Datacenter administrators have something in common with attackers - privilege. Isolating security from the data being secured is the Goldilocks zone of security - isolation and context, together. Virtualizing data centers was viewed as a risky proposition, but that time has passed. There was a mid-time when security was just catching-up to being "good enough". Now, leveraging the very nature of virtualization, security has become better than before.
Join us as we discuss the long-standing problem in security: balancing context with isolation. For example, a network security device is isolated from the endpoint, but it has limited context about what is happening within the endpoint. Alternatively, antimalware tools running within an endpoint have rich context, but no isolation - if the endpoint is compromised, so is the antimalware.
With virtualization, vendors have taken advantage of isolation that is enforced by hardware - virtual machines running on a hypervisor are strictly isolated from one another, and the hypervisor. The hypervisor, acting between hardware and virtual machines, also has rich contextual information about everything running within a virtual machine.
New research, within the Xen hypervisor, allows security to operate at the hypervisor layer - achieving isolation with full context.
Hypervisors act as a barrier between hardware and VMs, enabling antimalware tools to run in that layer rather than at the endpoint;
Virtualization offers data center admins complete contextual information about your VMs without imperiling the needed isolation from attackers;
Antimalware tools at the hypervisor layer use a zero footprint, which doesn't tax the performance of VMs or the hardware that hosts them;
Hybrid IT infrastructures can improve security by leveraging hypervisor-based Memory Introspection.
Donaldson is responsible for supporting relationships with strategic alliance partners and large enterprise customers, and analyst relations. Before joining Bitdefender, he was involved in various technology alliances, enterprise sales and marketing positions within the IT security industry, including Trend Micro, Entrust, Bell Security Solutions and Third Brigade.
Technical Project Manager, Linux Development, Bitdefender
Dontu leads the technical project management of the Linux development team at Bitdefender. He joined Bitdefender in 2005, and has been responsible for integrating various security technologies in products targeted at SMB, SME and enterprise environments. Today, his focus is bringing new approaches to application security based to open source technologies.