Virtualization and Security
|
|
- Junior Walters
- 6 years ago
- Views:
Transcription
1 Virtualization and Security Steve Riley Senior Security Strategist Microsoft Trustworthy Computing 1
2 2 New!
3 Evolution Usage scenarios 1. One OS, one app, one human using hardware resources 2. One OS, multiple apps, one human sharing hardware resources 3. One OS, multiple apps, multiple humans sharing hardware resources 4. Multiple OSes, multiple apps, multiple humans sharing hardware resources Trust boundaries 1. None 2. Applications 3. Users 4. Operating systems 3
4 Enforcing trust boundaries Emulation Controlled access to a privileged state Single OS attacker can access hardware Multiple OSes must keep attacker away from hardware This is one function of the virtual machine monitor 4
5 5 Virtualization Review
6 Hosted virtualization Application Application Application Application Application Application Application Application Application Application Application Application Operating System Operating System Operating System Hardware 6
7 Virtual PC 2007/Server 2005 Host Guests Provided by: Virtual Server WebApp IIS Virtual Server Service Ring 3: User Mode Guest Applications Ring 1: Guest Kernel Mode Windows Virtualization ISV Provides resources VM Additions Windows (NT4, 2000, 2003) Windows Server 2003 or Windows XP Kernel Device Drivers Ring 0: Kernel Mode VMM Kernel Same privilege level Server Hardware 7
8 Hypervisor virtualization: hardware Application Application Application Application Application Application Application Application Application Application Application Application Operating System Operating System Operating System Hypervisor Hardware 8
9 Hypervisor virtualization: services Application Application Application Application Application Application Application Application Application Application Application Application Operating System System Services Operating System System Operating System Services Kernel Operating System Hypervisor Hardware 9
10 Hypervisor design options Monolithic Microkernelized VM 1 (Admin) Hypervisor VM 2 VM 3 VM 1 ( Parent ) Virtualization Stack Drivers Drivers VM 2 ( Child ) Drivers Drivers VM 3 ( Child ) Drivers Drivers Drivers Drivers Hypervisor Hardware Hardware Simpler Cheaper Use existing drivers 10
11 Windows Hyper-V virtualization Root Virtualization Stack WMI Provider VM Service Partition VM Worker Processes Child Partitions Ring 3: User ModeManages guest partitions Handles intercepts Guest Applications Emulates devices (Most traditional hypervisor functions) Provided by: Windows Virtualization ISV Server Core Windows Kernel Device Drivers Virtualization Service Providers (VSPs) Virtualization Service Clients Enforces partition as isolation boundary (VSCs) Most virtualization functions moved out Enlightenments No device drivers Well-defined interface for creating guest OSes VMBus Ring 0: Kernel Mode OS Kernel Ring -1 Windows hypervisor Server Hardware 11
12 12 Virtualization For Security
13 Things I hope you will do Sandboxing High availability and disaster recovery Forensic analysis of virtualized attackers Honeypotting 13
14 14
15 15
16 16
17 17?
18 18 0day
19 19
20 20
21 21!
22 22 Here's a thought
23 23 Here's a controversial thought
24 24 Virtualization Security
25 Common VM security myths I only have to patch my host OS or kernel. If I protect my host machine, it will protect my VMs..VHD files are secure by default. If I expose one virtual machine, I have to expose all virtual machines and the host. All virtual machines can see each other. 25
26 26 Before virtualization
27 27 After virtualization
28 Virtualization attacks Root Partition Virtualization Stack Ring 3: User Mode Guest Partitions Provided by: Windows WMI Provider VM Service VM Worker Processes Guest Applications Virtualization ISV Attackers Server Core Windows Kernel Device Drivers Virtualization Service Providers (VSPs) Virtualization Service Clients (VSCs) VMBus OS Kernel Enlightenments Ring 0: Kernel Mode Windows hypervisor Server Hardware 28
29 Security assumptions Root Trusted by guests Trusted by hypervisor All modes All rings All segments? Guests Don t trust each other Trust root All modes All rings All segments 1.04 Hypercalls Documented Available Attempted Hypervisor Trusts root 29
30 Security goals and fortifications Root Guest Guest Guest Hypervisor 30
31 Security non-goals Root Guest Guest Guest Hypervisor 31
32 Hypervisor security Stack canaries (/GX) NoExecute (NX) Code pages marked read-only Limited exception handling Digitally signed SDL Threat modeling Static analysis Fuzz testing Penetration testing 32
33 Hypervisor security Memory protection Mapping of physical memory to partition memory Can supersede R/W/X guest page table access rights I/O protection HV enforces parent policy for guest access to I/O v.1: guests have no access HV interface Parent sets policy for guess access to hypercalls, instructions v.1: guests have no access to privileged instructions 33
34 Hypervisor security Integrates with AzMan Department- and role-based administration Segregate who can manage groups of VMs Definable functions: Start, stop, create, add hardware, change image None require server or domain admin Shared resources are protected ISO disk images always read-only Write functions invoke copy (differencing disks) 34
35 Hyperjacking Get a Nigerian mortgage for your body part! Root Guest Guest Guest Hyper-jackor Hypervisor Hyper-jackor 35
36 Should you worry? Malware must start from host or root Is there malware on my system? 100% certain: no malware that I can detect >100% certain: there is no malware at all So nothing new here, move along 36
37 37 Deployment Considerations
38 38?
