Monday Aug 31, 2009

Cloud Security Webinar on Tuesday!

Things have definitely been a bit crazy around here lately. In just the last two weeks, we have posted new security enhanced OpenSolaris 2009.06 images to Amazon EC2, published a podcast on Immutable Service Containers, and have updated the OpenSolaris ISC Construction Kit to improve its efficiency, make it easier to customize, and add (preliminary) ZFS crypto support! Not only that, but we continue to work on integrating ISC concepts into the OpenSolaris Just Enough OS (JeOS) project as well as a VirtualBox-based Immutable Service Container implementation strategy.

With all of the things going on, I neglected to mention that I will be delivering a Cloud Computing security webinar this Tuesday! The focus of the talk will be primarily aimed toward the Infrastructure as a Service (IaaS) security space and our goal is to cut through some of the hype and get to some specifics that you can use to improve the security of your Cloud-based implementations. Spoiler alert: the nice thing is that many of the techniques will benefit traditional and virtual implementations as well! Interested? Here is the invitation? Hope to "see" you there!

Safety First: Protecting Your Services in the Cloud

Join us for a free webinar in which we'll explore one of the leading impediments to the widespread adoption of Cloud Computing -- security concerns. Given all of the hyped up claims and gross generalizations flowing across the Net, it's no wonder people are worried.

Cloud Computing and security both are multi-faceted areas, and it's high time we stopped thinking of them as a single entity. If you want to take a serious look at Cloud Computing, then it is time to inject a little sanity and context into the security discussion.

Join us for this free webinar to learn how to begin using Cloud Computing -- securely.

In this webinar, we will discuss:

  • Key questions to ask your cloud provider
  • Security issues to consider before moving to the cloud
  • Steps you can take today to protect yourself in the cloud
Event: Safety First: Protecting Your Services in the Cloud
Date: Tuesday, September 1, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET

Speaker: Glenn Brunette, Distinguished Engineer and Chief Security Architect at Sun Microsystems

For over 15 years, Glenn has designed and delivered security architectures and solutions supporting a wide array of global customers. Currently, he has focused his efforts on improving security for cloud computing and other highly dynamic and scalable architectures.

  • Bring your questions to the live Q&A.
  • Even if you can't make the live event, sign up anyway so we can send you the replay information.

Take care!

Technorati Tag:

Tuesday Aug 25, 2009

NEW: Immutable Service Container Podcast

Things have certainly been busy around here lately! Over the last two months, we have announced the Immutable Service Container project, published an OpenSolaris-based ISC Construction Kit (Preview) and a corresponding pre-configured OVF image, shared a number of network architecture and autonomic security models leveraging the ISC concept, and even published an ISC Technical Overview presentation. Well, as it turns out, we are not done yet!

A few weeks back, I received an invitation from Marianne Salciccia to record an Innovation@Sun interview with Hal Stern (Distinguished Engineer and VP, Global Systems Engineering) where we would talk about Immutable Service Containers. I am happy to say that as of yesterday, the podcast is live!

Hal and I had a great chat where we discussed topics such as:

  • micro-virtualization: how adding a thin management layer between the hypervisor and the service lends reliability to security enforcement and monitoring controls
  • how "immutable" Immutable Service Containers are
  • how ISCs implement defense in depth measures
  • current implementations with Solaris and OpenSolaris
  • what's next for ISCs, including building core concepts into projects such as OpenSolaris on EC2, OpenSolaris Just Enough OS (JeOS); potential VirtualBox implementations; and integration of autonomic security techniques

If these topics sound interesting, please give the podcast a listen and let us know what you think! Work continues on the ISC architectural strategies and implementation models, so this is a great time to share your ideas, concerns, and requirements.

Hope to hear from you soon! Take care!

Technorati Tag:

Friday Aug 14, 2009

NEW: Security Enhanced OpenSolaris 2009.06 on Amazon EC2

It is with great pleasure that I can announce the availability of security enhanced OpenSolaris 2009.06 on Amazon EC2! This release builds upon the work previously completed for the hardened OpenSolaris 2008.11 images as well as recent advances from the Immutable Service Container project. The end result is a OpenSolaris 2009.06 virtual machine image that is hardened, leverages a non-executable stack, encrypted swap as well as auditing enabled and pre-configured to record administrative events, logins, logouts, and all command executions. Just as with the OpenSolaris 2008.11 images, the hardening configuration of these new images complies with the recommendations published by Sun, the Center for Internet Security as well as the U.S. National Security Agency. This really cool thing is that they are all have the exact same guidance! I wonder how that happened?

Want to give it a spin? Check out the release announcement for more details. The AMI identifier is ami-e56e8f8c! Please send us your feedback!

As always, this work would not have been possible without the extensive support of the OpenSolaris on EC2 team. You are the greatest! Thank you so much for all of your help and support in making these images a reality!

Technorati Tag:


This area of cyberspace is dedicated the goal of raising cybersecurity awareness. This blog will discuss cybersecurity risks, trends, news and best practices with a focus on improving mission assurance.


« August 2009 »