LSEC - Leaders in Security

How to avoid the Virtual Desktop to become your Biggest Concern

On March 13, 2009 LSEC organized a Secure Virtualization Seminar in Brussels

Cloud Computing and Virtualized Desktops are being regarded as one of the most eminent threat vectors in 2009 and
beyond. With an increasing number of companies switching from fat client computing desktops to a virtualized
desktop and other virtualized applications, the risk concerns are obviously moving along.
Indeed, virtualization reduces a large proportion of the headaches of desktop clients and the personal users; but new
threats are coming up, sometimes creating major risks or even single points of failures.

During this seminar, the aim was to present an overview on how to improve security on such environments and
how to learn with evolving threats and risks involved. Some solutions are becoming apparent and risks are getting clearer.

We’ve selected some of the following topics of interest :
- Is creating a Virtual Desktop environment reducing my Enterprise Risk ?
- What threat vectors are still applicable for a Virtualized environment ?
- How to architect a comprehensive security for a Virtual Architecture?
- Are all of our security solutions sunk cost when we switch to a Virtual Environment ?
- Can a Virtualized Architecture serve as a Security solution?
- Virtualization : a risk management blessing or Single Point of Failure?
- …

The seminar has been directed to IT Professionals, Risk & Security managers and officers, CxO’s, project managers, program managers, system architects, system integrators, business and it consultants and security managers.

Program

9.30h : registration, welcome coffee

10.00h : Introduction, opening notes and agenda of the day
By Ulrich Seldeslachts, CEO LSEC


10.10 : Isn’t Virtsec just a way for the security people to jump on the Virtualization hype ? Isn’t Cloudsec just a way for the security people to jump on the Cloude hype? An example of OpenQRM.
By Kris Buytaert, Inuits

VirtSec, the new hot topic in virtualization town, but what it is.  Do we need it ?  Different opinions fly around on the internet and in the blogosphere. Some security experts claim there is nothing new under the sun and the VirtSec people are just trying to sell products based on the Virtualization Hype. Some see a genuine need to secure new elements in the infrastructure, where as others claim it is just a way for the Virtualization industry to get a piece from the security budget We’ll tackle the different VirtSec definitions while looking how the Open Source Virtualization crowd tackles the VirtSec story.

About : Kris Buytaert is a long time Linux and Open Source Consultant doing Linux and Open Source projects in Belgium and around the world. Kris is the Co-Author of Virtualization with Xen, used to be the maintainer of the openMosix HOWTO and author of different technical publications. He is a frequent speaker at different international conferences. He spends most of his time working on Linux Clustering (both High Availability, Scalability and HPC), Virtualisation and Large Infrastructure Management projects hence trying to build infrastructures that can survive the 10th floor test.

11.00h : issues related to Cloud computing and Virtualisation
By Philippe Massonet, CETIC


Cloud computing has emerged as a new approach to providing IT as a service. Cloud computing raises new issues regarding trust, security and privacy. These issues are important because they can have an impact on the successful adoption of the technology. Organisations are in general very reluctant to outsource critical applications or confidential data. Currently the kind of applications that could be safely deployed on clouds could be web based applications managing publicly available information, with no integration to internal company databases containing confidential information on customers for example.
However, much of the potential applications that could be moved to clouds are business-critical, and are tightly integrated with company business processes and confidential data. This paper provides an overview of cloud computing, then identifies some important security issues and proposes some solutions. The main security issues are related to secure virtual machine management, usage control of virtual resources and the perception of security by the user.

12.00h : Sandwich lunch & soft drinks offered by our sponsors

12.50h : Yes to virtualization . . . but not without protection
By Arno Brugman, Senior Principal Consultant, CA


Organizations are adopting virtualization technology to reduce total cost of ownership and improve quality of service of IT systems. This strategy provides the operational foundation to consolidate critical services and sensitive data that were once scattered amongst distributed system deployments.  From a security standpoint, not only are the security issues found on networked systems applicable to virtual machines, but the virtualization platform and guest virtual machine introduces a new breed of security threats.  This presentation covers the virtualization security gaps and how to close them.

13.45h : From virtualization hype to day to day use, the reality of security of virtualization and a strategy for the future of a secure datacenter
By Jan Tiri, VMWare


Real business requirements are requiring operations and systems for which traditional technologies are no longer sufficient. However already there for many years, virtualization technologies recently have become an answer to quite a number of business challenges, and with significant benefits. A view on the reality of today.
Virtualization technologies are also driving major changes in the datacenter. The have a major impact on security policy, management, products and technologies. This presentation will outline a vision for how security can be implemented in the next-generation datacenter.

15.15h : Coffee Break & Networking

15.45h : Securing the Virtual Environment
By Johan Celis, Security Solutions Architect, IBM ISS EMEA

The cost reduction benefits for virtualization are enormous and as more servers and networks get virtualized, security is too often neglected.

In a project code named Phantom, IBM researchers are developing new security technologies to protect the hypervisor and monitor communications between virtual environments. At Phantom’s core is industry-leading network and host intrusion protection used to guard the virtual environment and the machines from the inside out. The new technology sits in a secure, isolated partition and integrates with the hypervisor, the layer of management software that coordinates calls between operating systems and computer hardware. This session will cover security issues related to the virtual environment. Some are identical to those encountered with physical servers and networks, but some are unique to this environment and this calls for new solutions and strategies.

About : Johan Celis has over 15 years of ICT experience of which over 8 years in security. He currently works for IBM Internet Security Systems as a Security Solutions Architect for the EMEA region. In this role he manages the EMEA lab environment and ISS EBC briefings. Prior to joining IBM ISS, he worked for Symantec as a Principal Security Consultant for Western Europe. He started his career by launching one of the first ISP’s. He later joined cable operator business for UPC and its subsidiary Chello

16.35h : Keynote : Virtualization and security: what does it mean for me?
Kai Axford (CISSP, MCSE-Security) is a Senior Security Strategist in Microsoft’s Trustworthy Computing Group.

Virtualization is the Next Big Thing™, and certainly you’ve at least examined it, and probably are using several virtualized servers already. How are you handling the security of your images? How are you securing the guest and host operating systems, and the applications you’re running? Virtualization raises certain unique security requirements, and provides some interesting security capabilities, too. Join Steve Riley as he explores the interesting aspects of virtualization and security.

About : A ten-year Microsoft veteran, Kai is responsible for discussing and recommending security solutions for both private and public sector organizations. In addition, he conducts Chief Security Officer councils worldwide, taking executive feedback and affecting change within Microsoft’s security products and processes. Kai started with Microsoft in 1999 as a Server Support Engineer and then moved on to become an IT Pro Evangelist, focusing on his peers through the Microsoft TechNet Events program. Kai has delivered more than 300 security presentations on a variety of topics, including digital forensics, security management, incident response, and computer espionage. He is a frequent speaker at security conferences, executive meetings, and business seminars around the world.
Prior to Microsoft, Kai served as a leader in several real-world operations with the U.S. Army’s elite 75th Ranger Regiment.

17.50h : Panel discussion

18.20h : Closing notes
By Ulrich Seldeslachts, CEO LSEC

18.30h : Reception, Drinks & Snacks offered by LSEC and its partners. Networking

19.30h : Close of Event

A whitepaper of this event is being published. Send a note to virtualizationsecurity @ lsec.be if you wish to recieve a copy of it.