39 System Center Virtual Machine Manager Root Guest Guest Guest ManageNet Hypervisor 39
40 40
41 Patching a virtual machine Use snapshot or backup features to create working copy of operating system Start copy in an isolated test environment Test patches and updates Create snapshot of live system Apply patches and updates to live system Use snapshot for disaster recovery in case of failure Update backup image 41
42 Keep trust levels similar = 42
43 Thanks very much! Steve Riley Senior Security Strategist Microsoft Trustworthy Computing 43
44 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Windows Server Discussion with BCIU. Kevin Sullivan Management TSP US Education
Windows Server 2008 Discussion with BCIU Kevin Sullivan Management TSP US Education Kevin.sullivan@microsoft.com 1 Web Internet Information Services 7.0 Powerful Web Application and Services Platform Manage
More informationW11 Hyper-V security. Jesper Krogh.
W11 Hyper-V security Jesper Krogh jesper_krogh@dell.com Jesper Krogh Speaker intro Senior Solution architect at Dell Responsible for Microsoft offerings and solutions within Denmark Specialities witin:
More informationThe Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36
The Challenges of X86 Hardware Virtualization GCC- Virtualization: Rajeev Wankar 36 The Challenges of X86 Hardware Virtualization X86 operating systems are designed to run directly on the bare-metal hardware,
More informationHyper-V Deployment and Best Practices. Satyen Pradhan Premier Field Engineer Microsoft (Malaysia)
Hyper-V Deployment and Best Practices Satyen Pradhan Premier Field Engineer satyenp@microsoft.com Microsoft (Malaysia) Session Objectives Hyper-V Benefits Server consolidation Utilization Business Continuity
More informationDr. K. Y. Srinivasan. Jason Goldschmidt. Technical Lead NetApp Principal Architect Microsoft Corp.
Dr. K. Y. Srinivasan Principal Architect Microsoft Corp kys@microsoft.com Jason Goldschmidt Technical Lead NetApp jgoldsch@netapp.com ! Support FreeBSD running as a guest on Hyper-V! Collaboration between
More informationHypervisor security. Evgeny Yakovlev, DEFCON NN, 2017
Hypervisor security Evgeny Yakovlev, DEFCON NN, 2017 whoami Low-level development in C and C++ on x86 UEFI, virtualization, security Jetico, Kaspersky Lab QEMU/KVM developer at Virtuozzo 2 Agenda Why hypervisor
More informationSERVE. -Priyal Lokhandwala
SERVE VIRTUALIZ -Priyal Lokhandwala Contents: 1) Virtualization- an overview 2) Server Virtualization 3) VM ware 4) Hyper V 5) Server Deployment virtualization is a broad term that refers to the abstraction
More information4.1. Virtualization. Virtualization provides the following benefits:
4.1. Virtualization Virtualization is using software to emulate one or more physical computers on a single platform. You should be familiar with the following types of virtualization: Server virtualization
More informationVirtual Machine Security
Virtual Machine Security CSE443 - Spring 2012 Introduction to Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ 1 Operating System Quandary Q: What is the primary goal
More informationBetter Security with Virtual Machines
Better Security with Virtual Machines VMware Security Seminar Cambridge, 2006 Agenda VMware Evolution Virtual machine Server architecture Virtual infrastructure Looking forward VMware s security vision
More informationCOMP6511A: Large-Scale Distributed Systems. Windows Azure. Lin Gu. Hong Kong University of Science and Technology Spring, 2014
COMP6511A: Large-Scale Distributed Systems Windows Azure Lin Gu Hong Kong University of Science and Technology Spring, 2014 Cloud Systems Infrastructure as a (IaaS): basic compute and storage resources
More informationVirtualization (II) SPD Course 17/03/2010 Massimo Coppola
Virtualization (II) SPD Course 17/03/2010 Massimo Coppola The players The Hypervisor (HV) implements the virtual machine emulation to run a Guest OS Provides resources and functionalities to the Guest
More informationVirtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.
