Yesterday, Donnie Hamlett, a Microsoft core infrastructure optimization specialist, gave a webcast and played a video of my TechEd presentation on virtualization and security. Some of the viewers had questions, and I offered to Donnie that they could come to my blog to post them. I’ll extend that offer to all of my readers—if you’ve got a question about this topic, ask away, and I’ll answer here. Thanks!
Good day to you Mr. Riley,
On behalf of TITSSN “The IT Security Suite Network”, I would like to say many thanks for linking up with Mr. Hamlett to provide us with this presentation on Virtualization and the security aspects of it and also your time to talk with us via phone. As an IT Security organization we try to look at these technologies with a keen eye on the security capabilities and needs and we were very enlightened by your presentation. It provided valuable insight and resources that will help us to guide our customers/clients in the right direction.
We were hoping to connect with you via phone so we could discuss some questions about it but due to your travels and schedule that didn’t work out well. Mr. Hamlett gave us a good session on the Microsoft world of Virtualization and the security aspects of it and we discussed your presentation and some questions about what you provided. I do hope that we get a chance to have you with us in person one of these days as we’d love to pick your brain on security in general.
Thanks again and have a great day,
~Brett A. Scudder~
The IT Security Attaché | http://theitsecurityattache.com | Blogs http://theitsecurityattache.com/blogs
~TITSSN ~The IT Security Suite Network~ | http://titssn.net | TITSSN's Blogs http://titssn.net/blogs
If you have time can you give in a nutshell the security aspects of virtualizing servers and desktops? I am trying to push for virtualizing in our new facility and need more leverage then all the other benefits up front. Of course if it is less secure then it isn't much leverage. email firstname.lastname@example.org
I am very interested in the session by Donnie Hamlett on virtualization and security. Is the presentation / recording posted somewhere?
1. Do you know of any cases when malware will detect a virtualised OS and exploit this fact? i.e. do something that is only possible if the underlying OS is a virtual instance?
2. do you know of any cases when a piece of code was able to escape the sandboxing of a VM?
3. When will we see sandboxing on a per application level? Would love to run my browser in a sandbox!
4. What is happening security-wise with SoftGrid?