tag:blogger.com,1999:blog-88010276373927708262024-03-19T03:48:51.798+01:00Watching paint dry minute by minutelarstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comBlogger59125tag:blogger.com,1999:blog-8801027637392770826.post-49343831538807032182017-04-28T08:24:00.000+02:002017-04-28T08:24:40.253+02:00Replacing the battery of a Toyota Auris key fobLately I started receiving the message "Key battery low" when turning off the car which is a 2014 Toyota Auris. I found a similar post for <a href="https://snapguide.com/guides/replace-the-battery-in-a-toyota-prius-key-fob/">Toyota Prius</a> and the receipt for Auris fairly similar with a couple of exceptions.<br />
<br />
1. Take out the metal key and split the housing in half by using a flat screw driver.<br />
<br />
2. Use a flat screw driver to remove the black plastic that covers the battery.<br />
<br />
3. Use the screw driver to eject the existing battery.<br />
<br />
4. Insert a new CR2032 battery.<br />
<br />
5. Click on the black cover and the housing. Insert the metal key again.<br />
<br />
6. Success (no need to resync the key with the car or anything else)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj85jx8tk96kIbZWPEYTczpdmHkfc8fFrG9JjHpDyNOhxz6pPHk-739VXsAtnEsST4cjDqMkx8d5RNoRr95oyC_t5hWwCz240OeoLoUhDEJ8Ydx7lQaNWlj9wunfCEksXWdBwC2U9RzEBZN/s1600/IMG_20170425_194243.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj85jx8tk96kIbZWPEYTczpdmHkfc8fFrG9JjHpDyNOhxz6pPHk-739VXsAtnEsST4cjDqMkx8d5RNoRr95oyC_t5hWwCz240OeoLoUhDEJ8Ydx7lQaNWlj9wunfCEksXWdBwC2U9RzEBZN/s400/IMG_20170425_194243.jpg" width="225" /></a></div>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlEArPdbSyc2G6j5JpOmM9jVwVOIKEsV2H7ZgPZsrFiCQZiqMtrdi1Fhcu9sTDTYyt5CvL4HKvY4DHrkGk_mderriGnL2GZt7vViZ8KbNcsBbvhlXirWttYZ4UHndPGdSETnp7hM9dKk_e/s1600/IMG_20170423_003627.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlEArPdbSyc2G6j5JpOmM9jVwVOIKEsV2H7ZgPZsrFiCQZiqMtrdi1Fhcu9sTDTYyt5CvL4HKvY4DHrkGk_mderriGnL2GZt7vViZ8KbNcsBbvhlXirWttYZ4UHndPGdSETnp7hM9dKk_e/s320/IMG_20170423_003627.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcVrbQvfF38_0gFF-F-zC1zMVpcw8Juub_NLX-01qNVdu0xJeBlA19oEZbkTPC9zq9N9SmOmtxJC8PV1qTUICGy9RR1Aotwxi2mmz_VufC_nLs4hp9aagLX15WuYv57nvvV_wuoBC0gNNJ/s1600/IMG_20170423_004159.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcVrbQvfF38_0gFF-F-zC1zMVpcw8Juub_NLX-01qNVdu0xJeBlA19oEZbkTPC9zq9N9SmOmtxJC8PV1qTUICGy9RR1Aotwxi2mmz_VufC_nLs4hp9aagLX15WuYv57nvvV_wuoBC0gNNJ/s320/IMG_20170423_004159.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1YWQTn-f8wtfblOOyyAz134CqjyYw6C2algw6_euWiuKzBVP2lPcqmCz_9CKiIwsdKNUp4HeVquuetX6PAZS-gB96wTOFny-Gh26CjC0mNNXzWqF14_GvBIxJ0AY3f8n3M-eH5rak7PfX/s1600/IMG_20170423_004219.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1YWQTn-f8wtfblOOyyAz134CqjyYw6C2algw6_euWiuKzBVP2lPcqmCz_9CKiIwsdKNUp4HeVquuetX6PAZS-gB96wTOFny-Gh26CjC0mNNXzWqF14_GvBIxJ0AY3f8n3M-eH5rak7PfX/s320/IMG_20170423_004219.jpg" width="320" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhARYzxsQ3oQtZ83cvVRwS7ORGqflqeyk_2pnTUFcNdcSjRMxJ16fbyOq4EeUc_l-aYmTdrA2igHCBbu2GEl9f756whIP7uXfl5H_RUeF4vrv0ofrVM1JLdkYf1iRxp61yjgaLNEeW0U9nU/s1600/IMG_20170423_004431.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhARYzxsQ3oQtZ83cvVRwS7ORGqflqeyk_2pnTUFcNdcSjRMxJ16fbyOq4EeUc_l-aYmTdrA2igHCBbu2GEl9f756whIP7uXfl5H_RUeF4vrv0ofrVM1JLdkYf1iRxp61yjgaLNEeW0U9nU/s320/IMG_20170423_004431.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwk7FwUlf6oSrO53e0mrKBsGpSpUcmfiOTgtHWf-4vWLNJ9bXqz8Tmuz0y24Giv8wsOUEWT0FYC803kG7BQOhqmCGFDmmnaoHATrgKPlHijVAgNBCZlhXrt3tc17tqPdKYKwSGh32GGyiY/s1600/IMG_20170423_004457.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwk7FwUlf6oSrO53e0mrKBsGpSpUcmfiOTgtHWf-4vWLNJ9bXqz8Tmuz0y24Giv8wsOUEWT0FYC803kG7BQOhqmCGFDmmnaoHATrgKPlHijVAgNBCZlhXrt3tc17tqPdKYKwSGh32GGyiY/s320/IMG_20170423_004457.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-74762913288524518502014-08-30T21:30:00.001+02:002014-08-30T21:30:20.665+02:00Summer activitiesKayaking, surfing and canoeing<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/x-iUTq2grR0?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<object width="320" height="266" class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://i.ytimg.com/vi/3V1ShmEeg_U/0.jpg"><param name="movie" value="https://www.youtube.com/v/3V1ShmEeg_U?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="https://www.youtube.com/v/3V1ShmEeg_U?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/bUucrz3NDSs?feature=player_embedded' frameborder='0'></iframe></div>
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-20651255491082287732013-10-12T13:47:00.002+02:002014-04-07T20:11:56.079+02:00Book:The Phoenix project<div class="separator" style="clear: both; text-align: left;">
Sometimes you read a book and you recognize the problems described and the people involved. <a href="http://www.amazon.co.uk/The-Phoenix-Project-Helping-Business-ebook/dp/B00AZRBLHO">The Phoenix Project</a> was such a book. I recognized many of the characters in the book as people I've been working with or even myself. <a href="http://itrevolution.com/books/phoenix-project-devops-book/">The Phoenix Project</a> do however bring something very valuable to this world and I frequently recommend people in relevant positions to go read it. I want them to understand what this devops thing is and how it can contribute in solving their biggest challenges. There are other books on the topic of devops too, but <b>this</b> book is a <a href="http://en.wikipedia.org/wiki/The_Phoenix_Project">fictional</a> book with a story which is both exciting, funny, touching and educating. It touches the very same problems that many IT departments/people face, and it also brings a suggested change in IT operations that can help getting IT running more smoothly. A change in methodology based upon the experiences done in some of the most influential IT organizations in the world today. </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Jhen9vJQMK4t_JnukckAZ_DNAlsPfpK8VIC7LZtleY26hyphenhyphenUcgZ-5j3nGKPWQb4-OwR7qhRwM3iDy3dPnKw0LGBAB2DwVJRHwRQR_9IIksWi56XdJg0r6VQkl3OBONdI3rzIiZgL6JH3Q/s1600/PPhardcover.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Jhen9vJQMK4t_JnukckAZ_DNAlsPfpK8VIC7LZtleY26hyphenhyphenUcgZ-5j3nGKPWQb4-OwR7qhRwM3iDy3dPnKw0LGBAB2DwVJRHwRQR_9IIksWi56XdJg0r6VQkl3OBONdI3rzIiZgL6JH3Q/s200/PPhardcover.png" height="200" width="162" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
