With more and more companies taking advantage of cloud computing for on-demand infrastructure and additional resources, penetration testers are being called upon to perform more security testing on virtualized environments. Clients may require testing for compliance standards like PCI DSS, or they may be evaluating multiple cloud providers for the most secure option. The cloud brings with it a new set of considerations for testers, as a virtual environment could house multiple tenants on the same architecture.
The first thing to decide is whether you are outsourcing pen testing to a third party or keeping it in-house with your security team. With a third party you will only need to mitigate any contract and SLA problems. Be sure to vet a third party thoroughly, asking exactly what they will test, what tools they will use, scan policies, whether they used white-box or black-box testing (in black box, the tester infiltrates without any previous knowledge of the environment, while white box is the opposite).
Either way you’ll need to know exactly what will be tested including which applications, database servers, devices including storage, and devices.
Whether you’ve been handed a mandate to consolidate your data centers, like many federal government data center managers, or you’re evaluating consolidation as an option for aging or expensive in-house data centers, the process can deliver cost savings and higher efficiency without losing the uptime and power provided by your existing infrastructure.
What most data center managers worry about—and rightly so—as they face a consolidation mandate is uptime and cost for cloud or colocation infrastructure. The employee reaction to consolidation news is also worrisome, as inevitably some jobs will be cut.
What they may not realize is that if the data center shutdown isn’t smooth and the replacement services aren’t carefully evaluated and set up, the transfer process might eliminate any consolidation ROI. Here are some best practices that will maximize the benefit of data center consolidation. But first…
A disaster recovery plan is vital for your business. Though Green House Data offers managed backup and disaster recovery with a variety of software options, administrators can also set up replication tools directly from vSphere. This blog post will be a quick overview of how to install and configure replication within your virtual environment.
The software defined data center (SDDC) is a natural evolution of virtualization, extending it beyond virtual machines on a server to virtual networks, virtual storage, and new automated management tools with similar benefits to traditional virtualization. The term was first coined by VMware CTO Steve Herrod in 2012.
In an SDCC, all physical infrastructure is treated as one resource that can be divided as needed, rather than split up by individual servers, switches, routers, hard drive, storage bays, and so on. Software and services are installed on an abstracted layer on top of data center hardware to manage virtual networks, virtualized servers, and virtual storage.
Public media in VMware vCloud is organized in catalogs. Administrators can create and organize files in catalogs for public users. In vCloud Director, media can be virtual machine and vApp templates or ISO images used as boot and installation disks. Media images stored in catalogs can be attached to vApps and mounted by virtual machines. This blog post will take a look at how to upload and use public media.
One of the questions that we are constantly asked is “How do I migrate my existing machines to the cloud?” Several vendors have answered this question by developing software solutions to aid in this process, but they can be very costly and complicated to implement. Fortunately, there is a simple and free method that has been adopted by practically all virtualization platforms: OVF.
As a busy sysadmin, finding the time to package up and transfer a virtual machine can be difficult enough, so the last thing you want is for the import to fail. Below are some best practices to avoid the most common issues we see when exporting OVF files.
As the holiday season approaches, is your web infrastructure prepared to handle increased traffic? Can your back office systems accommodate a sudden increase in web transactions? Will your IT team be on call and ready to respond if they need to quickly bring additional servers online?
Seasonal spikes in web traffic are the reality for many industries including online retail. Businesses that aren’t prepared can be left scrambling to quickly setup new servers or, even worse, experience a website crash creating dissatisfied customers and lost revenue.
In this interview with Cortney Thompson, Green House Data Vice President of Operations, you’ll learn how to prepare your business for seasonal fluctuations in web traffic.
You’ve likely heard of “shadow IT” or BYOD (bring your own device). Both terms refer to employees using private devices or software at the workplace—think iPads for work, or Google Drive to share files in a department. These practices may not be sanctioned by the IT department, but they improve productivity and save provisioning costs. However, they come with the risk of security breaches or other issues, causing IT headaches. By implementing an official BYOD policy and deploying hybrid cloud tools, companies can eliminate shadow IT and empower employees at the same time.
By now, you’re probably using some form of cloud storage. People generally think about storing their current files in the cloud to access remotely or collaborate with others. Whether it’s Dropbox or Google Drive for personal use or logging into your company server for work, storing files remotely is becoming more commonplace everyday.
However, storing older files in the cloud is also wise. Many enterprises use a form of cloud backup, or Backup as a Service in some cases. Others may need to archive old data for compliance standards or other reasons. The cloud can help these companies remain flexible as they store data, adding resources as necessary; as well as meet compliance, easily manage data, and avoid in-house expenditure. Cloud backup and cloud archiving are very similar—after all, they both store files in the cloud to access later if something goes awry—but they have several key differences.
One vital managed service for Green House Data virtualization deployments is taking steps to ensure the security of your critical data. Although our data center compliance standards attest to our security management protocols, additional steps are necessary to secure data within a vSphere environment. One of our most popular services is therefore the security hardening and audit.