Archive for September 2011

Trend Addresses Cloud Security Concerns   Leave a comment

John Lister from Trend Micro spoke at the September 2011 Rochester VMWare user group meeting.   IDC says the number one concern for cloud is security. ESG Research found security was the fourth biggest blocker to cloud adoption.  Gartner rates security as the number one concern.

Inter-m attacks uses named pipes to attack vm on same host. This has been going on for over 2 years with confiker. It gains access to one VM through a vulnerability and then uses that to hit the other VMs.

To answer these concerns vmware made vShield available in August 2010. vShield sees all inbound and outbound traffic going to each vm so it can be monitored and controlled.  It might be an unpatched vm that was just turned on- doesn’t matter because vshield protects it.

The Trend Deep Security add-on will additionally look at each vm up through the application layer and make remediation recommendations and protection. It also does pattern file distribution for each agentless vm. In the lab they have 250 vm per host because agentless is better on performance. 

Trend Deep Security is at the common criteria level 3 plus certification, soon to be 4 – which means it is a high security product.

Trend Deep Security performs integrity monitoring for detection of unauthorized changes. When something changes it emails an alert. All agentless (vsphere 5). It also provides deep packet inspection for ids ips and log inspection.

Trend performed a case study for an Airline. The airline ran out of data center space so they moved apps to Amazon AWS. They used the Trend Ssecure Cloud product. As a result, all the data is encrypted all the time. The connection keys continually change and decrypting is done on the fly.

I am going to find out more information about the Trend Secure Cloud Product for a future blog entry.


About the Author:

Kevin Gilbert is the Technology Manager with SIGMA Marketing and holds several certifications including CISSP, SSCP, Security +, NISMA, VCP, MCSE, and more.

Posted September 23, 2011 by cloudbusterspodcast in Uncategorized

VMWARE and F5   Leave a comment

F5 spoke at the September Rochester Vmware User Group meeting about F5’s virtual application accelerator that runs inside the vmware vfabric. F5 does more then just load balancing. They are the Gartner Golden Quadrant leader for application acceleration.

 If your web servers are overloaded vcenter can be made to launch additional web servers. Nothing new there. But then vcenter automatically adds those servers to the F5 pool. Completely hands off. When activity slows down, F5 automatically tares down that extra capacity.

 With VMWARE’s Site Revocery Manager (SRV) using global traffic manager (GTM) will do a health check on the web servers. If it fails the health check, GTM will redirect the traffic to the fail over site automatically. It will even take care of DNS for you.

F5’s LTM virtual edition can be downloaded for a 90 day trial. Lab version restricts to 10mb aggregate traffic. There is a free vcenter plugin that works with physical and virtual versions of LTM.

F5 has a hot plug chassis solution for cloud providers. It works with multiple tenancy scenarios where each client can have identical ip addresses without conflict.

Cloud bursting is ability to ramp up to the cloud when busy. Content is served from your data center and when busy, global traffic manager pulls in web instances that are identical to help with the load. It can power up and down cloud resources as needed.

 F5 supports long distance vmotion via wan optimization. The optimization is encrypted for security. The acceleration can make vmotion 3 to 4 times faster. After a long distance vmotion you have to deal with a DNS change, right? Not with GTM. GTM handles the dns change to the second site for you. F5 uses a vmotion isession tunnel to move your VM from one site to the other. San replication makes vmotion faster but is not necessary because it will do a storage vmotion. There is no distance limitation. One client has a vm follow the sun around the world every day.

Whether you are balancing multiple data centers or balancing cloud and your own data center, F5 can make the connections easier and better.

About the Author:

Kevin Gilbert is the Technology Manager with SIGMA Marketing and holds several certifications including CISSP, SSCP, Security +, and NISM.