One of the <a href="http://en.wikipedia.org/wiki/Gene_Kim">authors</a> of this book (Gene Kim) was guest star in episode 111 of the Cloud Virtualization Security Roundtable podcast.</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="http://www.virtualizationpractice.com/how-devops-can-turn-fragile-to-agile-22225/">How DevOps can Turn Fragile to Agile</a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://i1.ytimg.com/s_vi/ZPaNp9g2Htk/default.jpg?sqp=CIDO5JIF&rs=AOn4CLActYfaXGd0OihJBx8Ol7NycRGCEw" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/ZPaNp9g2Htk?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/ZPaNp9g2Htk?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<div class="separator" style="clear: both; text-align: center;">
Cloud Virtualization Security Roundtable, episode 111</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.virtualizationpractice.com/how-devops-can-turn-fragile-to-agile-22225/">http://www.virtualizationpractice.com/how-devops-can-turn-fragile-to-agile-22225/</a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<i>Update: I've met Gene Kim at the <a href="http://www.itsmf.no/">ITSMF</a> conference and he is in the process of writing a new book that I will soon be getting access to one of the early drafts.</i></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZI6pqI-BrYSeCPLshCIddUbWVdqQzpFZ-C4pr41pbRSTUfkJ2m1zzR4vrzbjwzRTSSitUVTfP2qwzCVgDYsZ5ie0yIDHLQwv_OKDSGh71nwcPEUEOTre3v1kDDfYM2Pe1DCKYVhe7mTeJ/s1600/Gene+Kim.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZI6pqI-BrYSeCPLshCIddUbWVdqQzpFZ-C4pr41pbRSTUfkJ2m1zzR4vrzbjwzRTSSitUVTfP2qwzCVgDYsZ5ie0yIDHLQwv_OKDSGh71nwcPEUEOTre3v1kDDfYM2Pe1DCKYVhe7mTeJ/s1600/Gene+Kim.jpg" height="320" width="318" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-12035108201083664112013-10-12T13:33:00.004+02:002013-10-13T09:55:27.075+02:00NIST Cloud Computing Security Reference ArchitectureA couple of years ago NIST released the first edition of <a href="http://www.cloudcredential.org/images/pdf_files/nist%20reference%20architecture.pdf">Cloud Computing Reference Architecture</a>, but this summer they released a draft <a href="http://www.egov.vic.gov.au/focus-on-countries/north-and-south-america-and-the-caribbean/united-states/trends-and-issues-united-states/information-and-communications-technology-united-states/nist-cloud-computing-security-reference-architecture-draft-in-pdf-format-8751kb.html">document</a> with <a href="http://www.fiercegovernmentit.com/story/nist-outlines-cloud-security-management-overlay/2013-06-17">focus</a> on <a href="http://collaborate.nist.gov/twiki-cloud-computing/bin/view/CloudComputing/CloudSecurity">cloud security</a>: <a href="http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/CloudSecurity/NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf">Cloud Computing Security Reference Architecture</a>(SP 500-299).<br />
<br />
Due to the <a href="http://www.usa.gov/shutdown.shtml">shutdown</a> of the US government this document seems to be unavailable from the NIST site at the moment, but they will hopefully soon restart again in safe mode.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji6esLv9IjwmLDwbGFaZm_nhpFpGQK1EBRghEXVEuJC7b94yV0UCi8iTDkWJxw1EPB45DCTCHrJaDIBmna3YkKTXN3K1PKQDozR9sDgh__dcRI8rGkJvpbaIi4TfiWvf_zSt8ku4Zos-du/s1600/shut+down.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji6esLv9IjwmLDwbGFaZm_nhpFpGQK1EBRghEXVEuJC7b94yV0UCi8iTDkWJxw1EPB45DCTCHrJaDIBmna3YkKTXN3K1PKQDozR9sDgh__dcRI8rGkJvpbaIi4TfiWvf_zSt8ku4Zos-du/s320/shut+down.jpg" width="320" /></a></div>
<br />
<br />
<br />
Cloud Virtualization Security Roundtable<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://i1.ytimg.com/s_vi/qztoRpjEmYs/default.jpg?sqp=CJDyp5IF&rs=AOn4CLCpbh9pZCZe9kDmp0yON8EfzUvdWQ" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/qztoRpjEmYs?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/qztoRpjEmYs?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="https://i1.ytimg.com/s_vi/8iMGFqC92OQ/default.jpg?sqp=CJDyp5IF&rs=AOn4CLAa1zJ4oTc4DbbTL3wSE2pt2R3qWQ" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/8iMGFqC92OQ?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/8iMGFqC92OQ?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<div>
<br /></div>
larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-87943144658316804312013-05-19T00:49:00.001+02:002013-05-19T00:49:19.130+02:00Episode 105: VirtuStreamThis episode's guest is <a href="http://www.virtustream.com/company/team#p-4">Pete Nicoletti</a> from <a href="http://www.virtustream.com/">VirtuStream</a>. VirtuStream is a cloud solution provider with a strong focus on security and they are hosting some major customers.<br />
<br />
One of the topics that are being discussed in episode 105 is the use of <a href="http://en.wikipedia.org/wiki/Trusted_Execution_Technology">TXT</a> technology in cloud solutions. Currently it's not possible to enable TXT across all cloud solutions because it depends on what hardware the cloud providers are using. Providers using white boxes can not support TXT as it is available in enterprise solutions.<br />
<br />
In a cloud solution tenant specific logging is very important and a standard is still missing even though there is some work underway.<br />
<br />
In addition to various <a href="http://vmware.com/go/securityguides">hardening guides</a> there is also an application called <a href="http://www.onapsis.com/">Onapsis</a> that can check if you have setup your system in a secure way. It's an application specific security scanner.<br />
<br />
