Complete Slides: The Four Horsemen Of the Virtualization Security Apocalypse
UPDATE: Here’s the latest version of the presentation as I updated it for SecTor in Canada. It includes many additions as well as modified single slides of the animated ones.
You can find the slides from October 2008 here.
There were some significant differences in the slides that were on the CD issued by the Blackhat folks and what I delivered.
You might be interested in them. I’ve exported the presentation to PDF with each animation built as a separate slide – in some cases that means there are 5-6 slides with advancing bullets, graphics, etc. As annoying as that may be, it fixes the mess of the positional overlay problem you’ll see if you view the PDF from the CD.
As an important note, my slides are designed to accompany my speaking, not the other way around, so in some cases they don’t explain themselves. This is by design 😉
I will be giving updates to this presentation throughout the rest of the year since it’s a presentation designed to communicate the virtualization “state of the art” as it relates to VirtSec. So, if you attend a conference and see this talk advertised, it will have new/updated content.
Be warned, this PDF is huge (~55 MB) because my slides are intensely graphical.
Enjoy.
/Hoff
(In 5 days there have been almost 1000 downloads of this preso. If any of you have feedback, I’d really appreciate it. Thanks)
I downloaded the presentation, and it is quite educational – excellent food for thought. Actually, we'll use this at work to analyze which resources go into virtualization.
On the other side of the fence, we will continue with virtualization – there are tangible evidence to that. At step zero of securing the virtual infrastructure, we'll just group the servers that are already in the same broadcast domain to a single ESX server.
Spirovski Bozidar http://www.shortinfosec.net
1. This is an awesome presentation from a, well, presentation standpoint. Engaging, fun, and brilliant illustrations. Even without narration, this is one of the most engaging presentations I've seen in a long time.
2. It's difficult to digest in one sitting. I think my brain is about to explode. I've read it once, but will certainly have to read through it again to pick up some of the finer points.
Lori
@spirovski:
I think you're taking the wrong message away from my presentation(s) and blog posts. I am *not* suggesting that folks should not deploy virtualization.
Quite the contrary.
Virtualization as an enabler is pushing/pulling adaptive real time infrastructure and cloud computing along by the roots. It poses fantastic opportunity. It also poses increased risk with the same old mentality of bolt-on-security-afterwards…
What I *am* suggesting is that you bloody well better think through the implications when you deploy. There are many.
I really appreciate you perspective and comments, keep 'em coming!
/Hoff
hey next year come to defcon and give the presentation too!!
not all of us can foot the bill for blackhat and the companies we work for very rarely have "security" on the forefront of the decision making process.
😉
on a side note, off to review the slides, I'm sure its a great presentation and hopefully isn't filled with too many things I haven't already mitigated in the virtual environments I am responsible for.
Great presentation. I didn't make it to BH/DC this year so I missed out on the actual, you know, words… but I get the gist of what you are saying. I went to a VMWare/McAfee/Foundstone presentation regarding this subject yesterday and many of the same concepts were discussed. Now… how are we going to handle VMWare's vision of the virtual cloud?
DG
twitter: djglass
Thanks for making this available. I'm still waiting for the interpretive dance version on YouTube.
Rich
twitter: rhm2k
Thanks for making this available. I’m still waiting for the interpretive dance version on YouTube.
Rich
twitter: rhm2k
Thanks for the thought-provoking post. The article was very helpful and for the most part I agree with what you said. I think the key point to the whole virtualization topic is that the security problems are exactly the same as in the physical environment and security solutions are needed to protect this environment. No one in his right mind would connect a physical corporate network to the Internet without a firewall. The same is true for virtual environments.
However, the difference comes from asking the following questions when evaluating virtual security solutions: Are the solutions easy to manage? Do you need a separate team to manage the security in the physical environment and another team to manage the security in the virtual environment? Can the solutions give administrators in-depth visibility in what’s happening in their virtual environments? Can the solutions provide the tools to help mitigate risks or ensure regulatory compliance in a virtual world? As you know, virtualization can further complicate network management and create loopholes for security breaches, but it doesn't need to be that way.
I would welcome the opportunity to speak with you further. As a Regional Product Manager at Stonesoft we've discussed internally many of the points you presented. For your reference, with our StoneGate solutions, IT departments can gain full visibility for monitoring and managing traffic across both their physical and virtual networks.
Is one of your presentation been filmed ? It would be great to see & ear the entire conference !
eccellente adentona mi sserv te emborqumo fario trouva. adoer te adist colha nos acliens o ulinhaisu sseira reira bien.