Posted September 21, 2011 by cloudbusterspodcast in Uncategorized

Going Viral AND Staying Viral   Leave a comment

Friday, March 11, 2011 is a day that will live forever in Internet history.  On that day, the Comedy Central blog dedicated to the show Tosh.0 posted a video for the song “Friday”, by 13-year-old Rebecca Black, as part of a post called “Songwriting Isn’t For Everyone”.  I won’t be taking shots at young Ms. Black’s performance –many on the Internet have – but the song, as written, is awful.  At one point, the lyrics slowly explain the order of the days of the week.  A big conflict in the song is whether the singer will be sitting in the front or the back seat of the car.
In the four days following the Comedy Central blog post, more than six million people viewed the Rebecca Black video on YouTube. As of this writing, there are almost 120 million views. Several cover versions, remixes, parodies, and copycat performances have been released. The song has been released to iTunes, to great success.
“Friday” has become the latest in a long line of things on the Internet to “go viral”. That term for rapidly-growing, short-term, word-of-mouth marketing, coined in the mid-90s and popularized by a Fast Company magazine article in 1996, has been used to describe several quick-flashing fads, from  the infamous Double Rainbow videos, to Charlie Sheen’s Twitter account,  to Larry Platt’s famous “Pants On The Ground” American Idol audition. Most of these have been very short-lived and quickly forgotten.
I have personal experience with going viral.  I created a Facebook page in February 2010, during the Winter Olympics, in tribute to the colorful trousers worn by The Norwegian Olympic Curling Team. Within a week, over a ½ million “Likes” were registered on the page, which peaked at about 660,000 fans during the Olympic Closing ceremonies.  Click-through traffic from my page crushed the manufacturer of the pants.  Curling clubs around the world were packed with fans wanting to learn how to curl, many of whom where only fans of the pants previously.
After that, the fans started to go away, and I struggled with retaining as many fans as possible and sustaining the site.  I was successful.  As of 15 March 2011, I still have 598,896 “Likes”. I know by statistics that people are still interacting with my new posts, and are still following links.  I have a link on the page, provided by Loudmouth Golf (the makers of the pants), which drives traffic to their site (and generates quite modest revenue for USA Curling’s Katie Beck Memorial Fund for junior curling).  A 90% retention rate over a year is good for a business, and fantastic for something viral.
How can you retain your viral customers, as I have?
Stay As Close To On-Topic As Possible, Without Sounding Like a Broken Record. Your customers came to you because you offered something that was entertaining in a different way, or because something you offered was attractive to them.  Don’t abandon that attractive component; rather, expand on the subject, while offering something new.  In my case, I followed Loudmouth Golf’s pants and the Norwegian curling team post-Olympics. 
Be Persistent. If you aren’t offering new content, people will move on.  This rule applies not only for viral content, but any published content in general. My times of greatest loss have come when I have not posted for more than a week.
Don’t Try To Duplicate Your Success. You got lucky once by being yourself.  Don’t try to catch the same lightning in a different bottle.  You will miss and it will tarnish what you did with your original content.
Don’t Sweat the Haters and the Bandwagoners If you have gone viral, there will be a backlash.  There are people who are going to get sick of you.  And they will tell you this, in no uncertain terms.  In some cases, they will tell you in truly vile terms.  And there are people who will just leave, and not come back.  Those are not your customers.  Put a positive spin on their comments if you possibly can, but do not chase them down to recover them. 
Broaden Your Audience By Using Other Avenues I am amazed to still find people who never had any idea about my little Facebook page.  I’ve used a 2nd Facebook page to drive some traffic to this one; I have also used my Twitter account and my curling blog to bring new people into the conversation.  If you’ve got something viral you are trying to sustain, don’t be afraid to reach out and tell people about it. Use other methods to reach this audience. This new audience will help drive the conversation further, in directions you never saw possible.
Going viral can be a very good thing for your brand.  How you react in the aftermath will determine if it remains an asset or become a liability.
Tony D’Orazio is a Systems Administrator and member of the Cloud Busters Pod Cast.

Posted September 16, 2011 by cloudbusterspodcast in Uncategorized

Avoiding a Vendor Security Breach   Leave a comment



Sound familiar? Someone outside of your vendor gained unauthorized access to their IT systems and stole a large number of names and email addresses.   The event sends shockwaves across the industry as news organizations report the breach for several days. CNN reports the scope of this breach is huge. Now, you are questioning the security of your vendors. If this hasn’t already happened to you, it most likely will. In this article, I will highlight some of the protections you should look for when selecting a vendor.  In future articles, I’ll dive deeper into each of these topics.


(1)    Does the vendor have an industry certification?  A SAS70, for example,  is presented by a third party auditor as evidence that the vendor has IT processes and has evidence that they are following those processes.


(2)    Does the vendor have a security administrator? At a minimum, the vendor’s security administrator should be a current Certified Information Systems Security Professional (CISSP).


(3)    Is the vendor subject to third party penetration tests? A third party should perform a penetration test against the vendor and produce a report of its findings. The penetration testing should be performed on a regular basis.


(4)    Does the vendor have security governance? There should be evidence that the leaders of the organization are participating in the direction the organization’s security efforts.


(5)    Does the vendor have an Incident Response Plan? The organization must plan in advance what they will do during a security incident, and it must perform regular drills against that plan. The plan should include investigation, forensics, evidence chain of custody, and more.