Hosting different customers on the same platform <a href="http://www.kb.cert.org/vuls/id/649219">can</a> <a href="http://theinvisiblethings.blogspot.se/2009/03/attacking-smm-memory-via-intel-cpu.html">be</a> a <a href="http://static.usenix.org/event/usenix07/tech/full_papers/lu/lu_html/usenix07.html">risk</a> and most cloud providers have no evaluation on which customers should be allowed to run on the same hardware (or <a href="http://www.guardian.co.uk/media/2010/dec/01/wikileaks-website-cables-servers-amazon">at all</a>).<br />
<br />
<a href="https://www.pcisecuritystandards.org/security_standards/">PCI-DSS</a> is also something you must have in mind. Many PCI auditors may scratch their head when they come across a virtualized solution. Even though there is a virtualization special interest group for auditors, such auditors are hard to find.<br />
<br />
Texiwill has written a bit here on <a href="http://www.virtualizationpractice.com/how-virtustream-does-cloud-security-21205/">How VirtuStream does Cloud Security</a> and the podcast is available below.<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/VUOsDGiFwO8?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Cloud Virtualization Security Roundtable, episode 105<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-4065391467058353482013-05-07T11:11:00.003+02:002013-05-07T11:11:59.131+02:00Human technology roadblocksOften new proposals and projects are stopped due to the lack of knowledge of others.<br />
<br />
The security team can stop many good projects such as those involving virtualization because they don't have enough knowledge and are skeptical to new types of services that they don't have experience with.<br />
<br />
<a href="https://twitter.com/MrsYisWhy">Mrs Y</a> once worked at a company and the networking department was skeptical to running virtualized networks. They were asking about latency and other issues that may have been a problem many years ago.<br />
<br />
Some people are skeptical regarding VLANs. <a href="https://twitter.com/Texiwill">Texiwill</a> too. That includes VXLAN and other similar technologies.<br />
<br />
It has been said that it's a struggle for people to separate the logical from the physical. For the longest time it has been the same thing and now it's suddenly different. Both people, companies, ISVs and hardware vendors are confused by these changes and many of them will try to block these new inventions in favor of the old ones.<br />
<br />
<br />
All this and more in episode 104.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/doMPI3e0rr0?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Driving from Lycia to Fethiye.<br />
<br />
Audio: Cloud Virtualization Security Roundtable, episode 104<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-52894120273480225892013-05-04T19:12:00.000+02:002013-05-04T19:12:25.026+02:00Boat tripLast week I attended a boat trip from Dalyan to Iztuzu Beach. On this same truo we also attended a mud bath and turtle safari. There were one turtle near our boat for a short moment, but I didn't see it with my own eyes since it was at the front of our boat and I was sitting in the back. The beach was great and I wish we could have stayed there longer.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/M7-WhjoYGhA?feature=player_embedded' frameborder='0'></iframe></div>
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-14589511238748747552013-03-21T20:06:00.000+01:002013-03-21T20:06:04.428+01:00Cloud ViewsSpecial guest on episode 103 was <a href="http://pleasediscuss.com/andimann/">Andi Mann</a>.<br />
<br />
Cloud View started out as a news letter. Later it moved to twitter as #cloudview with cloud security as the topic. Cloud View is hosted on <a href="http://smartenterpriseexchange.com/">http://smartenterpriseexchange.com</a> and they have a dozen episodes available on <a href="http://www.youtube.com/playlist?list=PLBABDAD856CE6C554">YouTube</a>.<br />
<br />
Where is the firewall in a cloud environment?<br />
<br />
Earlier you knew from where people were accessing your data since nobody outside your firewall had access. Nowadays you need to know <b>who</b> is accessing your data because access is not restricted by network segments anymore.<br />
<br />
We have several layers of identity:<br />
<ul>
<li>username/password</li>
<li>2 factor</li>
<li>multiple factors</li>
</ul>
After all the breaks ins at major sites (PSN, iCkiud9,) Many think that username is not good enough anymore, but it's still the only credentials you need for 99% of the web servers on the internet.<br />
<br />
Who is responsible for security?<br />
- Everybody?<br />
- The board?<br />
<br />
News from the RSA conference.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://i.ytimg.com/vi/O3_1k7K4f7A/0.jpg" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/O3_1k7K4f7A?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/O3_1k7K4f7A?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<br />
Audio: Cloud Virtualization Security Roundtable, episode 103<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-59780393496191876132013-03-17T17:18:00.001+01:002013-03-17T17:18:55.079+01:00Episode 102<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://i.ytimg.com/vi/osU_Tm2e_04/0.jpg" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/osU_Tm2e_04?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/osU_Tm2e_04?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<br />
<br />
<br />
Audio: Virtualization Security Roundtable, episode 102<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-32850163002144557082013-03-17T17:18:00.000+01:002013-03-17T17:18:14.501+01:00Episode 101<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/wwWaDck-qKs?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Virtualization Security Roundtable, episode 101<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-35757598434279890092013-03-17T17:17:00.000+01:002013-03-17T17:17:46.306+01:00Episode 100<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/3T8HJrS0ShY?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Virtualization Security Roundtable, episode 100<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-10595165218575550452013-02-01T08:27:00.003+01:002013-02-01T08:27:46.715+01:00Security monitoring in a cloud environmentYou have a level of visibility in a traditional enterprise that you lose in a public cloud. Today the solution seems to be be host based IDS (agent inside your VMs).<br />
