Mike Foley

Husband, Dad, Geek & Senior Technical Marketing Architect for vSphere Security

Author's posts

May 29

VMworld 2012 – Time to Vote!

Hi all,

I’ve submitted four sessions for VMworld 2012. Three of them I’ve submitted with my vPartner in Crime here at RSA, Brian Tobia. [His Blog]

Here are the sessions and their descriptions.

#2316 Session Title: IT Tools for Security Guys – vCenter Orchestrator
Session Abstract: Using vCenter Orchestrator and your Security Incident and Event Manager together to alert on out of policy actions.

#2315 Session Title: vShield for Beginners
Session Abstract: Understand the 3 components (app, endpoint & edge) of the vShield family. Introduce the concepts of security groups and the application of policies (AV, DLP, etc) at a group/business aligned level

#2324 Session Title: Mirror, Mirror – And introduction to network monitoring and packet capture in a virtual environment
Session Abstract: Introduction to the port mirroring capabilities and current limitations of the VMware Distributed Virtual Switch.

Also, for those of you who can vote for sessions that are not available to public voting, please check out #2326. I’d like to include the title here, but in order to respect confidentiality as the session depends on an unannounced feature of a future VMware product, I’ll leave that up to others to disclose. :)

Go VOTE!

And Thanks!

May 07

There’s no silver bullet

I’m frequently asked about virtualization and cloud security. Usually it starts with a phone call from a sales guy asking “How do I secure the Vblock?” or “What can we sell to secure VMware?” I usually counter these statement with “Tell me the problem you’re trying to solve”.

Once I know what’s actually being asked, I’m usually left having to break the news. There’s no silver bullet. I can’t send you a USB key with the “Secure the Vblock” app on it so you can plug it in and “make it secure”. <\bubble burst>

“But why not Mike?” It’s because there’s just too many moving pieces and too many definitions of what “secure” means. Let’s break that down a bit.

How many moving pieces? Tons. When you think of all the settings you can change that could possibly impact security, it starts to boggle the mind. I’m reminded of two things. “The Butterfly Effect” where one change in a nonlinear system can radically change the outcome and the Mandlebrot fractals, where changing one variable can change the image displayed.

What’s your definition of “secure”? Everything encrypted? All I need is vShield? Twelve character passwords? Logging everything to a SIEM? Updating patches?

The list goes on. (and on…)

With virtualization, we’re putting a huge responsibility on the infrastructure to be secure. Unfortunately, some still treat it as an application and forego things like design. Security is still a “bolted on” construct. IT and Security are still not working together.

Because of the complexity, we need to use more tools. We need to automate and be able to work at scale. IMHO, “Cloud” is not about IaaS, PaaS, SaaS or any of the other *aaS’s. Cloud is about Scale. That means security needs to be able to scale. That means we CAN’T keep doing things the way we always have. (a better excuse for an audit I have not found!)

Some of these tools, performance monitoring, patching, updating, logging, you will find in the quiver of the IT professional.. All tools that the Security Professional should be getting a feed from and understanding how to apply that feed to security.

Hopefully, in the not too distant future, we can provide the ability to make better sense of that data in real time to help better secure the virtual environment. You can start today with using that data to ensure that compliance and visibility requirements are met. If you want a silver bullet, that’s a good place to start!

Mar 26

Best retail experience…ever

Hi all,

Just a quick posting on my latest trip to the Apple Store. I got to work today and realized that I had left the power adapter for my Macbook Air at home. Well, I live 50 miles from my office so I’m not about to hop in the car and make another 2+ hour round trip. Fortunately, there’s an Apple store less than 4 miles away at the Burlington Mall so I headed over there.

Apple Store, Burlington

It was about 9:15am when I got there. People were inside, learning how to use their new iDevices by the friendly store employees. One of the sales folks came to the door and asked

“Can I help you?”

“Yea, I need to buy a power adapter for a Macbook Air”

“I’m sorry, we don’t open until 10am. Thanks!”

Great. So I stood there and wondered to myself if I should wait until 10am or not. Then I noticed another sales guy, Mike L., coming to the door.

“Can I help you?”

“Yea, I left my power adapter at home for my Macbook Air”

“I’m sorry, but our registered don’t even open until 10am”

“Damn. I’ve got work to do. Any chance I can buy it using my phone?”

“Let me ask the manager”

So, Mike L. went off to the back room and came out and grabbed a box off the shelf. He came to the door and motioned me inside.

“Do you have have an iPhone?”

Showed him my iPhone and said “Of course”

“Great, do you have the Apple Store app?”

“Yup”

“Great, bring that up” He then showed me how to bring up the scanner. The app knew I was in the Burlington store and offered me the option of “Easy Pay”. I scanned the barcode, entered my iTunes password and my CVC code and I was good to go. Seconds later, I had the receipt in my Inbox. I thanked Mike profusely and got his name and told him I was sending an email to Tim Cook.

THIS is how retail should work. Happy customers are returning customers and going the extra mile pays off in spades. Mike L. could have been just like the first young lady. “Oh, sorry!” But he saw a frustrated potential customer and asked his boss if there was something that could be done. It didn’t take a huge amount of effort. He has probably forgotten it by this time.

But I haven’t.

 

mike