Posted by
Christine Drake in
Cloud, Cyber crime, DataCenter, hybrid-cloud, IaaS, PaaS, private cloud, public cloud, SaaS, Secure Data Centers, Securing the Cloud, Security, Threats, Threats from the Cloud, Virtualization
Sep 8th, 2011 |
7 Comments
We often hear that security and privacy concerns are the main inhibitors to cloud adoption. But what are the true threats? Is the cloud really more dangerous than your on-site data center? I would say that virtualization and cloud computing aren’t inherently more dangerous, but they have unique infrastructure that must be addressed when creating a security foundation.
There are similar attacks across physical, virtual, and cloud infrastructures—data-stealing malware, web threats, spam, phishing, bots, etc. So many companies are tempted to deploy their security for dedicated physical...
Posted by
Christine Drake in
Cloud, DataCenter, Deep Security, private cloud, Secure Data Centers, Securing the Cloud, Virtualization, VMware
Aug 30th, 2011 |
No Comments
In my last blog post, I discussed some of the benefits of agentless security for virtual and private cloud servers. Today at VMworld, Harish Agastya, Director of Data Center Security at Trend Micro, conducted a presentation on Agentless Security for VMware Environments (listed on the Trend Micro VMworld page). Trend Micro released agentless antivirus in Deep Security at last year’s VMworld and has seen impressive results over the last year. With such success, today Trend Micro announced an extension of its agentless security with new agentless file integrity monitoring (FIM) in Deep Security...
Posted by
Christine Drake in
Cloud, IaaS, private cloud, public cloud, Securing the Cloud, Security, Virtualization
Aug 30th, 2011 |
7 Comments
There’s a lot of talk about cloud computing and cloud security this week as many people are attending VMworld in Las Vegas (follow Trend Micro at VMworld). But not all types of cloud security are best suited for all types of cloud computing.
When people generically refer to “cloud computing” they usually mean the public cloud. But what about private clouds or hybrid clouds? The May 2011 Trend Micro cloud survey results showed that companies are adopting all three models almost equally. Although there are certainly overlaps in security best practices across these models, there are...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, Cyber crime, DataCenter, Deep Security, hybrid-cloud, IaaS, private cloud, public cloud, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats from the Cloud
Jun 2nd, 2011 |
No Comments
This is pretty cool. I gave a talk last week at the Glue Conference in Denver about how ambient clouds ( http://cloudsecurity.trendmicro.com/good-clouds-evil-clouds-why-microsoft-has… )work and even used Skype as an example of a massive-scale ambient cloud.
This case raises some very important new questions around ambient clouds. For instance, if you create an ambient cloud, one that you control using your own protocol, but where you have no control over when an endpoint may join it, what are the legal implications if someone else uses your protocol?
In an open source world, slapping a lawsuit...
Posted by
Greg Boyle in
Cloud, Cloud-based Security, DataCenter, hybrid-cloud, IaaS, PaaS, Privacy, Compliance and Identity, private cloud, public cloud, SaaS, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Threats, Threats from the Cloud, Virtualization
Apr 20th, 2011 |
2 Comments
The Small Business Journey to the Cloud is Actually a Round Trip
By Greg Boyle, Trend Micro Global Product Marketing Manager
Many small businesses are still uncertain about cloud computing. They wonder if it can help with their profitability without being extremely risky. Let’s start by defining cloud computing in small business terms. There are two commonly agreed upon types of cloud computing: 1) software-as-a-service and 2) infrastructure-as-a-service.
Software-as-a-service (SaaS) is cloud computing where the software you would normally install on your computers in the office is instead...
Posted by
Justin Foster in
Cloud, DataCenter, IaaS, PaaS, Secure Data Centers, Securing the Cloud, Virtualization
Apr 18th, 2011 |
1 Comment
Not long ago, we set out on a mission to perform a full scalability test on one of our products (Trend Micro Deep Security). After some quick, back-of-the-napkin calculations we discovered that we needed somewhere in the order of 35 Dell 710′s with virtualization to complete our test. Finding that many available servers is a tall order for any company, and buying that many servers for a month long test was completely out of the question (try asking your managers for 35 servers and see how pale they go!).
Naturally we turned to the cloud to help us out. Amazon Web Services (AWS) was a good...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, cloudbursting, DataCenter, hybrid-cloud, IaaS, private cloud, public cloud, Secure Data Centers, Securing the Cloud, Security, Smart Protection Network, Virtualization
Mar 28th, 2011 |
3 Comments
Amazon Web Services today announced the availability of dedicated compute instances within a VPC:
Dedicated Instances are Amazon EC2 instances launched within your Amazon Virtual Private Cloud (Amazon VPC) that run hardware dedicated to a single customer. Dedicated Instances let you take full advantage of the benefits of Amazon VPC and the AWS cloud – on-demand elastic provisioning, pay only for what you use, and a private, isolated virtual network, all while ensuring that your Amazon EC2 compute instances will be isolated at the hardware level.
Of course, the humor here is that Amazon didn’t...
Posted by
Dave Asprey in
Cloud, Cloud-based Security, IaaS, PaaS, public cloud, SaaS, Securing the Cloud, Security, Threats from the Cloud
Mar 22nd, 2011 |
7 Comments
In our hectic cloud-based world, devops (the mixing of infrastructure operations with software development) has become the standard way we build and run high-scale sites from IaaS to SaaS. There are lessons to be learned from how we got here, especially because devops isn’t very security friendly.
Here’s how we got to this sorry state, from the perspective of someone who started working on cloud infrastructure in 1998. I’ve run both dev and ops functions in multiple cloud environments and launched two early cloud computing services. I also ran the Web & Internet Engineering program for...
Posted by
Bharath Chandrasekhar in
Cloud, Cloud-based Security, cloudbursting, DataCenter, hybrid-cloud, private cloud, public cloud, Securing the Cloud, Security, Threats from the Cloud, Uncategorized, Virtualization
Mar 15th, 2011 |
8 Comments
Do you know what cloudbursting is? It is a concept where when you run out of your computing resources in your internal data center, you “burst” the additional workload to an external cloud on an on-demand basis. The internal computing resource is the “Private Cloud” and the external cloud is typically a “public cloud” for which the organization gets charged on a pay-per-use basis. When your deployment has the ability to do “cloudbursting” or spreading the load to the public cloud, you essentially have a Hybrid Cloud.
Hybrid Clouds can deliver a bit...
Posted by
Bharath Chandrasekhar in
Cloud, IaaS, PaaS, SaaS, Secure Data Centers, Securing the Cloud, Virtualization
Feb 28th, 2011 |
1 Comment
One of the delivery models of Cloud Computing is Platform-as-a-Service. In its true definition, a PaaS provider takes care of the underlying infrastructure including the VMs, OS patches, elasticity, auto-scaling, firewalling, etc and provides an API — and a language runtime — to which the programmer should write the code. The users of PaaS have no control over the underlying infrastructure, i.e. there is nothing “open” about it. The most prominent PaaS offerings are Force.com from Salesforce (Apex), Google App Engine (Python and Java), and Microsoft Azure (.NET). It is obvious...
Stumble It!
Trend Cloud Security Blog – Cloud Computing Experts