Virtual Machines Part 2: starting 19 years ago Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved. Operating Systems In Depth IX 2 Copyright 2018 Thomas W. Doeppner.
More informationPasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP
Pasiruoškite ateičiai: modernus duomenų centras Laurynas Dovydaitis Microsoft Azure MVP 2016-05-17 Tension drives change The datacenter today Traditional datacenter Tight coupling between infrastructure
More informationSpring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand
Introduction to Virtual Machines Nima Honarmand Virtual Machines & Hypervisors Virtual Machine: an abstraction of a complete compute environment through the combined virtualization of the processor, memory,
More informationSystem Center Virtual Machine Manager. Overblik Demo. Roadmap
System Center Virtual Machine Manager Overblik Demo Roadmap System Center Macro Trends Virtualization acceleration Large Datacenter build outs Current Indicators #1 CIO priority in 2008 (up from #17) Companies
More informationCompromise-as-a-Service
ERNW GmbH Carl-Bosch-Str. 4 D- 69115 Heidelberg 5/29/14 Compromise-as-a-Service Our PleAZURE Felix Wilhelm, Matthias Luft & Enno Rey {fwilhelm, mluft, erey}@ernw.de 5/29/14 ERNW GmbH Carl-Bosch-Str. 4
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of
More informationIntroduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017
Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 3.1: OS Security Basics of secure design Endadul Hoque Slide Acknowledgment Contents are based on slides from Ninghui Li (Purdue), John Mitchell (Stanford), Dan Boneh (Stanford)
More informationPrashant Kumar Program Manager Microsoft Session Code:
dpminfo@microsoft.com Prashant Kumar Program Manager Microsoft Session Code: Agenda Introduction to Microsoft System Center Data Protection Manager (DPM) 2007 Deep dive Demo How does DPM do efficient protection?
More informationConfigure dynamic memory. Configure smart paging. Configure Resource Metering. Configure guest integration services. Configure remotefx
Chapter 9 Use Virtualization in Windows Server 2012 THE FOLLOWING 70-410 EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER: Create and configure virtual machine settings Configure dynamic memory Configure smart
More informationOperating System Security
Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.
More informationMicrosoft SDL 한국마이크로소프트보안프로그램매니저김홍석부장. Security Development Lifecycle and Building Secure Applications
Release Conception Microsoft SDL Security Development Lifecycle and Building Secure Applications KRnet 2010 2010. 6. 22. 한국마이크로소프트보안프로그램매니저김홍석부장 Hongseok.Kim@microsoft.com Agenda Applications under Attack
More informationOperating system hardening
Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
More informationVirtualization And High Availability. Howard Chow Microsoft MVP
Virtualization And High Availability Howard Chow Microsoft MVP Session Objectives And Agenda Virtualization and High Availability Types of high availability enabled by virtualization Enabling a highly
More informationCSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
More informationUsing a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles
Safety & Security for the Connected World Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles 16 th June 2015 Mark Pitchford, Technical Manager, EMEA Today
More informationCS 571 Operating Systems. Final Review. Angelos Stavrou, George Mason University
CS 571 Operating Systems Final Review Angelos Stavrou, George Mason University Mechanics 2 4:30pm 7:00pm, Monday, Dec 14th, in Innovation Hall, room 223 Same style of questions as the midterm I m not asking
More informationVirtualization. Virtualization
Virtualization Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Storage virtualization Logical view of disks connected to a machine
More informationSecuring your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More informationMicrosoft System Center Virtual Machine Manager Microsoft
Microsoft System Center Virtual Machine Manager 2007 Microsoft Objectives And Agenda Virtualization Background What is System Virtualization? Introduction to System Center Virtual Machine Manager Key Scenarios
More informationOS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
More informationCS 550 Operating Systems Spring Introduction to Virtual Machines
CS 550 Operating Systems Spring 2018 Introduction to Virtual Machines 1 How to share a physical computer Operating systems allows multiple processes/applications to run simultaneously Via process/memory
More informationCSE Computer Security
CSE 543 - Computer Security Lecture 25 - Virtual machine security December 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Implementation and Results Experimental Platform Exact specification
More informationOperating Systems 4/27/2015
Virtualization inside the OS Operating Systems 24. Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Storage virtualization Logical view
