December 12, 2016 at 16:33New Approaches to Securing Virtual Infrastructure
We share useful content to enhance the security of Hyper-V 2016 and invite you to a webinar on approaches to ensuring the security of virtual infrastructure, which will be held on December 13 at 11.00 with the support of a partner company 5nine.
Virtualization has long been a traditional part of infrastructure solutions. Of course, the capabilities of hypervisors have expanded significantly, transforming into private and hybrid clouds, as a result of which the customer infrastructure has become more flexible and dynamic, which corresponds to modern business conditions - you need to quickly create and maintain new services and virtual machines in their composition, support several clusters or data centers with migration and balancing of VM between them. But, nevertheless, clients often use outdated end-point security technologies in a virtual environment with agents installed in VMs and isolation methods using VLANs. These technologies add vulnerabilities related to the ability to block or remove an agent in the VM, consume scarce equipment resources,
What do Microsoft and its technology partners offer to solve these problems? First, to protect against the “Snowden effect”, Windows Server 2016 introduced Shielded VM technology, which allows you to encrypt a VM disk from the infrastructure of guest operating systems, protecting it from copying and viewing by the host administrator. Using Nano Server, a new version of the OS that lacks a graphical GUI and significantly reduces the attack area by minimizing the set of roles, will significantly increase the security of the data center infrastructure. As a result, there are 3 times fewer ports and 10 times fewer critical updates. Another innovation is the protection of the components responsible for the integrity of the OS kernel, passwords and other important system data using a separate Hyper-V container - Virtual Security Module (VSM).
But along with this, the new operating system lacks some important security functions and does not fully comply with the legislation, since these requirements are not specific to the server OS and must be implemented by third-party solutions. Microsoft has greatly facilitated the implementation of these features by giving several technology partners access to the Hyper-V switch. The expandable virtual switch Hyper-V allows you to isolate VM users, manage all traffic within the virtual environment, and protect VMs from malicious attacks. With built-in support for NDIS filter drivers and external filtering drivers for Windows filtering platforms, the Hyper-V virtual switch allows third-party software developers (ISVs) to create virtual switch extensions that enhance VM and network security.
5nine Software is one of the key vendors with which Microsoft has been collaborating on the development of Hyper-V security and management tools since 2009. The latest version of 5nine Cloud Security was presented at the annual Ignite conference, simultaneously with Windows Server 2016. You can see the presentation of the solution here .
December 13 at 11.00 we invite you to a webinar about a new approach to securing the virtual infrastructure of Windows Server 2016.
Key issues of the webinar:
The author of the webinar, Alexander Karavanov, is the head of the technical solutions department at 5nine Software with more than a decade of experience in the field of information security.
To participate in the webinar, you must register .
Virtualization has long been a traditional part of infrastructure solutions. Of course, the capabilities of hypervisors have expanded significantly, transforming into private and hybrid clouds, as a result of which the customer infrastructure has become more flexible and dynamic, which corresponds to modern business conditions - you need to quickly create and maintain new services and virtual machines in their composition, support several clusters or data centers with migration and balancing of VM between them. But, nevertheless, clients often use outdated end-point security technologies in a virtual environment with agents installed in VMs and isolation methods using VLANs. These technologies add vulnerabilities related to the ability to block or remove an agent in the VM, consume scarce equipment resources,
What do Microsoft and its technology partners offer to solve these problems? First, to protect against the “Snowden effect”, Windows Server 2016 introduced Shielded VM technology, which allows you to encrypt a VM disk from the infrastructure of guest operating systems, protecting it from copying and viewing by the host administrator. Using Nano Server, a new version of the OS that lacks a graphical GUI and significantly reduces the attack area by minimizing the set of roles, will significantly increase the security of the data center infrastructure. As a result, there are 3 times fewer ports and 10 times fewer critical updates. Another innovation is the protection of the components responsible for the integrity of the OS kernel, passwords and other important system data using a separate Hyper-V container - Virtual Security Module (VSM).
But along with this, the new operating system lacks some important security functions and does not fully comply with the legislation, since these requirements are not specific to the server OS and must be implemented by third-party solutions. Microsoft has greatly facilitated the implementation of these features by giving several technology partners access to the Hyper-V switch. The expandable virtual switch Hyper-V allows you to isolate VM users, manage all traffic within the virtual environment, and protect VMs from malicious attacks. With built-in support for NDIS filter drivers and external filtering drivers for Windows filtering platforms, the Hyper-V virtual switch allows third-party software developers (ISVs) to create virtual switch extensions that enhance VM and network security.
5nine Software is one of the key vendors with which Microsoft has been collaborating on the development of Hyper-V security and management tools since 2009. The latest version of 5nine Cloud Security was presented at the annual Ignite conference, simultaneously with Windows Server 2016. You can see the presentation of the solution here .
December 13 at 11.00 we invite you to a webinar about a new approach to securing the virtual infrastructure of Windows Server 2016.
Key issues of the webinar:
- New threats in a virtual environment. The problems of information protection tools of the previous generation.
- Modern agentless SZI for a cloud platform.
- How to manage and control the information security of a hybrid cloud and make protection fail-safe.
- Integration of SIS in the client portal and the provision of SECaaS services based on Windows Server 2016.
- Compliance of SZI with the requirements of 152-ФЗ “On personal data” and various standards (PCI DSS, Central Bank of the Russian Federation, etc.)
The author of the webinar, Alexander Karavanov, is the head of the technical solutions department at 5nine Software with more than a decade of experience in the field of information security.
To participate in the webinar, you must register .