<br />
How can an IAAS end user be able to do non host based IDS without the cloud provider having to do it for you? As a tenant you're limited in what you can do and you don't normally have access to the physical network.<br />
<br />
Collecting logs from all your systems in your part of the IAAS cloud can also give you some insight that can make you feel ok.<br />
<br />
Most of the SAAS providers do however not provide any ability to gather logs related to specific cloud applications. People are accessing SAAS cloud applications simultaneously from all over the world. 70% of the SAAS applications do not utilize SAML for authentication. Typically it's the SAAS providers that have been around the longest that implement SAML such as Google, Amazon and Salesforce.<br />
<br />
For IAAS you can implement controls in a reasonable way, but most of the SAAS and PAAS clouds have very limited capabilities to withdrawing logs.<br />
<br />
If you have a requirement stating that you need real time monitoring it would need the ability to withdraw logs in real time.<br />
<br />
These topics are being discussed in episode 99 of the Cloud Security Virtualization Roundtable.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/1mTebj-mdSc?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Virtualization Security Roundtable, episode 99<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-77610570709558237752012-12-18T21:55:00.004+01:002012-12-18T21:55:47.305+01:00REST API securitySpecial guest in episode 98 is <a href="http://en.wikipedia.org/wiki/George_Reese_(computer_programmer)">George Reese</a><span id="goog_1428650882"></span><span id="goog_1428650883"></span><a href="http://www.blogger.com/"></a> <a href="http://george.reese.name/">who</a> <a href="http://www.oreillynet.com/pub/au/429">is</a> Founder and CTO of <a href="http://enstratus.com/">enStratus</a>. Topic this time is API security, and especially for the REST API. One of the things that are <a href="http://www.pwc.com/us/en/technology-forecast/2012/issue2/interviews/interview-streetline-restful-apis.jhtml">commonly</a> used for communications between systems in the cloud is the <a href="https://www.ibm.com/developerworks/webservices/library/ws-restful/">REST API</a>.<br />
<br />
For many systems it seems that security is an afterthought, and that's the case also for the REST API. It is using SSL, but it's having several weakness points including username/password for system<->system communications, no transaction verification, etc. He has also written a <a href="https://github.com/greese">utilities </a>that are <a href="http://www.dasein.org/">freely available</a> on github that can be used to test different implementations of the REST API. He has used it to uncover several bugs that may give permissions to do operations without having the needed credentials.<br />
<br />
For more info, check out episode 98 of Cloud Virtualization Security Roundtable.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/m6GhU7-fabY?feature=player_embedded' frameborder='0'></iframe></div>
<span style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;">Audio: Virtualization Security Roundtable, episode 98</span><br style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;" /><br style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="background-color: #dddddd; border: 0px; color: #438bc5; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 17px; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="background-color: #dddddd; border: 0px; color: #438bc5; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 17px; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-90352615117986212482012-12-12T09:03:00.000+01:002012-12-12T09:24:44.085+01:00Cloud Security: Aligning the business in 12 stepsThe special guest on episode 97 was <a href="http://www.linkedin.com/in/secuomar">Omar Khawaja</a> who has a 12 step program for moving to the cloud.<br />
<br />
There are also a discussions on these topics:<br />
<br />
<ul>
<li>IT departments can't sit there in their cathedral, they have to respond to the needs of their users - in a secure way.</li>
<li>Employees' expectations from IT in the enterprise has changed during the past 5 years</li>
<li>Telling people not to do something that they can easily do will not stop them doing it. Corporate policy has not prevented users from storing company internal information in Google docs or on their iPhone.</li>
<li>User experience matters. You want productive users and you do not want strict control from the IT department prevent them from doing their job efficiently.</li>
<li>People just want to get their job done and don't understand the impact of wrongdoing.</li>
<li>Security policies have to change.</li>
</ul>
<br />
The 12 steps that Omar presents is also available here:<br />
<a href="http://www.slideshare.net/ok4/cloud-security-a-businesscentric-approach-in-in-12-steps">http://www.slideshare.net/ok4/cloud-security-a-businesscentric-approach-in-in-12-steps</a><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh48hdjN3oE8baU-1MllpkXSlr882wdaqBr7M6RtrAXGwU4EGDJFvNDkw26ewDSX6r1juL8LVeLVjY8iou0lVOvopKzYGwb0NT6unb-iS9FxpqUMjo0fFhIBGIFijbLdsEVagDUUmNaLVO/s1600/Selection_068.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh48hdjN3oE8baU-1MllpkXSlr882wdaqBr7M6RtrAXGwU4EGDJFvNDkw26ewDSX6r1juL8LVeLVjY8iou0lVOvopKzYGwb0NT6unb-iS9FxpqUMjo0fFhIBGIFijbLdsEVagDUUmNaLVO/s400/Selection_068.jpg" width="400" /></a></div>
<br />
<br />
<br />
<a href="https://twitter.com/Texiwill">Texiwill</a> has also written an article about this roundtable discussion here: <a href="http://www.virtualizationpractice.com/12-step-program-to-enter-the-cloud-19397/">http://www.virtualizationpractice.com/12-step-program-to-enter-the-cloud-19397/</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/yPLQQfsOqec?feature=player_embedded' frameborder='0'></iframe></div>