More informationVirtualization. Pradipta De
Virtualization Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Virtualization Basics System Virtualization Techniques CSE506: Ext Filesystem 2 Virtualization? A virtual machine (VM) is an emulation
More informationVirtualization. Michael Tsai 2018/4/16
Virtualization Michael Tsai 2018/4/16 What is virtualization? Let s first look at a video from VMware http://www.vmware.com/tw/products/vsphere.html Problems? Low utilization Different needs DNS DHCP Web
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationCOMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy
COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:
More information6.033 Spring Lecture #6. Monolithic kernels vs. Microkernels Virtual Machines spring 2018 Katrina LaCurts
6.033 Spring 2018 Lecture #6 Monolithic kernels vs. Microkernels Virtual Machines 1 operating systems enforce modularity on a single machine using virtualization in order to enforce modularity + build
More informationCSC 5930/9010 Cloud S & P: Virtualization
CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network
More informationDistributed Systems COMP 212. Lecture 18 Othon Michail
Distributed Systems COMP 212 Lecture 18 Othon Michail Virtualisation & Cloud Computing 2/27 Protection rings It s all about protection rings in modern processors Hardware mechanism to protect data and
More informationIntegrate Microsoft Hyper-V Server
Integrate Microsoft Hyper-V Server EventTracker Enterprise Publication Date: Jul. 20, 2016 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com About this Guide This guide will facilitate
More informationCyber Essentials Questionnaire Guidance
Cyber Essentials Questionnaire Guidance Introduction This document has been produced to help companies write a response to each of the questions and therefore provide a good commentary for the controls
More informationVirtual machines (e.g., VMware)
Case studies : Introduction to operating systems principles Abstraction Management of shared resources Indirection Concurrency Atomicity Protection Naming Security Reliability Scheduling Fairness Performance
More informationModule 1: Virtualization. Types of Interfaces
Module 1: Virtualization Virtualization: extend or replace an existing interface to mimic the behavior of another system. Introduced in 1970s: run legacy software on newer mainframe hardware Handle platform
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationNo Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017
No Country for Old Security Compliance in the Cloud Joel Sloss, CDSA Board of Directors May 2017 Emerging Threats Specific/sequential targeting Effective reconnaissance Practiced tool usage Sophisticated
More informationIntel Virtualization Technology Roadmap and VT-d Support in Xen
Intel Virtualization Technology Roadmap and VT-d Support in Xen Jun Nakajima Intel Open Source Technology Center Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationCS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives
CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives Virtual Machines Resource Virtualization Separating the abstract view of computing resources from the implementation of these resources
More informationOPERATING SYSTEMS Chapter 13 Virtual Machines. CS3502 Spring 2017
OPERATING SYSTEMS Chapter 13 Virtual Machines CS3502 Spring 2017 Virtual Machines Allow you to run a Guest Operating System on top of a Host Operating System VMware (for most systems) Microsoft Virtual
More informationSecurity Architecture
Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many applications, running on separate machines We need
More informationVirtualization and memory hierarchy
Virtualization and memory hierarchy Computer Architecture J. Daniel García Sánchez (coordinator) David Expósito Singh Francisco Javier García Blas ARCOS Group Computer Science and Engineering Department
More informationAgenda. Future Sessions: Azure VMs, Backup/DR Strategies, Azure Networking, Storage, How to move
Onur Dogruoz Agenda Provide an introduction to Azure Infrastructure as a Service (IaaS) Walk through the Azure portal Help you understand role-based access control Engage in an overview of the calculator
More informationCprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University
Virtualization Dr. Yong Guan Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University Outline for Today s Talk Introduction Virtualization Technology Applications
More informationCS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II
CS-580K/480K Advanced Topics in Cloud Computing VM Virtualization II 1 How to Build a Virtual Machine? 2 How to Run a Program Compiling Source Program Loading Instruction Instruction Instruction Instruction
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationProject management - integrated into Outlook
Project management - integrated into Outlook InLoox PM 6.x update to InLoox PM 7.x An InLoox Whitepaper Published: October 2012 Copyright: 2012 InLoox GmbH. You can find up-to-date information at http://www.inloox.com
