Tag: Cloud

NIST SP 1800-19A: Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure

~ hucktech ~ Leave a comment

The National Cybersecurity Center of Excellence (NCCoE) at NIST recognizes the need to address security and privacy challenges for the use of shared cloud services in hybrid cloud architectures, and has launched this project. This project is using commercially available technologies to develop a cybersecurity reference design that can be implemented to increase security and privacy for cloud workloads on hybrid cloud platforms. This project will demonstrate how the implementation and use of trusted compute pools not only will provide assurance that workloads in the cloud are running on trusted hardware and are in a trusted geolocation, but also will improve the protections for the data within workloads and flowing between workloads. This project will result in a NIST Cybersecurity Practice Guide—a publicly available description of the solution and practical steps needed to implement a cybersecurity reference design that addresses this challenge.

https://www.nccoe.nist.gov/projects/building-blocks/trusted-cloud/hybrid

IoT cancelled, film at 11

~ hucktech ~ Leave a comment

It seems that when I read the main news sites these days looking for IoT stories, half of them are asking for the IoT to stop. Or there is yet-another cloud/IoT security group creating another standard that nobody seems to be reading.

http://www.engadget.com/2015/10/29/the-coming-smart-thing-apocalypse/

http://arstechnica.com/unite/2015/10/fight-the-future-ars-readers-say-no-to-the-internet-of-things/

https://twitter.com/internetofshit/

VMWare partners with Intel Security for cloud IPS service

~ hucktech ~ Leave a comment

A few days ago, VMWare announced a solution with Intel/McAfee for additional security. McAfee Network Security Platform (NSP) service will be providing Intrusion Prevension Services (IPS) for their data center. McAfee was acquired by Intel Security. It wasn’t clear from the press release how virtual firmware is impacted with this new security service.

“This collaboration between VMware and Intel Security delivers clear value for our mutual customers, enabling them to have consistently high levels of threat protection for traffic both inside the data center and at the data center perimeter. The tight integration between VMware NSX and Intel Security’s McAfee NSP means security controls follow application workloads, allowing customers to dynamically scale security services,” said Tom Corn, Senior Vice President, Security Products, VMware.

“With the Intel Security and VMware integration, McAfee NSP provides integration within VMware NSX to allow customers to apply advanced security capabilities for the protection of east-west traffic in the data center, which makes up the majority of traffic in these environments.  The McAfee NSP takes advantage of the VMware NSX platform’s distributed micro-segmentation enforcement and simplified automated provisioning, creating a zero-trust environment to automatically help protect organizations’ assets against advanced threats,” said Raja Patel, General Manager for the Network Security Business Unit, Intel Security.

More Information:

http://www.vmware.com/company/news/releases/vmw-newsfeed/Intel-Security-and-VMware-Announce-Intgrated-Solution-For-Automating-And-Accelerating-Advanced-Security-Services-Deployment/2892242-manual

Intel’s Clear Linux

~ hucktech ~ Leave a comment

Intel has recently started pushing Clear Linux, something similar to Ubuntu Snappy, Red Hat Atomic Host, or CoreOS.

Quoting Imad Sousou of Intel, on his blog post on this topic:

“Intel Clear Containers address security concerns surrounding the popular container model for application deployment. Intel’s approach with these containers offers enhanced protection using security rooted in hardware. By using virtualization technology features (VT-x) embedded in the silicon, we can deliver improved security and isolation advantages of virtualization technology for a containerized application. Intel Clear Containers provide a secure, fast Virtual Machine (VM) with a small memory footprint, allowing for more VMs per physical machine.”

More Information:

https://clearlinux.org
http://lwn.net/Articles/644675/
http://newsroom.intel.com/community/intel_newsroom/blog/2015/05/19/chip-shot-intel-unveils-enhanced-containers-cloud-security-capabilities-at-the-openstack-summit
http://blogs.intel.com/evangelists/2015/05/19/fostering-new-data-center-usages-with-clear-containers/

VZ on network usage of UEFI 2.5

~ hucktech ~ Leave a comment

Vincent Zimmer of Intel recently gave a presentation on use of UEFI 2.5 and Cloud-related issues. The talk was given at the Open Compute Project, and recently reprised at the Spring UEFI Forum event. The focus is UEFI-centric use of network booting, and firmware updates. This is a useful presentation to help understand one way UEFI uses it’s network stack.

More information:

http://firmware.intel.com/blog/uefi-and-cloud