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-29640311753371739942012-12-12T01:03:00.002+01:002012-12-12T09:26:16.146+01:00Private vs public cloud security<div class="separator" style="clear: both; text-align: left;">
How do you establish a private cloud securely? There are many different approaches to the focus on security in different organizations. Intellectual property needs to be secured, but how can you make sure you haven't forgot anything? </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Does it matter where your data is located if you know it's secure?</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Social security numbers is an example of something that should be secured no matter if it's located internally or externally.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Can you be sure in a public cloud that other services can't access your <a href="http://arstechnica.com/security/2012/11/crypto-keys-stolen-from-virtual-machine/">in-memory data</a>?</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Does it make a difference to run a service on physical internal servers than on a private cloud?</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Who has juridical ownership of your data? What if your data is located in another country? </div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
These things are among the topics that are discussed in episode 96 of the Virtualization Security Roundtable.</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://i.ytimg.com/vi/k_jA3EH7Mug/0.jpg" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/k_jA3EH7Mug?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/k_jA3EH7Mug?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<span style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;">Audio: Virtualization Security Roundtable, episode 96</span><br />
<br style="background-color: #dddddd; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 17px;" />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="background-color: #dddddd; border: 0px; color: #468aca; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 17px; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="background-color: #dddddd; border: 0px; color: #468aca; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 17px; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-8636289978639388122012-11-21T22:17:00.001+01:002012-11-21T22:17:04.890+01:00Adapting to an ever changing IT worldIn 2003 (or 2004?) I attended a partner seminar hosted by a hardware vendor about VMware solutions. This was the first time most of the attendees heard about virtualization and many of the sales guys where scared of what they heard. If this was to become a success it would mean they couldn't sell as many servers as before. Many felt threatened by this and some voiced their opinion.<br />
<br />
<br />
As times passed by, virtualization was indeed a hit and the sales people eventually started realizing that by offering virtualization to the customers they would now start selling other data center components. SAN, fiber switches and multi cpu socket servers where now needed in such environments and even if they sold less servers they where still able survive in a changing IT world.<br />
<div>
<br /></div>
<br />
When companies started virtualization some people within IT departments where afraid that the number of positions at the IT departments would decrease as there would be less physical systems to manage. I also suspect that the number of people who had (almost) an erotic relationship to server hardware where larger then than now (on the client side there still seems to be people hugging hw, especially from that fruit company).<br />
<br />
So what happened at the typical IT departments after they virtualized. Yes, less physical servers mean less work within the data center, but the number of operating systems to manage often increased at high speed. It was now so easy to setup a new system that the time it would take to <a href="http://www.sqlmag.com/article/sql-server/the-high-cost-of-server-sprawl">manage</a> these systems was not less than before at all. <a href="http://en.wikipedia.org/wiki/Server_sprawl">Server sprawl</a> is a term that was <a href="http://searchdatacenter.techtarget.com/definition/server-sprawl">coined</a> to describe this problem. Most IT departments would not lay off all their people, but often people got assigned other tasks than before.<br />
<br />
I'm still not sure what <a href="http://blog.mimecast.com/2011/04/10-signs-you-might-be-a-server-hugger/">happened</a> to the <a href="http://gigaom.com/cloud/vmware-cto-say-goodbye-to-the-server-hugger/">server huggers</a>, but I'm <a href="http://www.managingpowermag.com/it/370.html">pretty sure</a> they're still around here somewhere.<br />
<br />
With many new inventions there have been great expectations. When the printing press was invented, some people <a href="http://www.historyguide.org/intellect/press.html">forecasted</a> peace between nations as a result. When the telegraph was invented people could communicate over large distances and world peace <a href="http://www.elon.edu/e-web/predictions/150/1830.xhtml">was forecasted</a>. When the telephone was invented people could communicate more easily over distances and again people <a href="http://books.google.co.uk/books?id=x6DZcpNDKjsC&pg=PA56&lpg=PA56">thought</a> world peace <a href="http://www.elon.edu/e-web/predictions/150/1870.xhtml">would be the result</a>. ..and it was the same with the <a href="http://edition.cnn.com/TECH/9711/25/internet.peace.reut/">internet</a>. World peace. However, it seems that these technologies <b>alone</b> are not enough. We also have a human factor as well that is quite important. And there's no doubt that the world has become smaller and smaller as each of these new technologies have evolved and it has totally changed they way we communicate.<br />
<br />