More informationSecurity Enhancements
OVERVIEW Security Enhancements February 9, 2009 Abstract This paper provides an introduction to the security enhancements in Microsoft Windows 7. Built upon the security foundations of Windows Vista, Windows
More informationSUSE Linux Enterprise Server: Supported Virtualization Technologies
Technical White Paper Enterprise Linux SUSE Linux Enterprise Server: Supported Virtualization Technologies Table of Contents page Comprehensive Virtualization Support Overview... 2 Upgrade Guidelines...4
More informationAchieving high availability for Hyper-V
At a glance: Consolidating servers using Hyper-V Ensuring high availability of virtual machines Setting up a Windows Server 2008 failover cluster Achieving high availability for Hyper-V Steven Ekren Server
More informationCS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University
Frequently asked questions from the previous class survey CS 370: OPERATING SYSTEMS [VIRTUALIZATION] Shrideep Pallickara Computer Science Colorado State University Difference between physical and logical
More informationAgenda. This Session: Azure Networking Basics, On-prem connectivity options DEMO Create VNET/Gateway Cost-estimation for VNET/Gateways
Onur Dogruoz Agenda Previous Sessions: Introduction to Azure Infrastructure as a Service (IaaS), Azure portal, role-based access control (RBAC), calculator overview VM Types, Azure Hybrid Use Benefits(AHUB),
More informationHyper-V Top performance and capacity tips
Hyper-V Top performance and capacity tips Introduction This paper discusses the changes in Windows/Hyper-V 2012 and what that means from the perspective of the business and managing the capacity. It will
More informationCircle IT: Microsoft Update 2016
Circle IT: Microsoft Update 2016 Microsoft Infrastructure Technologies Pritam Pabla Technology Solutions Specialist Hybrid Cloud v-pritap@microsoft.com Agenda Windows Server 2016 New Features & Enhancements
More informationScalable Architectural Support for Trusted Software
Scalable Architectural Support for Trusted Software David Champagne and Ruby B. Lee Princeton University Secure Processor Design 11/02/2017 Dimitrios Skarlatos Motivation Apps handle sensitive/secret information
More informationCOS 318: Operating Systems
COS 318: Operating Systems OS Structures and System Calls Prof. Margaret Martonosi Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall11/cos318/ Outline Protection
More informationMulti-Aspect Profiling of Kernel Rootkit Behavior
Multi-Aspect Profiling of Kernel Rootkit Behavior Ryan Riley, Xuxian Jiang, Dongyan Xu Purdue University, North Carolina State University EuroSys 2009 Nürnberg, Germany Rootkits Stealthy malware Hide attacker
More information1 Virtualization Recap
1 Virtualization Recap 2 Recap 1 What is the user part of an ISA? What is the system part of an ISA? What functionality do they provide? 3 Recap 2 Application Programs Libraries Operating System Arrows?
More informationVirtual Appliance Deployment Guide
Virtual Appliance Deployment Guide Quick Start Guide Quick Deployment Guide Quick Start Guide Winfrasoft Virtual Appliance Deployment Guide for VMware and Hyper-V Published: December 2014 Applies to: Winfrasoft
More informationCreating a Practical Security Architecture Based on sel4
Creating a Practical Security Architecture Based on sel4 Xinming (Simon) Ou University of South Florida (many slides borrowed/adapted from my student Daniel Wang) 1 Questions for sel4 Community Is there
More informationSymantec Reference Architecture for Business Critical Virtualization
Symantec Reference Architecture for Business Critical Virtualization David Troutt Senior Principal Program Manager 11/6/2012 Symantec Reference Architecture 1 Mission Critical Applications Virtualization
More informationKarthik Bharathy Program Manager, SQL Server Microsoft
Karthik Bharathy Program Manager, SQL Server Microsoft Key Session takeaways Understand the many views of SQL Server Look at hardening SQL Server At the network level At the access level At the data level
More informationConfinement. Steven M. Bellovin November 1,
Confinement Steven M. Bellovin November 1, 2016 1 Security Architecture We ve been looking at how particular applications are secured We need to secure not just a few particular applications, but many
More informationGavin Payne Senior Consultant.
Gavin Payne Senior Consultant gavin@coeo.com Getting Started with SQL Server and Virtualisation Designing successful virtual database environments Monitoring a virtual database environments Summary The
More informationDeploying Windows 10
Deploying Windows 10 Deploying Windows 10 Michael Niehaus Course Agenda Introducing Windows as a Service Deploying Windows 10 Staying Current with Windows as a Service Managing Windows 10 with System Center
More informationUsing Virtualization to Improve Security. Jay Judkowitz Product Manager, ESX Server VMware, Inc.
