© cloud security alliance, 2015 csa virtualization working group saif chaudhry, principal architect
TRANSCRIPT
© Cloud Security Alliance, 2015
CSA Virtualization Working Group
Saif Chaudhry, Principal Architect
© Cloud Security Alliance, 2015
Agenda•Background
• What is coming fresh
from the oven…?
• What is on the near
horizon...?
• What we need…?
• Round Table
• Q&A
Background – Motivation…
• The impact of Software Define Data Centers (SDDC)
…Compute, Storage and Network
•Network and Security Services Now in the Hypervisor
• Security issues with SDDC advancements specifically
in networking merit additional focused research
Background – Past Deliverables…
Publishedo April 2015
Co-ChairsKapil Raina, ZscalerKelvin Ng , Nanyang PolytechnicYao Sing , Tao , IDA Singapore
ContributorsAbhik Chaudhuri , Tata Consultancy ServicesHeberto Ferrer , HyTrustHemma Prafullchandra, HyTrustJ D Sherry , CavirinKelvin Ng , Nanyang PolytechnicXiaoyu, Ge, HuaweiYao Sing , Tao , IDA SingaporeYiak Por , Heng , Nanyang Polytechnic
CSA Global StaffFrank Guanco , Research AnalystVictor Chin , Research Analyst
Link to paper
• Paper focusing on Network Functions
Virtualization (NFV)
•How adopting NFV infrastructure will
affect your risk profile?
•How dynamic aspect of NFV will affect
your overall security framework?
• To provide a security framework which
covers technical and non-technical
controls pertaining to NFV security.
What is coming fresh
from the oven…?
• Targeting CSA APAC Congress (Dec 1st) Publishing Date• Date: 1 – 3 December• Venue: Guangzhou, China• Link
• Co-Chairs• Kapil Raina, HyTrust• Saif Chaudhry, Trend Micro
• Volunteer Experts• Aleksandar Milenkoski, University of
Würzburg• Bernd Jaeger, Colt Technology Services• Mason Harris, Cisco Systems• Sivadon Chaisiri, University of Waikato• Wenmao Liu, NSFocus• Veronica David, HCL Comnet
• CSA Global Staff• Victor Chin , Research Analyst
What is coming fresh
from the oven…?
Detailed implementation blueprints
/ Practitioner guide to compliment
Network Functions Virtualization
(NFV) paper.
What is on
the near
horizon...
?
• Your participation
• Share your experiences and
provide feedback to the upcoming
NFV paper in November 2015
• Feel free to volunteer to write
components of the upcoming
paper
• This is an industry led effort and
should reflect a range of input
What we
need…?
• CSA Virtualization Working Group
Standardization Efforts
• CSA and Singapore NB launched a study
period in virtualization security in ISO/IEC
JTC 1 SC 27
• Conclusion of study period in October SC
27 meeting in Jaipur, India
• Looking for interested participants in
developing international standards for
virtualization security
Other
Work
For more information about the Virtualization Working Group, contact Victor at [email protected]
??? ?© Cloud Security Alliance, 2015
© Cloud Security Alliance, 2015
Thank You!