We now see cloud computing as something that is on it's way into the IT world. I have not yet heard that it will lead to world peace, but I'm pretty sure that some people will get other positions than before.<br />
<br />
In episode 95 of the Virtualization Security Podcast we have a discussion of how new technology can affect your job in the IT market.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/NFVKvZqXlks?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<div id="watch-description-text" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 1.09em; line-height: 1.4; margin: 0px; padding: 0px;">
<div id="eow-description" style="border: 0px; font-size: 13px; padding: 0px;">
<br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: initial;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a></div>
<div>
<br /></div>
</div>
<div id="watch-description-extras" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 12px; margin: 1em 0px 10px; padding: 0px;">
</div>
larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-43730180833378647992012-11-11T16:11:00.001+01:002012-11-11T18:20:32.651+01:00Hardware securityI sometimes joke saying that I don't trust software I write myself. Sometimes I can take it further and say I also don't trust hardware I didn't build myself. But there is some degree of truth to it as well. It should take a lot of trust to use equipment that you don't fully understand the inner workings of. Being able to read the source may help, but soure code written by others can some times be hard to understand fully (depending on language and<a href="http://www.ioccc.org/2012/hamano/hamano.c"> coding style</a>).<br />
<br />
Also, both software and hardware security has been hot issues <a href="http://www.theregister.co.uk/2006/03/24/checkpoint_sourcefire_deal/">as </a>nations are <a href="http://www.smh.com.au/it-pro/security-it/us-follows-australia-in-naming-huawei-as-a-possible-security-threat-20121007-277ad.html">suspecting </a>hw/sw <a href="http://news.cnet.com/8301-13578_3-57538843-38/huawei-offers-australia-unrestricted-access-to-hardware-source-code/">from </a><a href="http://www.nytimes.com/2012/10/09/us/us-panel-calls-huawei-and-zte-national-security-threat.html?pagewanted=all&_r=0">other </a>nations <a href="http://www.techradar.com/news/internet/web/china-blocks-google-search-gmail-and-drive-1111602">could </a>be doing things they are not designed for. This is the topic of episode 94 of the Virtulization Security Roundtable.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/rLW5cwEaeKU?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Virtualization Security Roundtable, episode 94<br />
<br />
http://www.virtualizationpractice.com/resources/virtualization-security-podcast/<br />
http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-80977342954725267722012-10-06T20:12:00.001+02:002012-10-06T20:12:10.476+02:00Virtualization Security Roundtable episode 93This time we discuss security features in vSphere 5.1 and the vCloud Suite that was announced at VMworld. Keywords: VMsafe, vShield Edge, vShield Zones, vmkernel modules, APIs<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/4dVsNfCLrn4?feature=player_embedded' frameborder='0'></iframe></div>
<br />
http://www.virtualizationpractice.com/resources/virtualization-security-podcast/<br />
http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t<br />
<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-58831896856817525732012-09-09T14:38:00.000+02:002012-09-09T14:38:53.482+02:00VMworld wrap-upQuite a few things were announced by VMware and third party vendors at VMworld. We look back at the event in the latest episode of the Cloud Virtualization Security Roundtable.<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/7oZdgPqgy3U?feature=player_embedded' frameborder='0'></iframe></div>
<br />
Audio: Virtualization Security Roundtable, episode 92<br />
<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-88755056656402238372012-08-26T23:29:00.001+02:002012-08-26T23:43:24.563+02:00While we're waiting for something big #vmworld<br />
VMware promises that tomorrow (27AUG2012) "Something big is about to happen". For us who are not in San Francisco we can follow the event live by signing up here:<br />
<a href="http://info.vmware.com/forms/18162_VMwareNow_REG">http://info.vmware.com/forms/18162_VMwareNow_REG</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirL6fa-9CtHZ3U6M9BLUmNYkLLN4iCNP7sUoljzyqE9K34afgNkj8494dOoLS_4wuNrVQc_b2xPqe1WKN_jGR25GBtY2g6EGrhpW4WvrohYy0P-k1aUKxWskXCm4CRWtIlQ9VuQWomoiiq/s1600/Selection_345.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirL6fa-9CtHZ3U6M9BLUmNYkLLN4iCNP7sUoljzyqE9K34afgNkj8494dOoLS_4wuNrVQc_b2xPqe1WKN_jGR25GBtY2g6EGrhpW4WvrohYy0P-k1aUKxWskXCm4CRWtIlQ9VuQWomoiiq/s320/Selection_345.png" width="320" /></a></div>
<br />
<br />
While we're waiting we can make some predictions on what we can expect. There have already <a href="http://vmtoday.com/2012/08/reading-the-tea-leaves-before-vmworld-2012-part-1/">been</a> <a href="http://searchservervirtualization.techtarget.com/news/2240160004/VMware-vSphere-51-to-include-shared-nothing-live-migration">some</a> <a href="http://www.crn.com/news/cloud/240005840/vmware-kills-vram-licensing-will-focus-on-vsphere-cloud-bundles.htm">rumours</a> <a href="http://vmtoday.com/2012/08/reading-the-tea-leaves-before-vmworld-2012-part-2/">about</a> what we can expect, but we wont know for sure until tomorrow.<br />
<br />
We do know that Microsoft will soon release Windows Server 2012 with an improved version of Hyper-V and they have several <a href="http://channel9.msdn.com/Events/TechEd/Europe/2012/VIR311">TechEd sessions</a> that compare their future Hyper-V version against the current edition of vSphere. We suspect that VMware will announce something as a response to this and more. I guess also cloud and <a href="http://www.crn.com/news/cloud/240005840/vmware-kills-vram-licensing-will-focus-on-vsphere-cloud-bundles.htm">cloud bundles</a> is still something we will hear alot about.<br />
<br />
