Securing Virtual Systems
There are several reasons to consider server consolidation and
deploying guests on shared resources. However, we cannot lose sight
of the increasing requirements for secure computing. We've learned
important lessons in the physical world that should help guide us
in building secure virtual environments. One of these lessons, is
that firewalls should be deployed to insure that communications
between systems is for intended use by the parties we've defined.
This raises the questions - Is it possible to secure virtual
computing?
Download
PDF (946 KB)
Encryption of Data-at-Rest in the Data Center is almost
considered mandatory to meet the various Regulatory Compliance
requirements today. Three major Fibre Channel SAN HBA suppliers
differ in their approach and recommendations on where and how this
should be implemented. With the release of OASIS KMIP v1.0
specification (Organization for the Advancement of Structured
Information Standards - Key Management Interoperability Protocol)
interoperability of the various Key Management systems are
addressed. Coupled with Self Encrypting Disk devices just where
should encryption investments be made?
Qlogic believes that usage of SEDs (Self Encrypting
Drives) are the best Data-at-Rest option and stresses that there is
no single solution which addresses encrypting data at
rest.
Download
PDF (2.1 MB)
Emulex has adopted SNIA best practices and provides
Software and Hardware based encryption at the HBA level bundled
with OneSecureā¢ management application as well as KMIP support for
Key Management interoperability.
Download
PDF (1.6 MB)
Brocade has compiled an excellent Book dealing
specifically with Securing Storage Area Networks. Please refer to
chapter 6 of this book for Brocades insight and recommendations on
encryption at the HBA.
Download
PDF (4 MB)
