform rootkit detection Increases ROI with dynamic VM security and discovery 34 10.03.2011 © 2011 IBM Corporation
  • 35. For more information on IBM Virtualization Security Solutions White paper Virtualizations Security Solutions Web page (click the graphic) (click the graphic) http://www-935.ibm.com/services/us/iss/html/virtualization-security-solutions.html ftp://ftp.software.ibm.com/common/ssi/sa/wh/n/sew03016usen/SEW03016USEN.PDF Links work in slide show mode. 35 10.03.2011 © 2011 IBM Corporation
  • 36. Question? Thank you! 36 10.03.2011 © 2011 IBM Corporation
  • 37. Trademarks and notes ■ IBM Corporation 2010 ■ IBM, the IBM logo, ibm.com, AIX, IBM Internet Security Systems, Proventia, Real Secure, SiteProtector, X-Force and Virtual Patch are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), these symbols indicate US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml ■ VMware, the VMware "boxes" logo and design, Virtual SMP and VMotion are registered trademarks or trademarks (the "Marks") of VMware, Inc. in the United States and/or other jurisdictions. ■ References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. ■ The customer is responsible for ensuring compliance with legal requirements. It is the customer’s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the reader may have to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation. 37 10.03.2011 © 2011 IBM Corporation
  • 38. 38 10.03.2011 © 2011 IBM Corporation