Keywords from episode 91 of <a href="https://twitter.com/Texiwill">@texiwill</a>'s Cloud Virtualization Security Roundtable:<br />
<ul>
<li>CloudPhysics, RVTools</li>
<li>Software Defined Networking</li>
<li>Tapping data from encrypted links on networks using SDN</li>
<li>VMworld 2012</li>
<li>Software Designed Networking+Datacenter+Storage = Software Designed Enterprise</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/QprFPawrvzI?feature=player_embedded' frameborder='0'></iframe></div>
<div>
<br /></div>
<div>
<div id="watch-description-text" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 1.09em; line-height: 1.4; margin: 0px; padding: 0px;">
<div id="eow-description" style="border: 0px; font-size: 13px; padding: 0px;">
Audio: Virtualization Security Roundtable, episode 91<br />
<br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a></div>
</div>
<div id="watch-description-extras" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 12px; margin: 1em 0px 10px; padding: 0px;">
</div>
</div>
<br />
<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-9097565716039120292012-08-23T18:42:00.002+02:002012-08-23T18:42:48.349+02:00Bromium MicrovisorThe guest star of this episode of the Virtualization Security Roundtable is <a href="https://twitter.com/simoncrosby">Simon Crosby</a>, most known for his work with XenSource and <a href="http://www.citrix.com/English/ps2/products/product.asp?contentID=683148&ntref=prod_cat">Citrix</a>, who is now working on some very interesting stuff at <a href="http://www.bromium.com/">Bromium</a>. In this podcast we get a dive into the world of <a href="http://www.zdnet.com/blog/virtualization/bromiums-microvisor-promises-to-end-pc-desktop-security-woes/5013">microvisors</a> and their inner workings.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/nKl77t7G5I4?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<div id="watch-description-text" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 1.09em; line-height: 1.4; margin: 0px; padding: 0px;">
<div id="eow-description" style="border: 0px; font-size: 13px; padding: 0px;">
Audio: Virtualization Security Roundtable, episode 90<br /><br /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="border: 0px; color: #1c62b9; cursor: pointer; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a></div>
</div>
<div id="watch-description-extras" style="border: 0px; color: #333333; font-family: arial, sans-serif; font-size: 12px; margin: 1em 0px 10px; padding: 0px;">
</div>
<br />
<br />
Further details about the technology can also be found here: <span style="color: #0000ee; text-decoration: underline;">http://www.bromium.com/misc/BromiumMicrovirtualization.pdf</span>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-91833345054974480012012-07-27T21:14:00.001+02:002012-07-27T21:14:07.571+02:00Access control tracking<span style="background-color: white;">In today's environments there are often multiple user databases and each user has a different set of credentials that changes over time. It can be hard to track changes and figure out what rights are actually needed, and also what permissions are blocking things from working. </span><br />
<br />
Realtime alerts and notifications should trigger actions if users are in violation of predefined rules.<br />
<br />
You can hear more about these things in the latest Virtualization Security Roundtable episode where we have Michael Hlebasko from IdentityLogix as a panelist.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<object width="320" height="266" class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://i.ytimg.com/vi/r_hWLxZ0UUU/0.jpg"><param name="movie" value="http://www.youtube.com/v/r_hWLxZ0UUU?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/r_hWLxZ0UUU?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<span style="background-color: #cecece; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px;">Audio: Virtualization Security Roundtable, episode 89</span><br style="background-color: #cecece; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px;" /><br style="background-color: #cecece; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="background-color: #cecece; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br style="background-color: #cecece; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="background-color: #cecece; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<br />
<span style="background-color: white;">IdentityLogix: </span><a href="http://www.identitylogix.com/" style="background-color: white;">http://www.identitylogix.com/</a><br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-28424511080527287172012-07-20T09:16:00.000+02:002012-07-20T09:28:27.869+02:00State of cloud security<span style="background-color: white;">The company Alertlogic is auditing service providers and generating reports twice a year about the state of cloud security.</span><br />
<span style="background-color: white;"><br /></span><br />
Data is collected from host IDSes (agents) or physical IDS appliances depending on the provider environment.<br />
<br />
The agent is a hook driver that captures network traffic. This agent is only network focused.<br />
<br />
Most important factor for the types of attacks depends more on workload than industry.<br />
<br />
Risk score based on all pieces of collected information.<br />
<br />
Know what and where your high risk data is. How it's accessed. Make some intelligence about the access of these data points. Attack plans.<br />
<br />
Cloud environment is dynamic, attack response should be dynamic.<br />
<br />
A report gives a good idea about the rate of attacks that are known. Unknown attacks are not counted. SQL injection is number one.<br />
<br />
You can find the general report here: <a href="http://www.alertlogic.com/csr/">http://www.alertlogic.com/csr/</a><br />
<br />
Hear more about this in the latest Cloud Virtualization Roundtable episode:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/ARfYc9mMkd0?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<br />
<br />