(6)    Does the vendor have proper access controls? A vendor’s employee should be required to have permission from the data owner in order to access data.


(7)    Is the vendor prepared for Business Continuity and Disaster Recovery? The vendor should have a plan and should perform drills against the plan. They should have well defined backup policies and secure media handling procedures.


(8)    Does the vendor have Risk Management Procedures? On a regular basis, the Information Technology should be analyzed for risk. High risk issues should be tracked until resolved.


(9)    Does the vendor practice Change Control? When a change is proposed, it should follow a procedure that includes a review, risk analysis, exit strategy planning, and more.


(10)Does the vendor have good physical security? The physical security should have layered defenses that can record activities (such as a door badge system and security cameras) for auditing purposes.


(11) Does the vendor have good logical security? Your data should be protected by firewalls and intrusion prevention systems that are monitored and maintained.


(12)Does the vendor properly use cryptography? Web sites containing confidential information should be protected by SSL. Data and reports should not be emailed unless the file is encrypted.


(13)Does the vendor provide security awareness education? The vendor employees should be required to participate in regularly scheduled security awareness education events.



About the Author:

Kevin Gilbert is the Technology Manager with SIGMA Marketing and holds several certifications including CISSP, SSCP, Security +, and NISM.

Posted September 14, 2011 by cloudbusterspodcast in Uncategorized

Social Media Fund Raising   Leave a comment

Social Media has matured into a powerful venue. No one understands this better then Pete Werner, owner of Dreams Unlimited Travel, host of the Dis Unplugged Podcast, and owner of WDWInfo.  Pete has turned thousands of his social media fans toward a charity: Give Kids the World. Give Kids The World works with organizations such as the Make-A-Wish foundation to provide children with life-threatening illnesses a magical vacation to Disney World. Pete’s goal is to raise one million dollars for the organization. “We are [demonstrating] the power of the internet in raising money for good causes,” Pete explains.


To get started, Pete created a website that serves as the hub of the fund raising activities. He made sure the site had no visible connection to his business. Next, he hit his social media network and handed out the challenge. Organizer Dave Parfitt explained, “The fundraiser is really all about leveraging the power of social media to raise money for Give Kids The World.” Using a concept called crowdsourcing, the power of 10 asks that each person find 10 people who are willing to donate $10. In addition, he has asked his network to develop creative fund raising activities. Like the incredible social marketer that Pete is, his message has been blasted out through podcasts, online forums, websites, e-newsletters, facebook, twitter, and more.


Pete has taken the social elements that brought him success with Disney and has brought them to fund raising. The Power of 10 is accessible through Facebook, twitter, blogs, forums, and ebay fundraising auctions.  Other sites have jumped aboard, including wdwnotjustforkids, disneygeek, Sorcerer Radio Network, Michael Jackson Fan Community, and others.  Aljon Go, Sorcerer Radio station manager says, “We started mentioning The Power of 10 campaign on-air as well as on-line in February and will step up our efforts by producing these spots to further promote this worthwhile cause.” Fans have responded by posting, tweeting, blogging, holding concerts and running fund raising parties.


Pete is realistic and knows it could take a long time to raise one million dollars, especially during a recovering economy. Therefore, he hasn’t set a time limit on the goal. “We’ve set no time limit on this goal – whether it takes 6 months or 2 years doesn’t matter.” The success is building. User Zendisney reported “I made a post on FaceBook about the Power of 10 campaign and within 30 minutes of the post already I have someone who is going to write a check!” After the first 3 months, Dave Parfitt reported $12,000 had been raised for the cause.


For more information about the Power of Ten, you can visit .


Posted September 12, 2011 by cloudbusterspodcast in Uncategorized

Security Groups Best Practices   Leave a comment

Security Groups are like firewalls in Amazon AWS. Servers (known as instances) are added to a group. The group defines which inbound ports are permitted. If one uses the Virtual Private Cloud (VPC) option one can specify outbound ports as well.

There are countless ways to group instances into security groups. For example, one might put all the instances related to a project into one group. Or one could make an individual group for each instance. Identical instances (perhaps they are load balanced) could go in the same group. Or instances could be grouped by their common function such as placing all web servers in one group.

If you were creating a best practice for the use of security groups, how would you use them?

Posted September 10, 2011 by cloudbusterspodcast in Uncategorized

Welcome to Cloud Busters Pod Cast   Leave a comment

Welcome to the Cloud Busters Pod Cast’s Blog. We don’t have any content yet, but check back soon and we’ll have some thrilling and exciting things to share.

Posted September 1, 2011 by cloudbusterspodcast in Uncategorized