We all know that IT security and operations is becoming a more challenging and untenable problem day by day – see “Top 10 Reasons Your Security Program Sucks and Why You Can’t Do Anything About it” – The reality is that we continue to build on top of inherently insecure and fundamentally weak foundations, such as the operating systems and routing infrastructures that power much of the global economy.
We need an alternative to the current computing paradigms that all organizations struggle with.
It is under pressure…
- Increasingly hostile and sophisticated threat environment
- Regulatory compliance pressures
- Evolving business and technology demands
- Supporting complex and distributed computing environments
- Decreasing IT budgets
The operating system is the root of all evil…
- Environments are becoming more complex, more distributed and increasingly overwhelmed with security threats and regulatory compliance pressures
- IT has more tools deployed then ever in history creating a massive management burden
- All security and management technologies rely on the integrity of the operating system
- The majority of operating systems are inherently insecure
- Operational failures and compromise render traditional tools useless
Figure #1: the total suck that is systems and security tools running within the context of the OS
Security and systems management must be abstracted from the context of the operating system…
- Virtual Management Agent (VMA) is a locked-down secure environment isolated from the operating system
- VMA is not impacted by the compromise or operational failure of the guest operating system
- VMA provides out of band management independent of operational state of the OS
- VMA has full visibility and control over operating system and tools running within the OS context
- VMA can quickly re-image, lock, pause, or change the state and context of the guest images (OS)
- VMA has visibility and control over ingress/egress traffic to/from the guest images (OS)
Figure #2: The path to enlightened systems and security management of end user computing devices
It looks simple on paper, but there are many issues with management, isolation, dealing with distributed computing environments, and of course the details of PC vs Server hypervisors, etc…all of which we will address in the coming days with a series of post on how to own the OS.
The Bottom line: the current state of Information security is a never ending game of continuously reacting and responding to new threats, operational failures, and crappy products. The ability to abstract security and systems management away from the operating system will revolutionize the method and efficiencies of IT management.