Audio: Virtualization Security Roundtable, episode 88<br />
<br />
<a href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<div>
<a href="http://www.youtube.com/watch?v=ARfYc9mMkd0">http://www.youtube.com/watch?v=ARfYc9mMkd0</a></div>
<br />
<br />
<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-69032523632268670242012-07-12T20:33:00.001+02:002012-07-13T23:12:00.799+02:00Securing the Virtual EnvironmentGuest stars in episode 87 are the authors of the recently released book <a href="http://www.amazon.com/Securing-Virtual-Environment-Enterprise-Against/dp/1118155483/ref=ntt_at_ep_dpt_1">Securing the Virtual Environment</a>, <span class="contributorNameTrigger"><a asin="B007959JH4" href="http://www.amazon.com/Davi-Ottenheimer/e/B007959JH4/ref=ntt_athr_dp_pel_1" id="contributorNameTriggerB007959JH4">Davi Ottenheimer</a> </span><span style="background-color: white;">and </span><span class="contributorNameTrigger"><a asin="B0079MYNGO" href="http://www.amazon.com/Matthew-Wallace/e/B0079MYNGO/ref=ntt_athr_dp_pel_2" id="contributorNameTriggerB0079MYNGO">Matthew Wallace</a>.</span><br />
<span style="background-color: white;"> </span>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/SNHgTxnNj2c?feature=player_embedded' frameborder='0'></iframe></div>
<span style="background-color: #cecece; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px;">Virtualization Security Roundtable, episode 87</span><br />
<br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="background-color: #cecece; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br />
<a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="background-color: #cecece; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-decoration: none;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a><br />
<br />
<br />
The video shown in this podcast shows our visit to Givskud Zoo while on vacation in Denmark. The previous blog posting showed our visit to the Copenhagen canals and Tivoli on the same trip. Here are also a few other videos from visiting Lalandia and Legoland recorded during the same trip:<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/I7v8sA-BdWA?feature=player_embedded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<object class="BLOGGER-youtube-video" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" data-thumbnail-src="http://i.ytimg.com/vi/rQ1O_JsIBX4/0.jpg" height="266" width="320"><param name="movie" value="http://www.youtube.com/v/rQ1O_JsIBX4?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" /><param name="bgcolor" value="#FFFFFF" /><param name="allowFullScreen" value="true" /><embed width="320" height="266" src="http://www.youtube.com/v/rQ1O_JsIBX4?version=3&f=user_uploads&c=google-webdrive-0&app=youtube_gdata" type="application/x-shockwave-flash" allowfullscreen="true"></embed></object></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/X-nUfp9XKug?feature=player_embedded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/2PDWB52MfPw?feature=player_embedded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/lSBfuGtEh8o?feature=player_embedded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/H8h4tEEaDFA?feature=player_embedded' frameborder='0'></iframe></div>
<br />
<br />
<br />larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.comtag:blogger.com,1999:blog-8801027637392770826.post-47482516885188431712012-06-27T23:19:00.002+02:002012-06-27T23:19:33.669+02:00Firewall placement in a virtual worldPhysical servers can normally be moved from a physical world into a virtual one and one may think that the same rules apply to virtual firewalls. Virtualization does however give you some extra functionality and it is smart to learn about these new options in order to design an optimal environment.<br />
<br />
Texiwill just published a blog post about this
<a href="http://www.virtualizationpractice.com/defense-in-depth-firewalls-within-virtual-environment-16560/">http://www.virtualizationpractice.com/defense-in-depth-firewalls-within-virtual-environment-16560/</a>
<br />
<br />
<br />
You can hear the podcast in this video while watching a sight seeing trip by boat in Copenhagen.<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/82VcOnlfpR0?feature=player_embedded' frameborder='0'></iframe></div>
<span style="background-color: #ebebeb; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;">Virtualization Security Roundtable, episode 86</span><br style="background-color: #ebebeb; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;" /><br style="background-color: #ebebeb; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/defense-in-depth-firewalls-within-virtual-environment-16560/" rel="nofollow" style="background-color: #ebebeb; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-align: left; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/defense-in-depth-firewalls-within-virtual-environment-16560/">http://www.virtualizationpractice.com/defense-in-depth-firewalls-within-virtu...</a><br style="background-color: #ebebeb; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/" rel="nofollow" style="background-color: #ebebeb; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-align: left; text-decoration: none;" target="_blank" title="http://www.virtualizationpractice.com/resources/virtualization-security-podcast/">http://www.virtualizationpractice.com/resources/virtualization-security-podcast/</a><br style="background-color: #ebebeb; color: #333333; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;" /><a class="yt-uix-redirect-link" dir="ltr" href="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t" rel="nofollow" style="background-color: #ebebeb; border: 0px; color: #1c62b9; cursor: pointer; font-family: arial, sans-serif; font-size: 13px; line-height: 18px; margin: 0px; padding: 0px; text-align: left; text-decoration: none;" target="_blank" title="http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t">http://www.talkshoe.com/talkshoe/web/talkCast.jsp?masterId=34217&cmd=t</a>larstrhttp://www.blogger.com/profile/05963794523825848062noreply@blogger.com