Using Virtualization to Improve Security Jay Judkowitz Product Manager, ESX Server VMware, Inc. This presentation may contain VMware confidential information. Copyright 2005 VMware, Inc. All rights reserved.
More informationCS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:
CS 470 Spring 2018 Mike Lam, Professor Virtualization and Cloud Computing Content taken from the following: A. Silberschatz, P. B. Galvin, and G. Gagne. Operating System Concepts, 9 th Edition (Chapter
More informationModule 2a. Part 1 Deploying Microsoft Lync Server 2010
Module 2a Part 1 Deploying Microsoft Lync Server 2010 Deploying Lync Server 2010 Jump Start Day 1: Deploy & Configure Module 1: Features & Architecture Module 2a: Deploying Lync Server 2010 Part 1 Module
More informationCHAPTER 16 - VIRTUAL MACHINES
CHAPTER 16 - VIRTUAL MACHINES 1 OBJECTIVES Explore history and benefits of virtual machines. Discuss the various virtual machine technologies. Describe the methods used to implement virtualization. Show
More informationTowards Application Security on Untrusted Operating Systems
Towards Application Security on Untrusted Operating Systems Dan R. K. Ports MIT CSAIL & VMware Tal Garfinkel VMware Motivation Many applications handle sensitive data financial, medical, insurance, military...
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationVirtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University
Virtual Machines Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Today's Topics History and benefits of virtual machines Virtual machine technologies
More informationThis video is part of the Microsoft Virtual Academy.
This video is part of the Microsoft Virtual Academy. 1 In this session we re going to talk about building for the private cloud using the Microsoft deployment toolkit 2012, my name s Mike Niehaus, I m
More informationVirtual Machines. Part 1: 54 years ago. Operating Systems In Depth VIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.
Virtual Machines Part 1: 54 years ago Operating Systems In Depth VIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved. It s 1964 The Beatles appear on the Ed Sullivan show IBM wants a multiuser
More informationThe vsphere 6.0 Advantages Over Hyper- V
The Advantages Over Hyper- V The most trusted and complete virtualization platform SDDC Competitive Marketing 2015 Q2 VMware.com/go/PartnerCompete 2015 VMware Inc. All rights reserved. v3b The Most Trusted
More informationVirtualization Introduction
Virtualization Introduction Simon COTER Principal Product Manager Oracle VM & VirtualBox simon.coter@oracle.com https://blogs.oracle.com/scoter November 21 st, 2016 Safe Harbor Statement The following
More informationHardening with Hardware
Hardening with Hardware How Windows is using hardware to improve security David dwizzzle Weston Device Security Group Manager Microsoft, Windows and Devices is not a security boundary Security boundaries
More informationName : Bobby Davasia Title : Technology Specialist Company : Microsoft India
Name : Bobby Davasia Title : Technology Specialist Company : Microsoft India Session Objectives And Takeaways Get Overview of Security Compliance Management Toolkit Series Learn Easy Security Baseline
More informationAddress new markets with new services
Address new markets with new services Programs Deployment Options On-premises Private Cloud Pre-configured Private Cloud Hosted Private Cloud Hyper-V Cloud Deployment Guides Hyper-V Cloud Fast Track Hyper-V
More informationXen and the Art of Virtualization
Xen and the Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield Presented by Thomas DuBuisson Outline Motivation
More informationServices in the Virtualization Plane. Andrew Warfield Adjunct Professor, UBC Technical Director, Citrix Systems
Services in the Virtualization Plane Andrew Warfield Adjunct Professor, UBC Technical Director, Citrix Systems The Virtualization Plane Applications Applications OS Physical Machine 20ms 20ms in in the
More informationVMware Mirage Getting Started Guide
Mirage 5.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,
More informationAMD Pacifica Virtualization Technology
AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica Tutorial 2 Virtual Machine Approaches Carve a Server into Many Virtual Machines Hosted Virtualization Hypervisor-based
More informationImplementing and Supporting Windows Intune
Implementing and Supporting Windows Intune Module 3: Computer Administration by Using Windows Intune Module Overview Understanding Groups Creating and Populating Groups The Windows Intune Update Process
More informationLearning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels
Learning Outcomes Extended OS An appreciation that the abstract interface to the system can be at different levels. Virtual machine monitors (VMMs) provide a lowlevel interface An understanding of trap
More informationOriginally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison
Virtualization Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison I. Introduction to Virtualization II. Virtual liances III. Benefits to Virtualization IV. Example
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More information