One of the biggest buzzwords in the IT industry for the past few years,
virtualization has matured into a practical requirement for many
best-practice business scenarios, becoming an invaluable tool for
security professionals at companies of every size. In addition to saving
time and other resources, virtualization affords unprecedented means for
intrusion and malware detection, prevention, recovery, and analysis.
Taking a practical approach in a growing market underserved by books,
this hands-on title is the first to combine in one place the most
important and sought-after uses of virtualization for enhanced security,
including sandboxing, disaster recovery and high availability, forensic
analysis, and honeypotting. Already gaining buzz and traction in actual
usage at an impressive rate, Gartner research indicates that
virtualization will be the most significant trend in IT infrastructure
and operations over the next four years. A recent report by IT research
firm IDC predicts the virtualization services market will grow from $5.5
billion in 2006 to $11.7 billion in 2011. With this growth in adoption,
becoming increasingly common even for small and midsize businesses,
security is becoming a much more serious concern, both in terms of how
to secure virtualization and how virtualization can serve critical
security objectives. Titles exist and are on the way to fill the need
for securing virtualization, but security professionals do not yet have
a book outlining the many security applications of virtualization that
will become increasingly important in their job requirements. This book
is the first to fill that need, covering tactics such as isolating a
virtual environment on the desktop for application testing, creating
virtualized storage solutions for immediate disaster recovery and high
availability across a network, migrating physical systems to virtual
systems for analysis, and creating complete virtual systems to entice
hackers and expose potential threats to actual production systems. About
the Technologies A sandbox is an isolated environment created to run and
test applications that might be a security risk. Recovering a
compromised system is as easy as restarting the virtual machine to
revert to the point before failure. Employing virtualization on actual
production systems, rather than just test environments, yields similar
benefits for disaster recovery and high availability. While traditional
disaster recovery methods require time-consuming reinstallation of the
operating system and applications before restoring data, backing up to a
virtual machine makes the recovery process much easier, faster, and
efficient. The virtual machine can be restored to same physical machine
or an entirely different machine if the original machine has experienced
irreparable hardware failure. Decreased downtime translates into higher
availability of the system and increased productivity in the enterprise.
Virtualization has been used for years in the field of forensic
analysis, but new tools, techniques, and automation capabilities are
making it an increasingly important tool. By means of virtualization, an
investigator can create an exact working copy of a physical computer on
another machine, including hidden or encrypted partitions, without
altering any data, allowing complete access for analysis. The
investigator can also take a live ?snapshot? to review or freeze the
target computer at any point in time, before an attacker has a chance to
cover his tracks or inflict further damage. A honeypot is a system that
looks and acts like a production environment but is actually a monitored
trap, deployed in a network with enough interesting data to attract
hackers, but created to log their activity and keep them from causing
damage to the actual production environment. A honeypot exposes new
threats, tools, and techniques used by hackers before they can attack
the real systems, which security managers patch based on the information
gathered. Before virtualization became mainstream, setting up a machine
or a whole network (a honeynet) for research purposes only was
prohibitive in both cost and time management. Virtualization makes this
technique more viable as a realistic approach for companies large and
small.
* The first book to collect a comprehensive set of all virtualization
security tools and strategies in a single volume
* Covers all major virtualization platforms, including market leader
VMware, Xen, and Microsoft?s Hyper-V virtualization platform, a new part
of Windows Server 2008 releasing in June 2008
* Breadth of coverage appeals to a wide range of security professionals,
including administrators, researchers, consultants, and forensic
http://www.amazon.com/exec/obidos/tg/detail/-/1597493058/
Download File Size:5.59 MB
|
