The Truths and Myths of Virtualisation Security

Starts: Thursday 25 November 2010, 3:15PM

Finishes: Thursday 25 November 2010, 5:30PM

Venue: Uni Pub, Level 3, Uni Pub, 17 London Circuit, Canberra

Topic: The Truths and Myths of Virtualisation Security

This talk covers current understanding of virtualisation security. It focuses on VMware although the topics discussed apply to any virtualisation platform vendor. John will discuss:

  • the areas of risk, the attack surface, and uncover some myths,
  • discuss architecture and design concepts, and
  • management and operations of virtualised infrastructure,
  • propose what proactive steps should be taken and dangers to be aware of,
  • emphasise the importance of monitoring and continual assessment in the dynamic world of virtualisation, and
  • finally the presentation will discuss the implementation of virtualisation security compliance in the context of directives like the ISM.

Presenter: John Reeman

John Reeman has been involved in IT Security for the last 18 Years.

Graduating in 1991 with a BSc in Software Engineering, he went to work for Integralis in the UK and then after 18 months working in their support team he decided life was to short and embarked on an adventurous world tour visiting 13 countries. During his travels he visited a number of countries, including Australia where he helped a company that went on to be known as Content Technologies which produced one of the worlds leading e-mail gateway content solutions, namely MAILsweeper. This technology was very widely deployed in Canberra 10 years ago. On returning to the UK John worked as a consultant for a number of companies before establishing his own company, Nebulas Solutions Group in 2001. For the last 9 years he has been responsible for the technical strategy and vision of Nebulas and has been at the forefront of research into virtualisation security. He is also a contributing author to the Centre of Internet Security (CIS) benchmarks for VMware ESX 3.x hardening guidelines as well as developing his own technology in the form of VMinformer which is a security assessment tool for virtual environments. John has recently migrated to Australia and has established VMinformer's APAC presence in his Sydney office. Whenever John gets a free moment he likes cycling, swimming and learning to ripstick with his 3 children!